Job Description

Location: Pickering, ON, CA, L1W 3J2



Req ID: 44983





Status: Regular Full time
Working Conditions: Hybrid Work Environment (3 days in office)
Education Level: 4 years of University degree in an appropriate field such as Computer Science plus 1 year of further concentrated study in Cybersecurity programs.
Location: Pickering, ON
Shifts(s): Days
Travel: 25%
Deadline to Apply: December 15, 2023.


Electrify your career and help build a brighter tomorrow.


Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders and change-makers. Join us to electrify life in one generation and build a sustainable future powered by our electricity, our ideas, and our people. Join OPG and make history.


Whether you work in the skilled trades or are a business professional, a career at OPG is an opportunity to electrify your life on - and off - the job.


ACCOMMODATIONS
OPG is committed to fostering an inclusive, equitable, and accessible environment where all employees feel valued, respected, and supported. If you require accommodation during the application or interview process, please advise us as soon as possible so appropriate arrangements can be made.


If you require information in a format that is accessible to you, please contact AODA@opg.com


NEW CAMPUS: This position is moving to OPG Corporate Headquarters: In Summer 2025, OPG will officially welcome employees to our new Corporate Headquarters located at 1908 Colonel Sam Drive, Oshawa, Ontario. This new space will enable teamwork, collaboration and innovation that will help us to achieve our mission to electrify life in one generation .


JOB OVERVIEW


Ontario Power Generation (OPG) is looking for dynamic, strategic, and results-driven professional to join our team in the role of Cyber Security Specialist.


Reporting to the Section Head \xe2\x80\x93 RG Operational Technology Cyber Security, this position is responsible to provide leadership and participate as a member of the Cybersecurity team by tracking and investigating security threats and driving remediation strategies, that includes creating reports, authoring playbooks, and maintaining compliance to cybersecurity policies. Be required to keep abreast of up-to-date developments and trends in cybersecurity management information systems, networks, and computer applications.


This is an exciting opportunity to work in an environment where you will contribute to OPG\xe2\x80\x99s public outreach, engagement, and education efforts as part of the company\xe2\x80\x99s commitment to growing its social license.


KEY ACCOUNTABILITIES

• Utilize Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) and other tools to track and investigate threats within the Ontario Power Generation (OPG) information technology and systems environment in accordance with Corporate requirements and legal statutes.
• Conduct application, host, and network log analysis to identify incidents for insecure configurations and incidents. Working with internal/external teams and system owners to drive remediation and arrive at solutions that maintain business continuity.
• Apply a sound understanding regarding the design of OPG\xe2\x80\x99s Business Unit networks, applications, and external connections to provide an effective service, including attack surfaces and critical vulnerabilities.
• Drive remediation of vulnerabilities across the network by working with internal/external teams and system owners to mitigate based on a risk-based approach, that could require the business to upgrade or disable features. Provide system owners with accurate action plans and follow up on implementation.
• Work in collaboration with multiple teams across the organization to optimize procedures and processes based on events and incidents to ensure continuous improvement in improving detection and response. Keep up to date with assets, configurations, and design of the environment.
• Create reports for key metrics and deliverables for Cybersecurity Operations and present to senior management, as assigned. Identify opportunities for improvement and work with stakeholders on implementation.
• Maintain an in depth understanding of Threat Assessments, Risk Management, and Incident Response.
• Conduct studies, identify emerging threats, tactics, and procedures, and collaborate with internal and external teams to share trends and provide actionable threat intelligence.
• Identify and support the development of processes and procedures to improve monitoring, detection, and response to threats.
• Provide input to and maintain compliance to policies, standards, and procedures. Work with other team members to provide up to date information to stakeholders.
• Support or lead incident response lifecycle. Work with internal/external Incident Response leads, and advise on decisions during or after the incident, ensuring root cause analysis (RCA) and lessons learned are tracked.
• Conduct quarterly Firewall rule reviews and identify misconfigurations, insecure protocols, and overly permissive rules. Work with the network team and business owners to evaluate impact of remediation and mitigate risks.
• Support Cybersecurity Office in audits and compliance reporting. Such involves performing procedures for critical controls in collaboration with system owners to ensure regulatory compliance.
• Collaborate with and provide advice to Cybersecurity team on best practices and assist with awareness of Cybersecurity from a regulatory and industry perspective. Attend workshops with industry peers and exchange information on emerging technologies and controls.
• Other Duties as Required.

EDUCATION

• 4 years of University in an appropriate field such as computer science plus 1 year of further concentrated study in cybersecurity programs.

QUALIFICATIONS

• A period of over 6 years and up to and including 8 years is considered necessary to gain this experience.
• Hands on experience or knowledge and understanding of NERC CIP requirements or equivalent standards would be an asset.
• Requires an advanced knowledge of computer sciences and cybersecurity, including in-depth understanding of security best practices, risks and technologies, and the solutions to address those risks.
• Requires knowledge gained through security and other training organizations, such as Information Systems Security Certification Consortium (ISC2), SysAdmin Audit Network and Security (SANS), or Information Systems Audit & Control Association (ISACA), to investigate threats to information technology systems applications, and networks, and assess, evaluate, and recommend additions, modifications or replacement.
• Requires a good knowledge of communications, both oral and written, prepare procedures and playbooks and communicate effectively with others.
• Requires practical experience working in cybersecurity operations, including email and mobile, device management and public cloud environments to understand security threats, trends, risks and possible methods and technology solutions to counter them.
• Requires experience to have gained an understanding of various vulnerability assessments, threat vectors, methodologies, and social engineering techniques to ensure events are categorized correctly and remediated in a timely manner.
• Requires experience and familiarity with various cyber security systems and tools.
• Experience managing stakeholder communications (internal & external) would be an asset.

The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.


What Makes a Career at OPG Different?


As Ontario\xe2\x80\x99s largest clean energy generator, we\xe2\x80\x99re building, expanding, and innovating the equipment and technology that keeps Ontario powered with clean, reliable energy.


At OPG, our values are our strengths. They are fundamental truths about our organization that don\xe2\x80\x99t change:


Safety \xe2\x80\x93 it\xe2\x80\x99s our business.
Integrity \xe2\x80\x93 always lead with integrity.
Excellence \xe2\x80\x93 never satisfied with good enough.
Inclusion \xe2\x80\x93 working together for powerful outcomes.
Innovation - creativity accelerates possibility.


Here\'s why OPG might just be the ideal workplace for you:

• Exceptional range of opportunities province-wide
• Long-term career growth and development opportunities
• Electricity is vital to the province and OPG\xe2\x80\x99s clean electricity is helping decarbonize other sectors.

Our promise to you:

• We care about the safety and the well-being of our employees. It is our utmost priority.
• A supportive work environment where you can be your best every day.
• Opportunities to stretch and develop.
• Offer different ways for you to give back to communities where we operate.
• Partner with Indigenous communities and support local businesses.
• We support employment equity, diversity, and inclusion.

Are you ready to start a career that has the power to electrify life on and off the job? Apply now.


APPLICATION PROCESS
Please submit your application online at https://jobs.opg.com/ by 11:59 PM E.S.T. December 15, 2023. OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.
#LI-Hybrid


.