IT Times Spotlight: The CCS Information Security Team

Posted on Thursday, March 20th, 2025

Information Security team in the Security Operations Centre at U of G.
InfoSec team members (left to right): Apoorva Thirumurugan (co-op student), Stephen Willem, Hanna Guan, Devanshu Trivedi, Eirini Roumpa, Blair Curtis, Joao Bernardo, Satnam Deol. Missing: Matt Searle, Amanze Anuruke Photo credit: Tim Frank

For this spotlight, we interviewed Joao Bernardo and Eirini Roumpa from the CCS Information Security team, with input from Stephen Willem, Chief Information Security Officer.

Introduction

The CCS Information Security (InfoSec) team is dedicated to safeguarding the University's data, information systems, infrastructure and digital assets, protecting the privacy of the U of G community and ensuring continuity of academic, research and administrative activities.

The main goals of the InfoSec team are to:

  • Protect the University’s data and systems.
  • Enable secure and seamless access to resources for the U of G community.
  • Promote a culture of security across the institution.

The InfoSec Team

Under the leadership of Stephen Willem, Chief Information Security Officer (CISO), the InfoSec team is made up of two sub-teams:  

  • The Security Operations Centre (SOC) Team, which focuses on real-time threat detection, incident response and proactive monitoring to protect the University's infrastructure from cyber threats. 
  • The Identity and Access Management (IAM) Team, which ensures secure and efficient access to University resources by managing user identities, permissions, authentication and integration processes. The IAM team provides the necessary access while respecting the security measures established by the SOC team.

  • Devanshu Trivedi is the lead analyst, serving as the team lead for risk management. He oversees security reviews and spearheads major projects, including the selection and implementation of our governance, risk and compliance tool.
  • Joao Bernardo is an analyst III and manages the cyber security training platform, contributes to security awareness initiatives, specializes in ticket handling for the SOC team and trains the InfoSec co-op students (they have one co-op student per term).
  • Satnam Deol is an analyst III and runs the vulnerability management program and oversees email security.
  • Hanna Guan is an analyst III, managing security infrastructure and playing a key role in leading projects related to security tools.
  • The SOC team always has an eight-month co-op student on the team, whose role focuses on tickets and customer support.

  • Matt Searle is the senior analyst and leads the team’s efforts related to major projects like the Human Resources Management System (HRMS), where Matt focuses on the identity integrations for that system. He also is responsible for the programming related to various implementations, supporting the main IAM infrastructure and providing overall support for the rest of the IAM team.
  • Amanze Anuruke is an analyst III and specializes in Azure-related tasks. These include multi-factor authentication (MFA) and Single Sign-on configurations, as well as permissions for various applications.
  • Eirini Roumpa is an analyst III and manages Active Directory as well as the central directory -  Lightweight Directory Access Protocol (LDAP) -  and she also supports account management.
  • Blair Curtis is an analyst II and provides daily support and guidance to the University community and manages and responds to IAM tickets. Blair also supports the team in different activities and projects. For example, during major projects like the MFA implementation, Blair worked directly with customers to provide training and create knowledgebase articles to help customers and CCS Help Centre staff. 

“I am incredibly grateful to be a part of such an amazing and diverse team. Every member of the Information Security team contributes to our mission of securing the University every single day. Together we have accomplished some incredible achievements, and our success has come from their dedication, skill and commitment to working as a team.” – Stephen Willem

Key Activities:

On a daily basis, the team is focused on the following tasks:

  • Preventing and responding to cyber attacks that are intended to compromise sensitive information or disrupt University operations.
  • Managing user access to ensure only authorized individuals can reach sensitive resources, while ensuring seamless access for legitimate users (a difficult balance!).
  • Support compliance with regulatory requirements and University policies.
  • Bridging gaps in cyber security knowledge and understanding across the University community.

The team consistently reviews SOC and IAM processes and procedures to help improve the user experience. They keep up with new technologies and automate processes so that users are empowered to help themselves as much as possible.

“Information Security is typically thought of as a restricting body. While we do need to lock some things down, we typically try to put broad and effective protections in place so that users can work freely, be self-sufficient and not have to worry about security because we’ve taken care of it.” – Joao Bernardo

Success Stories

Following the IT incident in 2022, the team quickly to put in place additional security controls including multi-factor authentication (MFA).

There were multiple MFA solutions available, however the IAM team felt very strongly that the Microsoft MFA solution was the best choice for the institution. They were concerned that other options would be difficult for users, that it would be more costly for the institution, would not integrate easily with our current infrastructure and that ultimately the institution would have to switch to the Microsoft MFA solution down the road (another transition for users!). With Stephen having their backs, the team strongly advocated on behalf of the U of G community, requesting time to test the Microsoft MFA solution so they could provide evidence of what they knew to be true. Ultimately, they were able to clearly show that the Microsoft MFA solution was the right choice for U of G.

Once approved, the implementation - which in normal times might have taken a year or more - was accomplished in just one month. The fact that they managed to test, implement and roll out the MFA solution in such a short time is a testament to their resolve, dedication and user-first mindset.

“The team really cares and we do these things in the background, fighting these fights for the community, even though no one would ever know.” – Eirini Roumpa

“I’ve always felt very welcome, supported and comfortable on this team. It’s always been such a great place to work and because of that, it’s enabled me to do a better job supporting the community. If I had to give an example of when this was most apparent, it would be the major incident of 2022.” – Joao Bernardo

In September 2022, the University experienced an IT incident that required an immediate and extensive response from the InfoSec team as well as many other CCS and distributed IT teams. The InfoSec team was at the forefront, responding to the incident and coordinating the institution’s response.

It was incredibly difficult, taking a significant toll on the whole team, with Joao experiencing stress-related health issues that required hospitalization. It was very difficult to step away when he knew he was needed, but the support he received was very reassuring.

“I felt so guilty that I had to take a few days off work, that I was letting them down during a difficult time. However, when I came back to work, despite the stress, all everyone cared about was that I was okay. No guilt, no blame. I was so glad to be able help again. We all had each other’s backs, and our response was quite remarkable; very thorough, effective and fast.” – Joao Bernardo

Rising Up the Ranks!

Hiring students is a priority within CCS, as students provide significant value, insight and energy. CCS is one of the top student employers at the University and understands the impact this type of work experience can have for students.

The InfoSec team is no exception, supporting students and helping them get their start. Blair, Eirini, Joao and Matt have all worked their way up within the University. Blair, Joao and Matt were all U of G students, with Matt starting his U of G career at McLaughlin Library, Joao starting in the CCS Help Centre and Blair joining InfoSec right after completing his undergraduate degree. Eirini was an international student intern who joined CCS, first working for the Managed Desktops team and then joining the InfoSec team in 2018. In addition, the team is invested in U of G’s Experiential Learning program and has hired eight-month co-op students every year for the past seven years!

A Great Leader

Eirini and Joao did not want to end the interview without talking about Stephen: the deep support he provides and the meaningful impact he has on them.

“He’s the best manager we’ve ever had. He’s exceptionally good at what he does in the CISO role and supports us in everything we do. It’s amazing to know that if we get push back on anything, or if the community doesn’t like something we are trying to do, Steve will take on the fight, having our backs exactly how and when we need him to. All while still trying to support and solve problems for our customers in a meaningful way. He is very good at walking that line, and he models the way for us on so many levels.”  – Joao and Eirini

While they might seem scary as the security team (lol), the IAM and SOC teams are friendly, approachable and fun! If you're ever in UC 3, feel free to drop by and say hello!

Share this page

News Archive

News Topics