Department:	Information Systems and Technology	Effective Date:	February 2011
Grade:	USG 16	Reports to:	Associate Provost, Information Systems and Technology (AP-IST)

General Accountability

The Director is accountable to the Associate Provost, Information Systems and Technology (AP-IST), for strategic planning, design, development, implementation, and support of the services that the Information Security Services group provides to the University-at-large and other groups within IST. The Director is responsible for the interactions between Information Security Services and others in IST, and shares overall responsibility for day-to-day management of IST with the other Directors and the AP-IST.

The Director is responsible for strategic planning for the services and facilities maintained and supported by Information Security Services, in keeping with the goals and missions of the University. Strategic planning encompasses reviewing support of existing services and facilities and investigating promising new technologies in collaboration with other groups in order to appropriately select, integrate and support these technologies for campus-wide use. The Director collaborates in planning with the Faculties and the academic support units.

Information Security Services is staffed by technical and professional personnel and the group is responsible for:

• Providing leadership in the areas of IT audit, security awareness, and security policy development, compliance, and enforcement.
• Providing services in the areas of network security, incident detection & response, and public key infrastructure.

Specifically, major areas of responsibility include:

• Provide information security guidance and direction to university and IST advisory groups (e.g., CTSC, CNAG, WNAG, IWAG)
• Promote effective cooperation among the campus community on information security issues.
• Provide periodic and timely information to university senior management with respect to current security status, current industry and academic best practice, and recommendations with a benefit/risk/cost analysis in line with the institution's security goals and objectives.
• Provide campus wide expertise in information technology mechanisms for security and in how those technologies can be implemented and supported within the technical and organizational context of the university.
• Provide project management skills to various implementation tasks associated with the integration of security technology.
• Develop technology briefing and IST operational procedures documentation as required, and help the department ensure that sufficient support is available for successful deployment of security technology around campus.
• Provide input to and participate in the implementation of information systems efforts for the campus, and in particular, identity and access management solutions.
• Assist people throughout the University in understanding how best to apply information technology to meet security needs in their areas, provide leadership for and participate in the initial on-campus implementations of those technologies, and consult with departments around campus to provide advice on how they might best use emerging technology in a way that leverages technical directions and resources around campus.
• Supports University Police, Associate Deans and others, as appropriate, with technology related investigations.

• Consult with vendors of security hardware, software, and services to be familiar with the costs of and the benefits and opportunities provided by current and future technologies.

Nature and Scope

The Director demonstrates leadership in defining, providing, refining, improving and modifying the services provided by the Group in response to changes in technology, the university environment, and IST priorities. The Director must work closely with other IST directors and members of the management teams to achieve the department goal of providing the University with effective information systems and technology. The Director must maintain productive working relationships with other IST management, and with management in academic and academic-support areas for the purpose of providing services to the entire UW community. The Director has excellent interpersonal skills, is aware of university-wide initiatives related to the Group, and is able to interact well with a range of people from inside and outside the university.

The Director must maintain a broad knowledge of current technology and practices in information systems and technology, and a deeper knowledge in specific areas relevant to the group. The Director must be familiar with, comply with, and promote the University's policies related to information systems and technology.

The Director has general managerial responsibilities for the Group, including hiring, performance reviews, promotions, reclassifications, and disciplinary issues. The Director cooperates with the rest of IST management on general issues of IST staffing, including career paths and staff mobility among groups. The Director is responsible for negotiating staffing and other resource commitments to IST projects, and for providing them to those projects in a timely fashion that contributes to their successful completion.

The Director exercises skill in managing technical/professional people and provides them with a productive work environment and career opportunities. The Director manages the Information Security Services group through effective recruitment, selection, training, and assignment of staff, the organization of functions, establishment of procedures and standards, monitoring of performance, and focusing staff efforts on University goals.

Statistical Data

Information Security Services consists of 4 staff members, including the Director.

As of 2010, there are approximately 12,000 devices connected to the campus network and approximately 500 servers are located in IST’s machine room.

Specific Accountabilities

• Member of IST Directors team to provide problem resolution and long term strategy advice to the AP-IST
• Integral member of the IST management team
• Contributes broadly to the development and implementation of University standards for information systems and technology, with special emphasis on information security

• Serves as University Information Security Officer
• Chair of the Security Working Group.
• Member of the Computing Technology Services Committee
• Member of the E-commerce Committee
• Member of the WatIAM Management Committee
• Member of IST Windows Advancement Group
• Assists the Secretariat in ensuring the University meets its legislative obligations with respect to protection of privacy.
• Liaises with external organizations (eg. Public Safety Canada, other North American universities) for information sharing with respect to threats and incident response

Working Conditions

Normally, the Director carries out all responsibilities during regular business hours, but might infrequently be called upon to work outside of these hours if emergency conditions warrant.

Human Resources
General Services Complex
University of Waterloo
200 University Avenue West
Waterloo, Ontario, Canada N2L 3G1
519 888 4567 ext. 35935

contact us | give us feedback | http://www.hr.uwaterloo.ca