This job has expired

M365 Administrator and Security Manager

University of Toronto
: St. George (Downtown Toronto)
You need to sign in or create an account to save a job.

Job Details

M365 Administrator and Security Manager

Date Posted: 05/13/2022
Req ID:23086
Faculty/Division: Office of the Chief Information Officer
Department: Enterprise Applications & Solutions Integration
Campus: St. George (Downtown Toronto)


Under the direction of the Manager, Microsoft Enterprise Cloud Architecture, the O365 Administrator and Security Manager is a key lead in identifying, triaging and resolving risk and security issues related to the University of Toronto’s enterprise-level MS Cloud and Office365 platform. They lead Enterprise Applications & Solutions Integration’s (EASI) information security and risk management programs for enterprise O365 services, as well for other enterprise-level Cloud IaaS, PaaS and SaaS solutions.

The incumbent acts as a backup to the Manager, Microsoft Enterprise Cloud Architecture, overseeing the technical team in the absence of the Manager. They collaborate with the Manager in the planning, development, implementation and stewardship of the enterprise Cloud platform and its platform policies, procedures, guidelines and best practices, focusing particularly on its security and risk management. In partnership with the Manager, they provide full global administration, technical expertise, planning and configuration as needed for all platforms including O365, Intune and Azure resources.

As a security and risk subject matter expert, the incumbent assumes responsibility for the strategic and tactical planning, provision and configuration of systems security, confidentiality, privacy and risk management for UofT’s O365 platform in the areas of systems administration, service design, implementation, operation and support. They are instrumental in ensuring reliable and robust access controls, service availability and activity/incident reporting. The incumbent applies known security standards as well as establishes new security standards and best practices related to the use and operation of O365 at the University, and proposes strategies by which those standards and best practices are implemented, tested and confirmed on a regular basis.

Working closely with Enterprise Information Security (ISEA), they assess, plan, implement, monitor and audit security controls and threat protection on the O365 and other enterprise Cloud platforms, ensuring any risks are identified, triaged, communicated and escalated accordingly. The incumbent continually evaluates the platforms’ security advancements, with an objective towards minimizing the risk of comprising information and UofT assets, ensuring work is done in the context of existing policy, guidelines and applicable legislation in a fluid, consultative environment. They are responsible for developing, updating, implementing, promoting and training the community on the O365 services’ security.

The O365 Administration and Security Manager will: support and undertake forensic audits of IT systems and services whose access control mechanisms have been compromised or circumvented, both within and from outside of the University working with ISEA, external auditors, Labour Relations (LR) and Legal Services when required; undertake investigations in consultation with Human Resources and gather forensic IT and security data and evidence in instances of employee related breaches and misconduct; participate in and undertake investigations of potential IT related criminal activity (i.e. bomb threats using ghost email accounts) acting as EASI liaison between Campus Police and the ISEA unit. They will review and perform detective auditing of the enterprise Cloud Systems Administrators and other privileged IDs for EASI systems and servers.

The incumbent will actively research and monitor cyber threats to O365 and other enterprise Cloud systems, using MS Cloud Access Security and Advanced Threat Analytical tools, working to ensure solutions administered by system administrators are secure, with uncompromised access. They will implement protocols at the local level developed by the ISEA unit for security of communications during labour disruptions and other disruptions that compromise business continuity such as cyber security attacks.

The incumbent acts as a project manager for complex EASI cloud projects ensuring delivery meets the information security standards and best practices for Identity and Access Management, Information Disclosure, Information Integrity, Business Continuity and Protection of Privacy. They will review the performance of enterprise Cloud security controls, and effectiveness of related projects to achieve the security goals of the ITS portfolio.

Qualifications Required


University degree in Computer Science, Engineering or equivalent combination of education and experience. Office 365 and/or relevant MS Cloud and Security certifications are required. Certification in recognized service methodologies such as ITIL, MOFS is an asset. Certification in an Architecture Framework such as TOGAF is preferred.


