Manager, IT Security

Do you believe in the power of ideas, possibility, and in building community?

 

Alberta University of the Arts (AUArts) is looking for an collaborative and innovative Manager, IT Security who will play a pivotal role in managing the institution's IT security, aligning with AUArts’ mission, values, and strategic priorities. This position is responsible for developing, maintaining, and enhancing the General Information Technology Controls (GITC) framework, ensuring that security measures integrate seamlessly with academic and operational goals.

 

The Alberta University of the Arts is one of only four major art, craft and design focused Universities in Canada. Our internationally recognized programs and state-of-the-art facilities offer our 1,100 students a hands-on, studio-based education that leads to a Bachelor of Fine Arts, a Bachelor of Design, and an MFA in Craft Media. AUArts has deep roots in Calgary’s creative community and our alumni have had an impact on creativity around the world. Alberta University of the Arts will be celebrating its centennial in 2026.

 

This is a full-time permanent position starting January 2025. Hours of work are 35 hours per week, 7 hours per day. 

 

Why AUArts?

 

AUArts is a community of thinkers, shapers, makers, and risk takers. We are students, faculty, staff, and alumni rich in diversity of culture and thought, challenged to fearlessly explore what moves us, drives us, and implores us to see the world differently.

 

Alberta University of the Arts (AUArts) is situated on the ancestral land of the Siksikaitsitapi - Blackfoot Confederacy which includes the Siksika, Kainai, Piikani Nations and the shared territories of the Tsuut’ina Nation as well as the Iyarhe Nakoda-Stoney which includes Bearspaw, Chiniki, Good Stoney Nations and also the home of the Métis Nation of District 5 and 6. The City of Calgary has long been called Moh’kins’tsis by the Siksikaitsitapi, Guts’ists’i by the Tsuut’ina, and Wîchîspa by the Nakoda.

 

The Opportunity:

 

Competition #2425-DE-MP-15

 

Reporting to the Chief Information Officer, the Manager, IT Security will lead regular security audits, testing, and the development of robust incident response plans, while working closely with university stakeholders to foster a secure yet flexible technology environment. Emphasis is placed on balancing security with the institution’s collaborative and creative culture, ensuring an end-user experience that prioritizes service excellence and a security-conscious community.

 

As a member of the leadership team, the incumbent is responsible for integrating and enhancing equity, diversity, inclusion and belonging within the team while coaching, developing, mentoring, and supporting members to facilitate positive contributions among IT Services, other staff, students, and the broader university environment. 

 

Key Responsibilities:

 

Security Leadership and Program Management

• Develop and enhance the security program through strategic planning, aligning security initiatives with institutional goals, and ensuring adaptability to new technologies and emerging threats.
• Manage and update the General Information Technology Controls (GITC) framework, ensuring it aligns with the latest compliance needs. Delegate tasks as necessary to maintain the framework effectively.
• Conduct risk assessments periodically, especially when new systems or projects are introduced. Develop and implement risk mitigation strategies and ensure that identified risks are continuously managed.
• Create, update, and enforce IT security policies. Ensure compliance with relevant data protection regulations, including PIPEDA, GDPR, and industry standards. Collaborate with legal teams to oversee the legal aspects of IT security.
• Oversee the strategic development of IT security architecture. Guide decisions on security technologies, ensuring they remain adaptable to new threats and innovations.
• Manage the IT security budget with strategic oversight, revisiting it during budget cycles and as new security investments are proposed.
• Manage team members, providing strategic and operational direction to standards, performance and goals to optimize support services across the organization within a service leadership model.

 

Operational Activities

• Plan and conduct security audits, vulnerability assessments, and penetration testing on a scheduled basis (e.g., quarterly or annually). Ensure thorough preparation, coordination, and reporting, addressing any identified vulnerabilities.
• Develop and maintain incident response plans, ensuring preparedness for security breaches. Regularly conduct drills, update response plans, and lead post-incident analysis for continuous improvement.
• Monitor systems continuously for potential threats, intrusions, and vulnerabilities using advanced detection tools. Proactively address risks to minimize damage.
• Stay updated on the latest security trends, emerging threats, and new technologies by attending conferences, reviewing industry reports, and networking with security professionals.
• Develop and maintain business continuity and disaster recovery plans. Ensure the institution can recover quickly from security incidents with minimal disruption to operations.

 

Collaboration, Communication and Training

• Prioritize end-user experience in all security initiatives, ensuring that security measures are accessible, balanced with ease of use, and operational efficiency.
• Evaluate, select, and manage relationships with third-party vendors, ensuring their security practices align with AUArts’ standards. Oversee the security of outsourced systems and services.
• Liaise with stakeholders across the institution to integrate security best practices into new and existing systems. Ensure collaboration with departments, faculty, and staff to support institutional projects.
• Develop and deliver security awareness programs for faculty, staff, and students, fostering a culture of proactive cybersecurity across the AUArts community.
• Thoroughly document security incidents and response efforts. Prepare and present detailed reports to leadership, ensuring transparency and accountability for future planning.

