University of Toronto

Cyber Security Advisor, Research

University of Toronto$93K — $109K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • University degree or equivalent experience in information security, risk assessment, or compliance in an academic or complex setting.
  • Five or more years of experience in information security, risk assessment, or compliance roles.
  • Experience advising researchers or senior professionals, with a focus on building trust and influence.
  • Strong working knowledge of the research ecosystem and regulatory landscape affecting research information security.
  • Ability to handle sensitive information while ensuring compliance with institutional and government standards.

Responsibilities

  • Serve as a primary information security advisor for researchers and research staff.
  • Conduct risk assessments and deliver consultative guidance to ensure compliance.
  • Facilitate coordination across various institutional and security operations.
  • Build and maintain trusted relationships with the research community.
  • Translate security requirements into actionable research-oriented controls.

Benefits

  • Flexible work arrangements, including on-campus and remote options.
  • Access to professional development and training opportunities.
  • Supportive work environment that values collaboration and trust.
  • Engagement with a diverse range of stakeholders in the research community.
  • Participation in a strategic role at the intersection of IT security and research administration.
Full Job Description
Date Posted: 06/19/2026
Req ID: 48153
Faculty/Division: Ofc of the Chief Information Officer
Department: Information Security
Campus: St. George (Downtown Toronto)
Existing Vacancy: Yes

Description:

The Cyber Security Advisor, Research reports to the Manager, Research Information Security Program (RISP) within Information Security, under the Office of the Chief Information Officer. The Advisor enables secure, compliant research across the University by serving as a highly visible, researcher-facing information security advisor. Operating at the intersection of institutional IT security operations and research administration, the Advisor provides expert guidance, risk-based assessments, and enablement support to researchers, research staff, and research offices, helping them understand and meet evolving security expectations from institutional standards, research sponsors, regulatory bodies, and government-driven requirements.

The Advisor provides consultative advisory services in a matrixed environment, coordinating across the Office of the CIO and enterprise security operations, the Vice-President, Research and Innovation (VPRI) and related research administration partners, research offices, and faculty and divisional stakeholders. The role requires the ability to align enterprise security capabilities with research-specific needs while maintaining the trust-based relationships with the research community that the program's service model depends on.

The role involves access to sensitive and confidential information, including institutional security posture and vulnerability data, threat intelligence from government and sector sources, details of research involving defence, national security, controlled goods, and commercially sensitive intellectual property, researcher safety information, and security control documentation for high-sensitivity research environments. Candidates must bring a substantive prior background working in or alongside the research enterprise, or with comparably autonomous expert client communities (e.g., clinical investigators, senior faculty, principal scientific or technical staff). The Advisor must exercise discretion and handle such information in accordance with institutional and, where applicable, government requirements.

For work involving defence, controlled goods, or national-security-sensitive research, the incumbent may be required to obtain and a Government of Canada reliability and/or security clearance. The consultative, relationship-driven work at the centre of this role is the core of the position, not a soft skill layered on top of technical security delivery. Success depends on sustained relationships, strong familiarity with research practice, and the ability to co-develop practical paths forward with researchers. Technical security knowledge alone, without the consultative orientation and research-community credibility, is not sufficient for this role. The role is most effective when the research community actively seeks the Advisor out early because the service is viewed as credible, helpful, and enabling rather than obstructive.

The Advisor will work collaboratively and consultatively in a matrixed environment with a diverse group of colleagues and stakeholders.

REQUIRED QUALIFICATIONS:

EDUCATION:

A university degree, or an equivalent combination of education and experience is required, with work experience in information security, research information security, compliance, risk assessment, or a related field within an academic, research, or similarly complex institutional environment. Advanced/graduate degree, special training and certificates related to the above areas are an asset.

EXPERIENCE:

  • Significant experience (typically five or more years) in information security, risk assessment, compliance, security advisory, or closely related domains.
  • Substantive experience working directly with researchers, research administration, or comparably autonomous expert client communities (e.g., clinical investigators, faculty, senior scientific or technical professionals) in a consultative, client-facing capacity, with evidence of building trust and influencing outcomes through relationships and credibility rather than positional authority.
  • Strong working knowledge of the research ecosystem and research operating contexts, including how research groups collaborate, handle data, use research computing, navigate sponsor and funder expectations, and operate across multi-institutional and international partnerships, with the ability to translate security requirements into workable, research-aligned controls.
  • Familiarity with Canadian cyber security frameworks and those common in the higher education and research sector, as well as the broader landscape of sponsor, regulatory, and government-driven requirements that affect research information security.
  • Experience handling sensitive and confidential information with discretion, including institutional security data, threat intelligence, or information related to research involving defence, national security, or commercially sensitive IP.
  • Experience advising and briefing senior stakeholders on information security risks and recommendations.
  • Experience working collaboratively and effectively in a complex, multi-stakeholder environment.
  • Experience working in or with the post-secondary education sector is an asset.


SKILLS:

  • Exceptional interpersonal skills and the ability to build rapport, trust, and credibility quickly with researchers and diverse stakeholders across the University
  • Judgment to balance research enablement objectives with institutional security obligations, sponsor requirements, and regulatory compliance
  • Strong research, analysis, writing, and presentation skills, including the ability to explain security concepts to non-specialist audiences and document recommendations clearly
  • Demonstrated ability to apply risk-based critical thinking consistently and effectively in an advisory capacity
  • Sound decision-making in a high-volume environment with competing stakeholder priorities and evolving requirements
  • Ability to identify issues and take proactive action including adjusting to changing priorities as necessary
  • Excellent organizational and time management skills
  • Ability to facilitate productive conversations and navigate sensitive discussions with tact and professionalism
  • Clear documentation, briefing, and facilitation skills, including on sensitive and time-critical matters


OTHER:

  • Ability to obtain and maintain a Government of Canada security clearance (up to Secret or Top Secret) if required for work involving defence, controlled goods, or national-security-sensitive research
  • Experience working within GRC platforms for control documentation, assessment tracking, or evidence management is an asset
  • Relevant professional certifications are considered an asset
  • Knowledge of privacy, confidentiality, and compliance as they relate to research data and institutional information
  • Knowledge of the academic environment and working with researchers
  • Ability to work in a flexible, on and off-campus hybrid environment


Closing Date: 07/17/2026, 11:59PM ET
Employee Group: Salaried
Personnel Subarea:PM
Appointment Type: Budget - Continuing
Schedule: Full-Time
Pay Scale Group & Hiring Zone: PM 3 -- Hiring Zone: $93,592 - $109,190 -- Broadband Salary Range: $93,592 - $155,985
Job Category: Information Technology (IT)

}

About University of Toronto

The University of Toronto is a public research university located in Toronto, Ontario, Canada. It is the largest university in Canada by enrollment and one of the top-ranked universities in the world. The university offers undergraduate and graduate programs in a wide range of academic disciplines, including arts, sciences, engineering, and business. The University of Toronto is known for its research excellence and has produced many notable alumni, including four Nobel laureates. The university was founded in 1827 and has three campuses in the Toronto area.
Learn more about University of Toronto
Size
21,556 employees
Industry

Similar Jobs

More Jobs at University of Toronto

More Information Technology Jobs

Find similar Cyber Security Advisor, Research jobs: