Job description

Key Responsibilities:

• Client & Stakeholder Engagement

  • Collaborate with internal stakeholders and external clients to gather and document cybersecurity requirements.

  • Assess organizational needs and provide tailored recommendations for securing digital assets and infrastructure.

• Risk Assessment & Security Planning

  • Identify, evaluate, and document physical and technical security risks to data, software, hardware, and connected systems.

  • Conduct vulnerability assessments and threat modeling to ensure proactive risk mitigation.

• Data Protection & Encryption

  • Implement and manage encryption protocols for data in transit and at rest.

  • Maintain and manage cryptographic keys and certificates to ensure ongoing data confidentiality and integrity.

• Access & Identity Management

  • Monitor and manage user access controls, credentials, and authentication systems.

  • Ensure role-based access policies are enforced and audited regularly.

• Security Software & Tools Management

  • Install, configure, test, and maintain security tools such as anti-virus software, firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection platforms (EPP), and SIEM solutions.

  • Evaluate and deploy security technologies appropriate for AI research environments and data workflows.

• Cyber Threat Monitoring & Incident Response

  • Continuously monitor systems for potential cyber threats, intrusions, anomalies, or unauthorized activity.

  • Coordinate incident response efforts in accordance with NeuraceptiveAI.ca’s incident response plan, including detection, containment, eradication, recovery, and post-incident analysis.

• Security Policy Development & Documentation

  • Develop, document, and update cybersecurity policies, procedures, protocols, and emergency response plans.

  • Lead or participate in regular security audits, penetration testing, and compliance assessments.

• Training & Awareness

  • Educate staff on best practices in cybersecurity and conduct training to reduce human-factor vulnerabilities.

  • Promote a culture of security awareness across the organization.

• Continuous Improvement & Compliance

• Stay current with evolving cyber threats, security trends, and applicable regulations (e.g., PIPEDA, GDPR, HIPAA, etc.).

• Recommend improvements to existing security practices and solutions to align with organizational growth and technology evolution.