Surrey Schools (School District #36 Surrey)
Cyber Security Specialist
Surrey Schools (School District #36 Surrey)Canada19 hours ago
Full-timeEngineering, Information Technology
The Surrey School District respectfully acknowledges that our schools reside on the traditional, unceded, and shared territories of Coast Salish peoples: The q? íc?? y? - Katzie, the q'wa:n??'?n? - Kwantlen and the SEMYOME - Semiahmoo First Nations, who have been stewards of this land since time immemorial.

Surrey Schools values an inclusive school district where equity is deeply embedded, and diversity welcomed. We acknowledge the profound responsibility we all have in ensuring that our schools and district sites foster an atmosphere where everyone feels secure, respected, and valued. Our commitment to providing a quality education extends beyond academic excellence; we are committed to creating and cultivating diverse, inclusive, and barrier-free environments for all applicants, employees, students, and their families. Our identity, as Surrey Schools, is expressed in the shared values of openness, fairness and tolerance and recognizes the importance of diversity of identity and thought. We are an equal opportunity employer and welcome applicants from all backgrounds.

Surrey Schools is the largest school district in BC and the second largest employer in Surrey. Spread across one of the fastest-growing cities in British Columbia, Surrey Schools provides quality education to over 82,000 students with 124 schools sites and a variety of other learning facilities, offering a broad range of innovative programs and services to support the learning of our students. The Surrey School District team of approximately 13,000 employees works tirelessly every day to ensure that children are getting the best start they can, providing the preparation to be our leaders of tomorrow.

THE ROLE

Reporting to the IT Manager, Cyber Security the Cyber Security Specialist is responsible for protecting the integrity and availability of the organization's cybersecurity initiatives. The Cyber Security Specialist will implement tools, establish and configure business rules, processes, and procedures pertaining to cybersecurity, as well as monitor and manage security incidents to minimize the risk to the organization. Collaborating closely with organizational leaders, business, and technical departments, the Specialist will be instrumental in overseeing cybersecurity to safeguard the organization's data. This role is vital in ensuring seamless integration, optimal performance, and promoting digital literacy in compliance with privacy and security standards. Also, the Cyber Security Specialist will be a subject matter expert for overseeing the security and controls implementation for the ERP system.

Typical Responsibilities

  • Manage complex projects in collaboration with educational and technical staff to integrate cybersecurity measures and develop systems with built-in privacy controls and security measures.
  • Plan, lead, and execute risk assessments to determine the security posture of the organization's data and infrastructure from existing systems and those being considered for purchase or implementation. Make recommendations based on best practices.
  • Plan, implement, maintain, and monitor IT security controls for all digital assets and processes (network, endpoint, server, application, etc.).
  • Establish security plans, incident response, and security awareness in collaboration with the Leadership Team.
  • Participate in the development and maintenance of internal security policies and cybersecurity policies.
  • Assist in troubleshooting security-related network issues with the network support team.
  • Identify and investigate computer security incidents and inappropriate use of organizational computing devices.
  • Stay current with developments in cybersecurity and recommend new approaches and applications of new technology to meet business objectives.
  • Address privacy concerns and ensure compliance in technology security solutions.
  • Deliver presentations and educational security awareness frameworks for staff, both business and technical, including multi-channel approaches.
  • Attend PII review with external system integrator for design and deployment of new ERP system
  • Help design and facilitate user-role mapping for Segregation of Duties (SOD) and Sensitive Access (SA) role assessment for the new ERP implementation
  • Identify and record remediations for SOD violations and determine appropriate control for the new ERP
  • Review and provide signoff on all security deliverables associated with new ERP implementation
  • Provide guidance and support around security discussion in relation to new ERP implementation including Single Sign On (SSO), Multi Factor
  • Authentication (MFA), Segregation of Duties (SOD), User Roles, location-based access control (LBAC) and privileges design etc.

Design, build and test additional roles required for the new ERP system beyond the 30 roles developed by system integrator.

  • Manage the defects and security activities and support the relevant SIT, PRT, UAT and cutover testing cycles during new ERP implementation.
  • Responsible for documenting security administration procedures and any internal controls as per legislation, SD36 policy and security standards.
  • Performs other duties, as required.

Job Requirements

Knowledge, Abilities and Skills

  • Proficiency in system and network incident response practices and procedures.
  • Familiarity with security tools, vulnerability assessments, and incident response.
  • Strong research and analytical skills are necessary.
  • Demonstrated ability to work within a technical team to ensure the secure delivery of technology services.
  • Demonstrated operational and project management skills, including planning, coordination, organization, and problem-solving abilities.
  • Capability to prepare comprehensive reports on risk assessment results, product recommendations, and computer forensic analysis is desired.
  • Ability to handle confidential and/or sensitive information with a high degree of discretion and impartiality.
  • Capacity to manage changing and competing deadlines effectively.
  • Ability to interact professionally with staff at all levels of the organization.
  • Excellent oral, written, and presentation/facilitation skills, including communicating effectively at both technical and non-technical levels.
  • Experience in supporting a cybersecurity or information security operational program is required.
  • Previous experience in security implementation of a large-scale tier-1 ERP.

Training & Experience

  • Bachelor’s degree in Computer Science, Information Technology, Information Systems, or other related field from a post-secondary institution recognized by the District.

Minimum of 4 years of experience in implementation, managing and configuring security for large scale enterprise application.

This is a unionized position that offers an hourly wage rate of $40.97 per hour plus a liberal benefit package including pension, health, vacation, and sick benefits. Please note that as this is a new position, the pay rate is subject to review and potential adjustment after six months.

Qualified applicants can apply by clicking the "apply" button to the right of the posting. The closing date for this position is Friday, October 31, 2025 at 4:00pm.

Surrey Schools recognizes the importance of accessibility and supporting the diverse needs of our community. If there is any accommodation you may require for your interview, whether related to accessibility or otherwise, please do not hesitate to advise and we will make every effort to meet your needs.

Note: Successful applicants will be required to consent to a Criminal Records Search prior to employment. Only those applicants selected for interviews will be contacted. To all others, thank you for your interest.

Key Skills

Ranked by relevance
Apply