Information Security Specialist

Date Posted: 02/23/2026
Req ID: 47036
Faculty/Division: UofT Scarborough
Department: UTSC:Info & Instructional Tech Services
Campus: University of Toronto Scarborough (UTSC)
Existing Vacancy: Yes

Description:

ABOUT US:

The University of Toronto Scarborough is a place of energy, enthusiasm and passion. Our commitment to inclusive excellence attracts the brightest learners, scholars and employees from around the globe. Our success has been made possible by the opportunity given to us by Indigenous hosts to operate on their territory, and we cherish our continuing partnerships with these communities. The University of Toronto Scarborough is an exciting campus with unlimited potential. Join us on our journey.

Information & Instructional Technology Services (IITS) provides the technological vision and leadership for the development and implementation of information systems, processes, and associated technology to support the University of Toronto Scarborough Campus' academic mission and administrative operation. IITS works closely with faculty, staff, and student groups to provide timely, top-quality service and technological solutions across the University of Toronto Scarborough community. Discover a campus filled with energy, culture and world changing ideas and facilities. A place where diversity fuels innovation.

This search aligns with the University's commitment to strategically and proactively promote diversity among our community members (Statement on Equity, Diversity & Excellence). Recognizing that Black, Indigenous, and other Racialized communities have experienced inequities that have developed historically and are ongoing, we strongly welcome and encourage candidates from those communities to apply.

YOUR OPPORTUNITY:

Reporting to the Information Security Program Manager, this position will deploy information security platforms designed to protect data and systems, prevent unauthorized access, and respond effectively to potential threats. This role requires a collaborative security champion who partners across IT teams and other departments to embed proactive security practices into all daily operations and new projects. They will leverage expert-level knowledge of security tools to optimize the protection and resilience of IITS services for the UTSC community.

The specialist is responsible for the configuration, maintenance, and tuning of security tools – including SIEM, EDR, Firewall, vulnerability scanner, and intrusion prevention/detection systems – to ensure proactive threat detection and mitigation. The specialist will monitor security alerts and dashboards, respond to suspicious activities, and optimize system effectiveness for timely and accurate threat detection.

With high-level authorization to the University's computer systems, the specialist will perform information security investigations; security assessments; and, in situations where systems or applications have been breached either internally or through external attacks, incident response activities. The specialist will be responsible for gathering required forensic data in collaboration with relevant teams in instances of employee-related breaches and misconduct, and of potential IT related criminal activity partnering with relevant UTSC departments, such as Campus Police, central ITS, external auditors, and/or work in consultation with Human Resources and Labor Relations as required.

QUALIFICATIONS REQUIRED:

EDUCATION:

• University degree in Computer Science, Engineering or equivalent combination of education and experience. CISSP and other security certifications are a strong asset.

EXPERIENCE:

• Minimum 7 years of Information Security experience in a heterogeneous environment, with a broad range of platforms and technologies, including at least 2 years working with Information Security as a significant focus of activity.
• Minimum 3 years of progressive experience in creating, implementing, and maintaining Information Security risks management programs.
• Excellent understanding of security tools and technologies such as Firewalls, IDS/IPS, SIEM/SOAR, EDR/XDR platforms etc. used to protect on-premises and cloud environments. Previous experience of implementation and management of such security tools is a strong asset.
• Expert proficiency in security frameworks and foundational networking/OS security (Zero Trust concepts, TCP/IP, VPNs, Windows/Linux/Unix hardening).
• Experience auditing systems for compliance (PCI-DSS, NIST Cybersecurity Framework, or NIST SP 800 series controls, etc.).
• Experience drafting information security standards and guidelines, assessing risk management, and determining controls.
• Experience administering and securing large-scale server fleets (Linux/Unit), databases (SQL Server, MySQL), and virtualized environments.
• Experience with scripting (Python, Bash) to automate security tasks. Extensive experience Leveraging network and security analysis tools for deep packet inspection, forensic analysis, and advanced troubleshooting.
• Experience in selecting, configuring, and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).

SKILLS:

• Able to think strategically about change and new solutions.
• Excellent oral and written communication and presentation skills.
• Strong analytical and problem-solving skills.
• Strong planning and organization skills, with the ability to prioritize and reprioritize work as required.
• Adept at quickly learning, understanding, and applying new technologies and process frameworks, and at conducting research to continually improve processes and solutions.
• Excellent conflict resolution skills with strong ability to exercise judgement, tact, discretion, and determination.

OTHER:

The incumbent must possess broad IT acumen, including demonstrated knowledge across the IT landscape (networking, databases, application development, and related institutional technologies such as instructional, AV, and teaching technologies). This role requires both organizational diplomacy & confidentiality, demanding a proven ability to navigate complex professional and political environments, exercise sound judgment regarding issue escalation, and strictly maintain the highest levels of data confidentiality. Furthermore, the specialist must be capable of mentorship and leadership, proven by the ability to lead and guide technical team members across various skill levels while maintaining composure and effectiveness with diverse constituents across the institution. Finally, the ability and willingness to learn new systems, technologies, and project management methods and tools is necessary for success.

Closing Date: 03/15/2026,11:59PM ET
Employee Group: Salaried 
Personnel Subarea:PM
Appointment Type: Budget - Continuing 
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 3 -- Hiring Zone: $93,592 - $109,190 -- Broadband Salary Range: $93,592 - $155,985
Job Category: Information Technology (IT)