About OICR

OICR is Ontarios cancer research institute. We bring together people from across the province and around the world to improve the lives of everyone affected by cancer. We take on the biggest challenges in cancer research and deliver real-world solutions to find cancer earlier and treat it more effectively. We are committed to helping people living with cancer, as well as future generations, live longer and healthier lives.

Launched in December 2005, OICR is an independent institute funded by the Government of Ontario through theMinistry ofColleges, Universities, Research Excellence and Security.

Job Details

Position: Information Security and Systems Administrator

Location: MaRS Centre, Toronto

Department: Corporate Information Technology

Salary: Commensurate with level of experience; total compensation includes a competitive benefits plan, plus a defined benefit pension plan (HOOPP)

Hours: 35 hours/week

Job Type: Hybrid

Status: Full-time, Permanent

Position Summary

The Ontario Institute for Cancer Research is seeking an Information Security and Systems Administrator to join the Corporate Information Technology infrastructure team. The Information Security and Systems Administrator will be responsible for deploying, maintaining, and securing infrastructure and services on-premise and in the cloud.

The Information Technology team at OICR supports the Institutes mission with a leading edge IT infrastructure consisting of over 1,000 onsite servers (Linux and Windows, most virtualized under OpenStack and VMWare), integration with cloud based services (including Amazon AWS, Google, Microsoft Azure, Microsoft 365) a 10,000 CPU core High Performance Compute cluster, thousands of GPU cores, over 12 Peta Bytes of onsite disk storage, an advanced network facilitating onsite connectivity (data centres and client networks, wired and wireless) and external connectivity to ISPs and research networks like ORION and CANARIE. The Corporate IT infrastructure supports over 100 Windows servers on-premise and in the cloud, manages Identity and Access Management primarily through on-prem Active Directory and Azure EntraID, manages data backup and recovery, and supports corporate/business enterprise applications and services. The Information Security and Systems Administrator ensures Corporate infrastructure and services are secure, reliable, scalable and fit for purpose.

The Information Security and Systems Administrator will play a vital role, ensuring that sensitive data is appropriately safeguarded and cyber security threats and risks are continuously monitored, assessed and mitigated.

OICRs IT department consists of ~20 professionals including those focused on Leadership, Corporate IT, Research IT, and Information Security. OICR has a third party providing 24x7x365 SOC/SIEM/Vulnerability Scanning/Pen Testing/Security Incident Response services which augment OICR ITs internal capabilities.

Position Responsibilities

• Maintain and use automation and configuration management tools in support of the administration of Microsoft Windows servers, Hyper-V and VMWare virtualization, data backup and recovery, network attached storage, and information security
• Maintain and configure on-premise and cloud-based servers (primarily Microsoft Windows), storage, virtual firewalls and virtual network services
• Maintain and support virtualization and storage infrastructure including but not limited to VMWare, Hyper-V, NetApp
• Maintain and support core services such as Active Directory, EntraID, Exchange, SharePoint, OneDrive, Google Workspace
• Monitor and respond to security events, investigate incidents, and mitigate vulnerabilities
• Pay close attention to community and vendor security announcements and notifications, assess these and take appropriate action
• Assist other areas of IT with problem management and security event investigation and resolution
• Work on infrastructure and information security related Tickets assigned to you by the OICR IT Support Team
• Monitor and respond to information security events
• Document actions in Service Desk tickets and SharePoint
• Create and run phishing simulations
• Assess infrastructure and other services for info sec compliance, vulnerabilities, and compliance with frameworks and best practice standards such as NIST CSF
• Participate in the maintenance and support of the OICR Business Continuity Plan
• Create Change Requests and follow Change Management procedures for all production changes
• Assist other team members in all areas of IT as needed and as requested
• Assist with creating and updating Information Security policies
• Attend remote or in person vendor meetings, stay current with new technologies
• Be available outside normal business hours for scheduled activities or to respond to unscheduled critical events; and be reachable and able to come onsite as needed
• Manage and maintain on-premise and cloud based core corporate applications and systems
• Other duties consistent with the job classification, as assigned or requested

Position Requirements

• Post secondary education in Computer Science, Engineering, Information Security or related disciplines, or recognized equivalent
• Information Security certification such as CISSP and applicable vendor training with certifications
• Proficiency as a Microsoft Windows System Administrator
• Experience working with cloud-based infrastructure in Microsoft Azure and/or Amazon AWS
• Expertise deploying, securing and maintaining infrastructure and applications in a Microsoft Windows environment which store or process sensitive information
• Strong understanding of Identity and Access Management, including the use of on-prem Active Directory and Azure EntraID
• Familiarity with cloud based and on-premise firewalls, and VPN devices
• Strong understanding of virtualization infrastructure (such as VMWare, HyperV)
• Strong understanding of Information Security tools such as Tenable Security Centre, Microsoft Security/Defender, and Symantec
• Familiarity with Microsoft Windows server administration in a complex research, academic, healthcare or fast paced enterprise environment
• Ability to install, maintain and use Windows server based applications/tools
• Experience deploying, securing and supporting cloud-based services including Exchange Online, SharePoint Online, M365/O365, InTune, Defender
• Ability to work well in a team setting and independently
• Ability to work well under pressure and multitask
• Excellent oral and written communication skills
• A continuous learner and takes great pride in your work

For more information about OICR, please visit the website at www.oicr.on.ca.

To learn more about working at OICR, visit our career page.

POSTED DATE: March 4, 2025
CLOSING DATE: Until Filled

OICR is committed to fostering a climate of equity, diversity, inclusion, and accessibility. This commitment is central to, and mutually supportive of, our research excellence mandate. We welcome and respect the diversity of all members of our community and we support an inclusive culture for all. We welcome all applicants, and encourage applications from racialized persons, Indigenous Peoples, women, persons with disabilities, LGBTQ2S persons, and others who may contribute to furthering a diversity of ideas within our community. OICR is committed to fair assessment of a candidates abilities, and consideration for diversity of thought, method, and experience. Providing an accessible workplace and recruitment process is important to us, as described in our Accessibility Plan (https://oicr.on.ca/accessibility/). Should you require accommodation during any stage in the recruitment process, please complete the form at the bottom of page https://oicr.on.ca/careers/. Information received related to accommodation will be handled confidentially.

Resume Format: If you elect to apply, please click on the Apply for this Job button. You will be required to enter contact details, and to attach your resume to your application. Please attach your resume as a .pdf or .doc file.

The Ontario Institute for Cancer Research thanks all applicants. However, only those under consideration will be contacted.