IT Security Operations Lead

River East Transcona School Division is the second-largest division in Manitoba with approximately 18,600 students in 42 schools staffed by nearly 3,500 team members. We are a dynamic, caring, and innovative school division with committed, talented staff who are dedicated to creating student success.

When you join our team, you are helping to provide students with the education, guidance, and services they need to learn and progress to the fullest extent possible. We offer competitive pay and benefits, attractive hours, and a workplace culture that is forward-looking, innovative, and service-oriented.

Job Summary:

The IT Security Operations Lead plays a crucial role in the organization’s security operations, safeguarding systems, networks, and data from internal and external threats. Reporting to the Network and Security Support Manager, this role focuses on implementing security measures, detecting, investigating, and responding to incidents, as well as supporting security technologies and integrations. The position requires a blend of strong technical expertise, analytical thinking, problem-solving skills and effective communication.

Duties and Responsibilities:

• Identify and assess cyber threats, attack techniques, and investigate suspicious activities using threat intelligence and detection sources.
• Respond to security incidents, conduct root cause analysis, and recommend preventive measures.
• Collaborate with IT teams to strengthen security across applications, data, identity and access management, networks, and systems, adhering to configuration hardening standards.
• Automate security processes using scripting (Python, PowerShell, KQL, etc.).
• Assist in researching, planning, implementing and enhancing new and existing security tools.
• Prioritize patching based on criticality and work with IT teams to mitigate vulnerabilities.
• Maintain and enhance logging, monitoring, and alerting tools and configurations.
• Develop and maintain security reports and historical metrics.
• Document security configuration, inventory, procedures, end-user and IT processes.
• Support cybersecurity awareness programs through online and in-person training.
• Assist with phishing simulations, security drills and tabletop exercises.
• Resolve IT tickets and threat detection alerts, escalating as needed for resolution.
• Work with third-party vendors on issue resolution, enhancements, and project implementation.

Qualifications, Skills and Abilities:

Qualifications

• College Diploma in a technology subject area.
• Minimum of five years of experience in enterprise IT
• CompTIA Security+ certification.
• Minimum of two years of experience as a technology or security administrator
• Experience with Microsoft or similar enterprise security technologies.
• Experience with Cisco security technologies would be an asset
• Microsoft Azure, ISC2 or ISACA security related certificates would be an asset
• Upon hire, external applicants must supply a Criminal Record with Vulnerable Sector Search, and a cleared Child Abuse Registry Check, as conditions of employment.

Skills and abilities

• Experience with Microsoft Active Directory, Entra ID, Entra Privileged Identity Management, and Defender XDR, including Identity, Endpoint, Office 365, and Data Loss Prevention.
• Proficiency in Kusto query language (KQL) and scripting languages, including PowerShell, Python, Bash, and jq, for log parsing and process automation.
• Familiarity with IDS/IPS, firewalls, network segmentation and network monitoring tools.
• Strong understanding of Open Systems Interconnection (OSI) model, functions and protocols.
• Understanding of cyber adversaries' tactics, techniques and related frameworks.
• Knowledge of security configuration hardening techniques and related standards.
• Highly observant with the ability to detect anomalies, and unusual patterns in logs and alerts.
• Strong analytical and troubleshooting skills to investigate complex security incidents, identify root causes, and mitigate threats effectively.
• Deep understanding of cybersecurity ethics and a commitment to protecting sensitive data while adhering to best practices.
• Ability to collaborate with cross-functional IT teams to implement security measures, troubleshoot issues, conduct assessments and provide guidance.
• Strong verbal, written, and presentation skills for engaging diverse employee groups.
• Ability to create user friendly documentation for all employee groups inclusive of IT.
• Adaptability and a continuous learning mindset to keep up with evolving cyber threats, tools, and technologies.
• Ability to foster a positive, respectful, and healthy work environment that promotes team collaboration and well-being.
• Strong organizational skills to manage tasks efficiently and meet deadlines

Physical Demands and Working Conditions:

Physical demands:

• Sitting or standing for extended periods of time
• Hand-held telephone receiver may require repetitive arm-stretching and elbow-bending action
• Extensive use of computer mouse and keyboard
• Prolonged periods of viewing computer monitor
• Lifting and carrying up to 20 lbs. may be required

Working conditions:

Exposure to noise and frequent interruptions with conflicting demands and deadlines

Confidentiality:

Demonstrated professionalism and respect for privacy in dealing with sensitive and confidential organizational, employee and student data and information.

The above statements reflect the general duties considered necessary to describe the principal functions of the position identified and shall not be construed as a detailed description of all work requirements that may be inherent to the position.

Deadline for applications: Open Until Filled

Salary range: $88,968 to $104,727 per annum

External candidates must apply online through Job Connect.

Please visit our website at www.retsd.mb.ca – Careers.

Internal candidates must apply online through Employee Connect > Job Tab.

Mail or Email applications will not be accepted.

Consideration for this position is not necessarily limited to those who apply.

Candidates are responsible for providing a clear and accurate resume that demonstrates how they meet the qualifications outlined in the notice of job opportunity.

We thank all applicants, however only those selected for an interview will be contacted.