Search
Close this search box.
IPSS logo small alt

Senior Specialist Critical Infrastructure Protection

Job ID:                            COT-2023-17

Job Title:                      Senior Specialist Critical Infrastructure Protection

Division:                       Office of the Chief Information Security Officer

Reports To:                  Manager Critical Infrastructure Protection

Salary Range:            $143K + 15% premium paid quarterly.

Work Location:         55 John Street, Toronto

Job Type:                      Permanent Full Time

Shift Information:  Monday to Friday, 35 hours work week

JOB SUMMARY:

To provide cybersecurity expertise, strategic advice, senior level guidance and operational support to Office of the CISO and its clients in the development, acquisition, delivery, sustainment and protection of critical infrastructure, and the operational and emerging technologies increasingly used in industrial automation and control environments. 

To engage with teams across the organization to build alignment on key projects and initiatives and develop execution roadmaps.

To support the execution of the Chief Information Security Officer’s (CISO) mandate, cyber vision and strategy, providing technical and business advice, support and services to  City divisions, agencies and corporations.

MAJOR RESPONSIBILITIES:

  • Serves as the internal/external client relationship point of contact and subject matter expert with Critical Infrastructure/other City Divisions as appropriate.
  • Works with Divisional clients and other stakeholders to identify, analyze and plan for mitigation of cyber risks related to Critical Infrastructure. Escalates significant cyber risk matters within Office of the CISO and/or to appropriate senior management when required.
  • Works with Operational Technologies (OT) stakeholders and others to improve current state and develop target state architecture solutions for critical infrastructure and emerging technologies that will assist to detect, monitor, and predict cyber risk.
  • Recommends Operational Technologies (OT) security architecture controls to ensure at minimum, the availability of operational systems and life safety systems are assured, as well as authenticity, non-repudiation, and principle of least privilege in place commensurate with cyber risk requirements relevant to the security zone/OT environment.
  • Works with internal and external stakeholders to conduct cyber reviews and assessments of OT technologies in targeted processes across all areas of the organization.
  • Collaborates with teams across all areas of the organization to understand the business direction and consequent impact on the security posture of the existing OT.
  • Develops and maintains an understanding of the current state of the OT information security environment, including gaps and risks, and identifies and leads opportunities for improvement.
  • Develops roadmaps for information security technology solutions in OT and provides recommendations to stakeholders and service providers to address issues.
  • Leads the technical integration between information technology and OT requirements, including supporting the identification of data point connections for metrics and reporting.

QUALIFICATIONS/CERTIFICATIONS:

  • Post-secondary degree in Engineering or Technology or a related discipline
  • Over 6 years’ experience in Information Security.
  • In-depth knowledge of industry standards and best practices, especially related to industrial environments in the cyber security space.
  • Experience in conducting Gap Analysis, Cyber Risk Reviews / Assessments of Systems and Solutions, Defining and evaluating cybersecurity requirements at architecture and design level
  • Extensive experience with Industrial Control Systems, PLCs, and SCADA Systems
  • Technical expertise in IT/OT integration and convergence.
  • Familiar with process safety risk, process hazard analysis, control system analysis, and layer of protection analysis.
  • Expertise in security protection solutions including firewall, intrusion detection and protection systems, web application firewalls, anti-virus, and security monitoring solutions.
  • Preferred Certifications (any in the list): CISSP, CTIA IoT or other OT cyber standards certification/training, CCSP, CISM

SKILLS:

  • Ability to work in transformative programs.
  • Ability to lead efficient communication between all project stakeholders, including internal teams and clients
  • Ability to achieve business objectives through influencing and effectively working with key stakeholders.
  • Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors.
  • Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
  • Keen attention to detail and strong organizational skills.
  • Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.
  • Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
  • Strong analytical skills and ability to prioritise and multitask.
  • Ability to prioritize and effectively manage competing priorities and projects.
  • Ability to manage multiple initiatives while adhering to strict deadlines.
  • Able to work extremely well under pressure while maintaining a high level of professionalism
  • Self-motivated person with desire to go above and beyond tasks
  • Transferable skills, like communication and decision-making, are equally important.
  • Being able to think on your feet and show good judgment are especially valuable in this field. “Security pros should always be ready to react to cyber-related incidents quickly.

ADDITIONAL COMMENTS/INFORMATION:

A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity and Inclusion

The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

ACCOMMODATION

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.

If this role is of interest to you, please submit your resume to recruiting@ipss.ca.

IPSS logo small alt

Ottawa Office

Toronto Office

Calgary Office

eNEWS sign up

Subscribe for the latest news, events, and updates from iPSS
Sign up
CCAB member logo web
Scroll to Top

eNEWS Signup