Share this Job
Job Title Senior Information Security Analyst
Posting Id 577
Department Corporate and Financial Services
Division Information Technology
Job Grade Admin Grade 07 
Rate of Pay $108,567.00 - $125,930.00 Annual
Job Type Full Time
Replacement/New Position          New Hire
Posting Type Internal and External
Posting Date 01/04/2021
Application Deadline 01/12/2021


Position Summary

The Senior Information Security Analyst will oversee the City of Richmond Hill's information security program and will be responsible for leading information security projects and initiatives to ensure the program aligns with industry standards. The Senior Information Security Analyst will lead / conduct information security assessments and will provide guidance and consultation to City project teams and business units to identify, assess and mitigate information security risks.

Key Duties and Responsibilities

  • Directly supervise and lead a team of internal and external security professionals in day to day initiatives and projects. The team will support the IT Division, project teams and business units in information security activities as a subject matter expert (SME) related to the ongoing operations, management and best practices of the existing and new City of Richmond Hill's security controls.
  • Developing and driving information security strategies, as well as developing and maintaining a documented framework of continuously up-to-date information security policies, standards and guidelines. Oversee the approval, publication and adoption of these information security policies and practices. A key component as well is managing the IT Security Awareness Training Program to help empower the City of Richmond Hill staff with knowledge and tools and ensure that staff are well versed with how to do their part in protecting company assets as well as helping to develop a risk awareness culture.

Duties and Responsibilities Cont'd (if applicable)

  • Developing and supporting the information security risk management practice and related activities including leading / conducting security risk assessments (internal projects, hosted services and city's partners), managing the identified risks throughout their entire life cycle, provide clear risk mitigation recommendations, track follow-up activities and update the risk management methodologies as needed.
  • Establish security metrics and provide regular reporting on the current status of the information security program to senior business leaders, information security committee and technical staff.
  • Reviews information Security incidents and leads investigation activities as required.

Education and Experience

  • Bachelor’s Degree in Computer Science, Information Systems or other related field or equivalent work experience
  • CISSP/GSEC/Security+ , CISA/CISM
  • 5 - 7 Years
  • IT security work experience with a broad range of exposure to systems analysis, application development, systems administration including experience designing and implementing security solutions

Required Skills/Knowledge

  • Experience in security standards such as ISO 27001, 27002, 27005; NIST, ITIL.
  • Extensive knowledge of security technology and risk assessment methodologies, policies and processes.
  • Experience implementing or assessing security in a cloud hosted environments.
  • Knowledge and expertise in the following areas:
    • Web Application Security,
    • Network Security Tools,
    • Encryption Technologies and Concepts,
    • Information Security Incident, Response Management,
    • Security Incident and Event Management (SIEM) systems,
    • Vulnerabilty and Penetration Testing Tools
  • Ability to manage and prioritize responsibilities
  • Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from board members to technical specialists.
  • Experience executing a business blueprint and documenting business requirements.
  • Development of project documentation, training materials, requirements gathering and project management methodology experience required.  

Leadership Competencies

  • Builds people and culture
  • Cultivates open communication
  • Demonstrates personal leadership
  • Navigates and leads through complexity and change
  • Shapes the future


The City of Richmond Hill is committed to inclusive, barrier-free recruitment and selection processes. If contacted to participate in the recruitment and selection process, please advise Human Resources if you require an accommodation.