  • Minimum 4 years’ direct related working in in a high-volume, large, enterprise-level IT environment, including at least two years working with Information Security as a significant focus of activity
  • Minimum 2 years’ experience as a MS cloud Global Administrator
  • Advanced experience evaluating, securing, implementing and administering enterprise level MS Cloud platform services, such as those within Office365, Azure, Intune, and expertise of best practices for their secure use
  • Experience with the Azure Security Center
  • Expert understanding of client and server application deployment and support
  • Strong understanding of client and server activity tracking.
  • Strong understanding of IT Architecture concepts and security methodologies.
  • Project management experience with large, complex enterprise solutions
  • Experience in platform migration and software/service deployment and support
  • Experience auditing systems for compliance (PCI-DSS, PA-DSS, etc.).
  • Experience drafting information security standards and guidelines, assessing risk management and determining controls.
  • Experience in administering enterprise-level Microsoft and Unix-based server applications (Microsoft System Centre, MBAM, Advanced Threat Analytics, etc.)
  • Strong Scripting skills required including Shell and interpreted languages.
  • Experience with application / scripting tools (Powershell, Python).
  • Experience configuring databases and database-backed applications (SQL Server, MySQL).
  • Extensive experience using network and security analysis tools.
  • Extensive experience with intrusion detection and prevention – host and network, active and passive.
  • Experience in selecting, configuring and deploying service mis-use detection and prevention technologies (Anti-Spam, Anti-Virus, Anti-DDOS, etc.).
  • Experience running penetration testing and vulnerability scanning
  • Experience with deploying, configuring and securing virtualized environments, and services running in it.
  • Experience with federated access control (i.e. Shibboleth, Active Directory Federation Services (ADFS) or similar services.


  • Expert level knowledge of O365 Global Administration
  • Expert level understanding of Windows and a variety of Unix-like operating systems at both server and client level.
  • Strong understanding of public cloud services (preferably Azure)
  • Strong understanding of client and server application deployment and support
  • Comprehensive knowledge of TCP/IP networking and client-server architecture and protocols.
  • Strong understanding of network configuration, hardware and next-gen firewall/IPS technologies (Cisco ASA, Juniper, Fortinet, Palo Alto)
  • Expert level understanding of the following access control technologies – LDAP, Kerberos, and Active Directory.
  • Expert knowledge of Virtual Private Networks (VPNs).
  • Expert knowledge of Encryption technologies at network, file and file-system levels.
  • Strong understanding of cryptographic certificates and the operation of certificate authorities.
  • Excellent communication, instruction and presentation skills. Able to describe a variety of complex technical concepts or policies to users and senior leadership at all technical experience levels and to deliver security awareness and education content to faculty, staff and graduate students.
  • Strong customer relationship and problem solving skills
  • Excellent conflict resolution skills with strong ability to exercise judgement, tact, discretion and determination
  • Adept at conducting research into technical or project-related issues and products, to continually improve processes and solutions as technology changes
  • Adept at quickly learning, understanding, and applying new technologies and process frameworks
  • Strong organization skills with the ability to effectively prioritize and execute tasks in a high-pressure environment


  • Ability to work under pressure of high volume and expectations, while meeting multiple deadlines for multiple projects; strong service orientation coupled with ability to recognize and assess the operational significance of a problem, control/mitigate the risk and set priorities accordingly.
  • Strong ability to assess risks and controls of computing systems and operations.
  • Demonstrated broad knowledge of information technology, instructional technology, classroom technology, audiovisual technologies, digital signage, network technologies, databases and application development.
  • Strong ability and willingness to work effectively as a team leader and team member; must be able to collaborate and cooperate with team members, project sponsors, other stakeholders.
  • Ability to lead team members of varying levels and skill sets including Professional/Managerial as well as staff.
  • Must be able to deal calmly and effectively with a variety of people.
  • Demonstrated ability to exercise sound judgment, tact and diplomacy.
  • Ability to effectively navigate a professional and political climate including assessing the requirement to escalate and issue to more senior levels of management or resources or bodies outside the Faculty; ability to maintain a high level of confidentiality.
  • Ability and willingness to learn new systems, technologies and project management methods and tools.

