Chief Information Security Officer

Benefits

Additional Information

At the University of Waterloo, we create and promote a culture where everyone can reach their full potential. As an employee, you get support & opportunities that empower you to advance your career. Explore how we can bring big ideas to life, together. The University is a welcoming workplace for those of all abilities, interests, and expertise. As part of our workforce, you can do what you do best, every day. Learn more about our recruitment process. Job Requisition ID: 2026-00590 Time Type: Full time Employee Group: Staff Job Category: IT Security Employment Type: Permanent Department: Information Systems and Technology Hiring Range: $157,251.41 - $196,564.26 Posting Information: This posting is for an existing vacancy. The internal posting deadline for this position is Thursday, May 7, 2026 at 11:59PM. Job Description: Primary Purpose The Chief Information Security Officer (CISO) is the University's senior cybersecurity leader, responsible for enterprise-wide cyber strategy, risk management, and incident preparedness. The role oversees core information security services-including monitoring, vulnerability management, log management, and identity and access management-ensuring they evolve with institutional priorities and the threat landscape. The CISO leads incident response, policy alignment, and campus-wide risk governance while advising senior leadership and representing the University provincially and nationally. Key Accountabilities Strategic Leadership Establishes the direction and priorities for the Information Security Services group Serves as an integral member of both IST's Senior Leadership and Management Teams Participates in the development of the long-term vision and planning for IT both in IST and across campus Develops the Information Security Services group's annual plans and priorities and is a key contributor to the creation and execution on strategic planning for both IST and IT on campus. People & Resource Management Ensures the effective utilization, deployment, and development of human and capital resources Oversees hiring and overall management of the Information Security Services group. Deploys staff to meet the goals and objectives of the Information Security Services group most appropriately. Coaches, trains, and develops employees to enable their professional development. Reviews and approves ongoing information security expenses. Approves annual performance plans and conducts regular reviews with direct reports. IT Leadership Collaboration Works with the CIO, IST Senior Leaders to intake IT requests, develop strategy, assess emerging technologies, and maintain tactical roadmaps. Intake requests for new IT initiatives and ongoing support from the campus community. Lead IT strategy development across the University aligned to the institution's strategic plan. Assesses emerging technologies and implement technology solutions to drive innovation. Conduct yearly reviews and implement tactical roadmaps to sustain the IT annual and strategic plans. Support a collaborative and coordinated model of IT governance, including with IT representatives in the faculties, the VP Administration and Finance and the Provost's office, senior management, and Associate Deans of Computing or equivalent, where applicable. Work with peer institutions and both participate in, and identify new opportunities for IT alliances, in conjunction with Canadian and international groups and alliances. Cybersecurity Monitoring and Incident Response (Cyber Operations) Accountable for the development and maintenance of the University's cybersecurity incident response procedure. Leads the response to cybersecurity incidents, coordinating relevant stakeholders in an emergency situation to protect the university's network and digital assets, and escalating to senior management as appropriate. Maintains enterprise central log management systems and implements techniques for the detection and response to malicious activity and unauthorized access. Administers the University's cyber vulnerability management program. Shares and receives threat intelligence with/from other institutions, government agencies, and law enforcement to strengthen cybersecurity posture of higher education in Canada. Further participates as the university's key representative in various Ontario and Canada-wide committees related to cybersecurity in both higher education and in the broader public sector. Identity and Access Management (IAM) Establishes institutional identity and access management principles and standards Responsible for the development, maintenance, and operation of the University's identity management system (WatIAM) and designated access management systems (Grouper, 2FA, Shibboleth). Ensures integration with systems of record and target information systems and technology infrastructure. Ensures appropriate delegation of administration of campus identities. Oversees and manages processes and tracking of access requests to

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at uwaterloo? Share your experience