 

Qualifications:

 

The following qualifications have been determined to promote likelihood of success in the role. In alignment with the principles of inclusion, individuals with an alternative equivalent qualification may be considered.

 

Mandatory

• Degree or diploma in Information Technology, Cybersecurity, Computer Science, or a related field; relevant certifications (e.g., CISSP, CISM, CEH) preferred.
• Minimum of 5 years of experience in IT security, with demonstrated ability to manage General IT Controls, security testing, audits, and response plans.
• Proven experience in incident response, risk management, and compliance with legal and regulatory frameworks.
• Strong business acumen and emotional intelligence, with the ability to balance technical security measures with user experience and institutional goals.
• Experience working in a service-oriented capacity, with a demonstrated commitment to supporting a positive end-user experience.
• Knowledge of security frameworks such as NIST, GDPR, PIPEDA, and other relevant standards.
• Excellent communication and interpersonal skills, with the ability to engage and educate non-technical stakeholders effectively.

 

Preferential

• Demonstrated leadership and team management skills, with the ability to mentor and guide IT staff and collaborate across departments.
• Familiarity with emerging security technologies, threat detection tools, and industry trends to ensure proactive security measures.
• Proven project management skills, with experience in delivering IT security initiatives on time and within budget.
• Strong analytical and problem-solving skills, with the ability to quickly assess security risks and devise appropriate responses.

 

Competencies:

 

AUArts has established five common competencies to promote unity of vision and action in the organization.  Responsibilities of leaders include the following: 

 

Healthy Spaces 

• Create and maintain a respectful working environment. 
• Lead by example creating respectful dialogue standards. 
• Champion expectations related to physical and mental health, safety, and wellness. 

 

Active Inclusion 

• Create and maintain an environment of active inclusion. 
• Lead by example implementing equity, diversity, inclusion, and accessibility principles. 
• Champion Indigenous strategies, equity, diversity and inclusion programs, policies, and communications. 

 

Creative Innovation 

• Evaluate current practices and propose innovative solutions. 
• Lead implementation of projects with a change management focus.  
• Champion change and actively support new initiatives. 

 

Collaborative Practice 

• Create and maintain active collaboration within and between teams. 
• Lead by example cultivating effective communication throughout the organization.  
• Cultivate strong relationships with internal stakeholders. 

 

Strategic Leadership 

• Create and implement operational plans, reviews, and projects.  

• Ensure policy, budgetary and legislative compliance within department. 
• Champion employee engagement by establishing and expanding best practices, employee development and continuous learning. 

 

What We Offer:

 

• Comprehensive benefits package including pension and health spending account
• Annual vacation accrual starting at 24 days, 9 Flex days, Personal days, and other types of leave
• Paid time off over the University closure from December 24 – 31
• Flexible / hybrid work arrangements

 

The starting annual salary will be dependent upon skills, education and experience.

 

How to Apply:

 

Applications must be submitted as a single PDF document and include:

• Cover Letter

• Curriculum Vitae / Resume

 

Candidates will be required to create an account to submit an application. Please visit our Application FAQ's page to ensure your application is complete prior to submission. Please upload your single document to the “Resume” section.

 

The deadline to apply is January 19, 2025. While we thank all candidates for their interest, only applicants selected for an interview will be contacted. Further information about AUArts is available on our website at www.auarts.ca.

 

AUArts is an equal opportunity employer and is strongly committed to fostering inclusion and belonging within our community.

 

We welcome applicants who have demonstrated a commitment to upholding the values of equity, diversity and inclusion and recognize that diverse perspectives, experiences, and expertise are essential to strengthening our academic mission. We encourage applications from members of groups that have been historically disadvantaged and marginalized, including First Nations, Metis and Inuit peoples, Indigenous peoples of North America, racialized persons, persons with disabilities, those who identify as women and/or 2SLGBTQ+.

 

We recognize the legitimate and potential impact that career interruptions (maternity leaves, leave due to illness) can have on a candidate’s record of research achievement. Applicants are encouraged to identify in their application the impact that career interruptions may have had on their record of practice and achievement; this will be taken into consideration during the assessment process.

 

We are committed to making our recruitment, assessment, and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities. If you require any accommodations at any point during the application and hiring process, please contact hr@auarts.ca. All requests for accommodation will be treated confidentially

Please note that all qualified candidates are encouraged to apply; however, applications from Canadians and permanent residents will be given priority. All successful candidates must demonstrate that they are legally entitled to work in Canada.

 

The collection of personal information is for the purpose of determining eligibility and suitability for employment as authorized by the Freedom of Information and Protection of Privacy (FOIP) Act, section 33(c). If you have any questions about the collection of your information, please contact our FOIP Coordinator at foip@auarts.ca.