Closing Date: 05/29/2022,11:59PM ET
Employee Group: Salaried
Appointment Type: Budget - Continuing
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 3 -- Hiring Zone: $81,873 - $95,518 -- Broadband Salary Range: $81,873 - $136,454
Job Category: Information Technology (IT)

.buttontext00b26598368a4abe a{ border: 1px solid transparent; } .buttontext00b26598368a4abe a:focus{ border: 1px dashed #25355a !important; outline: none !important; }

All qualified candidates are encouraged to apply; however, Canadians and permanent residents will be given priority.

Diversity Statement

The University of Toronto is strongly committed to diversity within its community and especially welcomes applications from racialized persons / persons of colour, women, Indigenous / Aboriginal People of North America, persons with disabilities, LGBTQ2S+ persons, and others who may contribute to the further diversification of ideas.

As part of your application, you will be asked to complete a brief Diversity Survey. This survey is voluntary. Any information directly related to you is confidential and cannot be accessed by search committees or human resources staff. Results will be aggregated for institutional planning purposes. For more information, please see

Accessibility Statement

The University strives to be an equitable and inclusive community, and proactively seeks to increase diversity among its community members. Our values regarding equity and diversity are linked with our unwavering commitment to excellence in the pursuit of our academic mission.

The University is committed to the principles of the Accessibility for Ontarians with Disabilities Act (AODA). As such, we strive to make our recruitment, assessment and selection processes as accessible as possible and provide accommodations as required for applicants with disabilities.

If you require any accommodations at any point during the application and hiring process, please contact [email protected].

Job Segment: Engineer, Risk Management, ERP, Cloud, Security, Engineering, Finance, Technology


Established in 1827, the University of Toronto is Canada's largest university, recognized as a global leader in research and teaching. U of T's distinguished faculty, institutional record of groundbreaking scholarship and wealth of innovative academic opportunities continually attract outstanding students and academics from around the world.

U of T is committed to providing a learning experience that benefits from both a scale almost unparalleled in North America and from the close-knit learning communities made possible through its college system and academic divisions. Located in and around Toronto, one of the world's most diverse regions, U of T's vibrant academic life is defined by a unique degree of cultural diversity in its learning community.The University is sustained environmentally by three green campuses, where renowned heritage buildings stand beside award-winning innovations in architectural design.


U of T is one of Canada’s Top 100 Employers.
U of T is one of Canada's Best Diversity Employers.


Are you looking for a challenging, meaningful career in a supportive and diverse environment?

Work where the world comes to think.

Work where the world comes to discover.

Work where the world comes to learn.


Opportunities exist for people from a wide range of backgrounds, ranging from recent graduates to experienced senior professionals.

We offer challenging work within an open environment that celebrates diversity in all its forms. Our focus is on creating a positive work environment that attracts and retains excellent employees through a combination of competitive compensation, favourable working conditions, opportunities for career growth and development and a unique organizational culture.

Employees have access to:

  • Excellent health and dental benefits;
  • On-site support for training and career development;
  • Flexible work arrangements;
  • Childcare subsidy;
  • Tuition waivers;
  • Scholarships and/or tuition waivers for dependants;
  • Generous paid time off;
  • Support on equity and diversity issues;
  • On-site child care;
  • University Pension Plan;
  • Subsidized athletic facility membership;
  • World-renowned libraries;
  • Confidential counselling services;
  • Parking and TTC Metropasses;
  • Employee and Family Assistance Plan;
  • Continued health benefits for pensioners.


You need to sign in or create an account to save a job.

Get job alerts

Create a job alert and receive personalized job recommendations straight to your inbox.

Create alert