Status: Regular Full time
Working Conditions: Hybrid Work Environment (3 days in office)
Education Level: 4 years of University degree in an appropriate field such as Computer Science plus 1 year of further concentrated study in Cybersecurity programs.
Location: Timmins, ON
Shifts(s): Days
Travel: 10%
Deadline to Apply: August 27, 2024
Salary Range: $1,651.02 - $2,832.86 per week
Electrify your career and help build a brighter tomorrow.
Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders and change-makers. Join us to electrify life in one generation and build a sustainable future powered by our electricity, our ideas, and our people. Join OPG and make history.
Whether you work in the skilled trades or are a business professional, a career at OPG is an opportunity to electrify your life on - and off - the job.
ACCOMMODATIONS
OPG is committed to fostering an inclusive, equitable, and accessible environment where all employees feel valued, respected, and supported. If you require accommodation during the application or interview process, please advise us as soon as possible so appropriate arrangements can be made.
If you require information in a format that is accessible to you, please contact
[email protected]
JOB OVERVIEW
Ontario Power Generation (OPG) is looking for dynamic, strategic, and results-driven professional to join our team in the role of Cyber Security Specialist.
Reporting to the Section Head – RG Operational Technology Cyber Security, this position is responsible to provide leadership and participate as a member of the Cybersecurity team by tracking and investigating security threats and driving remediation strategies, that includes creating reports, authoring playbooks, and maintaining compliance to cybersecurity policies. Be required to keep abreast of up-to-date developments and trends in cybersecurity management information systems, networks, and computer applications.
This is an exciting opportunity to work in an environment where you will contribute to OPG’s public outreach, engagement, and education efforts as part of the company’s commitment to growing its social license.
KEY ACCOUNTABILITIES
- Utilize Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) and other tools to track and investigate threats within the Ontario Power Generation (OPG) information technology and systems environment in accordance with Corporate requirements and legal statutes.
- Conduct application, host, and network log analysis to identify incidents for insecure configurations and incidents. Working with internal/external teams and system owners to drive remediation and arrive at solutions that maintain business continuity.
- Apply a sound understanding regarding the design of OPG’s Business Unit networks, applications, and external connections to provide an effective service, including attack surfaces and critical vulnerabilities.
- Drive remediation of vulnerabilities across the network by working with internal/external teams and system owners to mitigate based on a risk-based approach, that could require the business to upgrade or disable features. Provide system owners with accurate action plans and follow up on implementation.
- Work in collaboration with multiple teams across the organization to optimize procedures and processes based on events and incidents to ensure continuous improvement in improving detection and response. Keep up to date with assets, configurations, and design of the environment.
- Create reports for key metrics and deliverables for Cybersecurity Operations and present them to senior management, as assigned. Identify opportunities for improvement and work with stakeholders on implementation.
- Maintain an in depth understanding of Threat Assessments, Risk Management, and Incident Response.
- Conduct studies, identify emerging threats, tactics, and procedures, and collaborate with internal and external teams to share trends and provide actionable threat intelligence.
- Identify and support the development of processes and procedures to improve monitoring, detection, and response to threats.
- Provide input to and maintain compliance to policies, standards, and procedures. Work with other team members to provide up to date information to stakeholders.
- Support or lead incident response lifecycle. Work with internal/external Incident Response leads, and advise on decisions during or after the incident, ensuring root cause analysis (RCA) and lessons learned are tracked.
- Conduct quarterly Firewall rule reviews and identify misconfigurations, insecure protocols, and overly permissive rules. Work with the network team and business owners to evaluate the impact of remediation and mitigate risks.
- Support Cybersecurity Office in audits and compliance reporting. Such involves performing procedures for critical controls in collaboration with system owners to ensure regulatory compliance.
- Collaborate with and provide advice to Cybersecurity team on best practices and assist with awareness of Cybersecurity from a regulatory and industry perspective. Attend workshops with industry peers and exchange information on emerging technologies and controls.
- Other Duties as Required.
EDUCATION
- 4 years of University degree in an appropriate field such as Computer Science plus 1 year of further concentrated study in Cybersecurity programs.
QUALIFICATIONS
- A period of over 6 years and up to and including 8 years is considered necessary to gain this experience.
- Hands on experience or knowledge and understanding of NERC CIP requirements or equivalent standards would be an asset.
- Requires an advanced knowledge of computer sciences and cybersecurity, including in-depth understanding of security best practices, risks and technologies, and the solutions to address those risks.
- Requires knowledge gained through security and other training organizations, such as Information Systems Security Certification Consortium (ISC2), SysAdmin Audit Network and Security (SANS), or Information Systems Audit & Control Association (ISACA), to investigate threats to information technology systems applications, and networks, and assess, evaluate, and recommend additions, modifications or replacement.
- Requires a good knowledge of communications, both oral and written, prepare procedures and playbooks and communicate effectively with others.
- Requires practical experience working in cybersecurity operations, including email and mobile, device management and public cloud environments to understand security threats, trends, risks and possible methods and technology solutions to counter them.
- Requires experience to have gained an understanding of various vulnerability assessments, threat vectors, methodologies, and social engineering techniques to ensure events are categorized correctly and remediated in a timely manner.
- Requires experience and familiarity with various cyber security systems and tools.
- Experience managing stakeholder communications (internal & external) would be an asset.
The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.
What Makes a Career at OPG Different?
As Ontario’s largest clean energy generator, we’re building, expanding, and innovating the equipment and technology that keeps Ontario powered with clean, reliable energy.
At OPG, our values are our strengths. They are fundamental truths about our organization that don’t change:
Safety – it’s our business.
Integrity – always lead with integrity.
Excellence – never satisfied with good enough.
Inclusion – working together for powerful outcomes.
Innovation - creativity accelerates possibility.
Here's why OPG might just be the ideal workplace for you:
- Exceptional range of opportunities province-wide
- Long-term career growth and development opportunities
- Electricity is vital to the province and OPG’s clean electricity is helping decarbonize other sectors.
Our promise to you:
- We care about the safety and the well-being of our employees. It is our utmost priority.
- A supportive work environment where you can be your best every day.
- Opportunities to stretch and develop.
- Offer different ways for you to give back to the communities where we operate.
- Partner with Indigenous communities and support local businesses.
- We support employment equity, diversity, and inclusion.
Are you ready to start a career that has the power to electrify life on and off the job? Apply now.
APPLICATION PROCESS
Please submit your application online at https://jobs.opg.com/ by 11:59 PM E.S.T. August 27, 2024. OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.
#LI-Hybrid
.
The base salary range considers many factors including, but not limited to experience, education, and training, including any collective agreement requirements for union represented positions. It is not typical for the salary to be offered near the top of the range, and salary is dependent on numerous factors. For management roles, the base salary range does not represent the total compensation package. The total compensation package for regular full-time management roles includes pay-for-performance programs for annual and medium time periods. Maintaining a high-performance culture and excellence is a core expectation of every member of our leadership team and is rewarded through the established compensation framework.
OPG is committed to employment equity. As such, we encourage applicants from equity-seeking communities (Indigenous Peoples, racialized persons, persons with disabilities, and women). We strongly believe that alleviating the under-representation of equity-seeking individuals will create a stronger OPG team and allow us to better serve the needs of our diverse communities.
In order to fulfill the above-mentioned purpose, priority in hiring may be given to qualified persons who self-identify as a member of equity-seeking groups as identified in the application process. This initiative constitutes a special program under the Human Rights Code/Canadian Human Rights Act.