48629
Apply now
Share this job

Please note that this is a hybrid position. Less than 25% of travel is expected in this role.

Do you want to experience the essence of a large organization in a company with a personal touch? Come and work with us! We are looking for creative, innovative, and collaborative people like you to join our team.
 

Take your ambitions to the next level

  • Perform cybersecurity Governance, Risk, and Compliance (GRC) activities for our nuclear clients, including:

    • Gap analyses;

    • Risk assessments and management;

    • Creating standards and procedures;

    • Developing cybersecurity training materials; and,

    • Providing organizational training as a Subject Matter Expert (SME).

  • Prepare and review technical documentation (e.g., assessment and reports);

  • Review the product or system-specific engineering documentation, including manufacturing manuals, instrumentation and control (I&C) and network drawings, to perform risk and control assessments;

  • Work independently as well as a member of a team in a project-based environment, as needed;

  • Complete client-specific Engineering Change Control (ECC) training to obtain the necessary qualifications to work on the station-specific deliverables;

  • Participate in cybersecurity research and development (R&D) activities, including software and hardware development;

  • Perform Factory Acceptance Testing (FAT) and Site Acceptance Testing (SAT) as required, diagnose issues and communicate solutions effectively;

  • Contribute to sales initiatives, including attending conferences, writing proposals, estimating and meeting with potential clients.

When it just clicks!

Does this sound like you?

  • Over four years of experience working in the field of cybersecurity, preferably in an operational technology (OT), I&C, or nuclear environment;

  • Post-secondary degree in computer science, engineering, information security, or any related field;

  • Knowledge of the cybersecurity CIA triad is required;

  • Working knowledge of NIST Cybersecurity Framework, NERC CIP, or CSA N290.7 Standard;

  • Working knowledge of the Purdue model;

  • Working knowledge of Industrial Control Systems (ICS), computer Operating Systems (OS) and Virtual Machine (VM) technologies;

  • Working knowledge of network architecture and basic networking concepts, such as communication protocols, network topology, transmission media, etc.;

  • Experience preparing client deliverables in the form of technical documentation;

  • Excellent oral and written communication skills;

  • Comfortable in client-facing environments.


Additional Qualifications

  • Professional Engineering designation (P.Eng.) would be an asset;

  • Cybersecurity-specific certifications would be an asset (Security+, GICSP, CISSP, ISA/IEC 62443, etc.);

  • Experience with OPG or Bruce Power ECC is a significant asset;

  • CSIS Level 2 security clearance (preferably at OPG or Bruce Power) is a significant asset;

  • Working knowledge of Harmonized Threat and Risk Assessment (HTRA) methodology would be an asset;

  • Working knowledge of firewall and network switch configurations would be an asset;

  • Working knowledge of ICS communication protocols, ICS security components, physical and logical hardening controls, etc., would be an asset.

Language skills:
  • English: Proficient
Apply now
Share this job