Systems and Security Administrator

Job Title: Systems and Security Administrator

Location: Toronto, ON

Estimated Duration: Fulltime

Opportunity:
Our client is an interdisciplinary laboratory, focusing on research, development, and high-level strategic policy and legal engagement at the intersection of information and communication technologies, human rights, and global security.
 
They use a “mixed methods” approach to research combining practices from political science, law, computer science, and area studies. Their research includes: investigating digital espionage against civil society, documenting Internet filtering and other technologies and practices that impact freedom of expression online, analyzing privacy, security, and information controls of popular applications, and examining transparency and accountability mechanisms relevant to the relationship between corporations and state agencies regarding personal data and other surveillance activities.
 
Under the general direction of the Director and reporting directly to the Administrative Director, the System and Security Administrator manages the security support needs of our client, carrying out a range of information technology-related responsibilities.
 
The System and Security Administrator is the primary network administrator for our client. The incumbent will manage and oversee the use of all information technology; design UNIX and Linux network infrastructure; develop, maintain, and monitor network security policies; ensure all workstations and related components are kept operationally effective and secure; oversee administration and security of on-site and off-site servers, websites and web servers; provide training in computer security tools and practices to staff; and collaborate on IT purchases by providing recommendations, cost estimates and tracking expenses.
 
The incumbent enumerates and classifies all digital assets to identify those with internal information confidentiality, or availability requirements as per processes and procedures from the unit and department. Participates in the planning component of projects. The incumbent must monitor and enforce information security policies to ensure all research data is properly secured as per research ethics protocol requirements as determined by the Research Ethics Board. The incumbent stays up to date with knowledge of developments with complex software, hardware, and technical tradecraft in a rapidly changing technical and research environment. The incumbent will monitor all network infrastructure and devices for security issues, and provide monthly security reports. The incumbent acts as a resource to others on technology related issues, problems and information.
 
Candidate responsibilities will include:

• Overseeing the daily operations of networks and systems administration; overseeing security and administration of all information technology
• Monitoring the performance and integrity of servers, executing, implementing, maintaining and tracking effectiveness of security measures for computing and network devices and introducing changes as required
• Analyzing and monitoring vendor service and performance
• Researching, analyzing and recommending solutions to project challenges
• Keeping well-informed with knowledge of developments with complex systems, and network and security tradecraft, in a rapidly changing technical and research environment
• Training staff on new system features, computer security tools and practices
• Advocating for and recommending changes to technical and information policy with senior management as needed.
• Collaborating on cost estimates; obtaining quotations and issuing purchase orders within established limits
• Serving as a resource to a group or on a function; delegating tasks to IT support staff when appropriate
• Exercising duties with utmost ethical considerations and professional confidence

 
Qualifications:
 
Essential Qualifications:

• Bachelor’s Degree in computer science or engineering, or an acceptable equivalent combination of education and experience
• Minimum of 4 years experience in administration and troubleshooting of network and system security  This includes demonstrated knowledge of network intrusion detection systems, end-point security monitoring, and firewall systems (e.g., Cisco ASM, iptables, pfilter, or similar)
• Experience installing, maintaining and monitoring core network servers such as DNS, and DHCP servers.
• Demonstrated experience in security incident response and mitigation.
• Advanced experience and understanding with UNIX and Linux systems (e.g., Debian, Ubuntu, OpenBSD).
• Demonstrated experience related to scripting languages (e.g., Perl, Shell scripting,  Python, or Ruby). Specifically for system administration purposes (e.g., automating encrypted backup, auditing systems, and testing performance to predict hardware failure).
• Familiarity in at least one switch operating system (e.g., Juniper, Cisco IOS, HPE Comware, etc)
• Experience with TCP/IP networking and  analyzing packet capture data and diagnosing connection related network issues
• Experience and knowledge working with database servers (e.g., MySQL, Mariadb, PostgreSQL) especially installation, configuration and monitoring.
• Demonstrated experience collaborating on IT purchases by providing recommendations, cost estimates and tracking expenses
• Demonstrated experience in interpreting, implementing, and enforcing information security policies.
• Experience working with version and source control systems (e.g., git, subversion)
• Experience and knowledge related to automating common systems tasks, configuration management, or staging software using automation software (e.g, Ansible, Chef, Puppet, etc.)
• Experience in website administration (e.g. Apache, Nginx)  Specifically troubleshooting TLS issues, rotating TLS certificates, and reviewing weblogs for security.
• Excellent communication skills with the ability to communicate and document computer security best practices, and effective interpersonal skills to develop good working relationships among staff, clients, and peers
• Familiarity and comfort with  all major client operating systems (e.g., MacOS, Windows, Ubuntu) and mobile systems (e.g., Android, iOS)
• Familiarity with mobile device management systems (e.g, Miradore, JAMF, VMWare Workspace ONE, etc)
• Demonstrated knowledge and experience working in virtualized environments (e.g., VMWare vCentre, Xen, or VirtualBox)
• Highly engaged and aware of information security developments and best practices
• Highly knowledgeable about SSH and its advanced use cases such as reverse SSH tunneling, key agent troubleshooting, X Forwarding, and related security considerations.

 
To be successful in this role you will be:

• Accountable
• Communicator
• Meticulous
• Motivated self-learner
• Multi-tasker
• Tactful
• Team player