Job Description

Marketing Statement

-----------------------




Join a company that has been a part of moving Metro Vancouver for over 35 years.



British Columbia Rapid Transit Company Ltd. (BCRTC) maintains and operates the Expo and Millennium SkyTrain Lines from our central facilities in south Burnaby. Our services connect downtown Vancouver to the cities of Burnaby, New Westminster, Coquitlam, Port Moody and Surrey. With the future expansion of both the Expo and Millennium Lines gathering pace, infrastructure renewal and new asset acquisition projects underway, this is an exciting time to join our team of over 1,200 dedicated employees, working on one of the longest fully-automated rapid transit systems in the world.



Our work encompasses roles such as administration, engineering, elevator and escalator maintenance, field operations, vehicle maintenance, and wayside (station and guideway) maintenance.



When you work for SkyTrain, not only will you help move Metro Vancouver, you will also have access to comprehensive benefits including paid vacation, medical benefits, transit passes, training and more. We are a proud equal opportunity employer, committed to a diverse and inclusive workforce.



Come explore what makes us one of BC's Top Employers!

Responsibilities

--------------------




PRIMARY PURPOSE



In collaboration with the Systems Manager, provides comprehensive guidance and expertise to BCRTC in cybersecurity governance and planning to enhance the maturity of the security program and safeguard BCRTC's operational systems against evolving threats. Works with senior stakeholders and consultants to address critical issues, ensuring the confidentiality, integrity, and availability of the OT environment to maintain a safe, secure, and reliable revenue service.



KEY ACCOUNTABILITIES



Manages vulnerability assessments and penetration testing on Operational Technology systems to identify potential security risks and provides direction for remediation. Manages and executes BCRTC's Incident Response Plan for cyber-attacks in the role of Cyber Security Incident Manager.



Collaborates with internal and external stakeholders regarding OT cyber incident responses, determining appropriate courses of action and ensuring thorough investigation of OT security breaches and incidents to identify root causes, sources, methods, and resulting damage. Reviews security event reports, determines the need for further investigation, and escalates to the relevant authority. Leads any necessary full reviews and reporting for BCRTC.



Manages the Operational user security awareness campaign strategy and framework in alignment with BCRTC security policies, standards, and best practices.



Supports the development of cyber threat modeling and business impact analysis to ensure the environment is adequately protected with appropriate cybersecurity measures, tools, and controls.



Supports the Systems Manager in developing Key Performance Indicators (KPIs), Key Risk Indicators (KRIs), and Cyber Risk dashboards to continually monitor, report on, improve, and mature BCRTC's OT security posture.



Supports and leads as required, the development and implementation of processes to assess and monitor the effectiveness of OT Security, Risk, and Control procedures, ensuring adherence to standards and policies as appropriate.



Ensures compliance with government and rail industry regulatory OT/IT security requirements, BCRTC OT security policies and standards, programs, and activities. Oversees BCRTC OT risk management, maintaining risk registries, and implementing controls to mitigate identified risks.



Represents BCRTC OT security programs in internal and external interactions with diverse constituencies, including project teams, market participants/customers, regulators, public/private sector security specialists, auditors, and law enforcement.



Maintains up-to-date knowledge of industry best practices, new security threats, and emerging technologies to ensure the effectiveness and currency of cybersecurity measures.



Advocates and actively promotes a culture of OT Cybersecurity best practices and awareness throughout BCRTC's maintenance and operations divisions. Establishes strong partnerships with maintenance and operations teams to promote good security practices across corporate OT infrastructure and platforms. Enhances OT security awareness throughout BCRTC.



Provides expert advice and makes final decisions on the acquisition and implementation of new OT security technologies, vendors, and services. Plans and manages the budget for OT security technologies, projects, and activities.



Works with the cyber security team in TransLink to ensure alignment with enterprise objectives.



Manages a wide-ranging set of strategic relationships with vendors and consultants to enhance BCRTC's OT Cybersecurity posture.



Manages Systems Security staff; provides mentorship, coaching, and leadership and overseeing recruitment, selection, development, coaching, performance, and other people management practices.

Qualifications

------------------




EDUCATION AND EXPERIENCE



The qualifications for this role are typically obtained by earning a University Degree in fields such as Computer Science, Computer Forensic & Cyber Crime Studies, or a related discipline. Additionally, a minimum of 8 years of advancing experience in information security, cyber security, and risk management is necessary, preferably at a senior technical or management level within large public sector organizations. Possession of certifications like CISA, CISM, CISSP, ISO27001/2, or equivalent is a mandatory requirement.



OTHER REQUIREMENTS



Advanced expertise in supporting and resolving issues related to network assets.



Advanced comprehension and proficiency in overseeing People, Processes, and Technology within the context of Cyber Security in an Operational Technology (OT) environment.



Advanced expertise in Network Segmentation and segregation.



Advanced understanding of Systems and OT Supply Chain, as well as tools applied to the controls of OT standards and Frameworks.



Excellent understanding of incident response technical fundamentals, theories, and terminology (such as Kill Chain, Mitre TTPs, threat actors).



Excellent understanding of response activities, including scoping, sweeping, containment, remediation planning, and investigation.



In-depth knowledge of security operations, processes, procedures, and controls.



Proficient knowledge of network protocols, threat hunting, discovery missions, reconnaissance, and intelligence gathering.



Strong familiarity with security and incident response in SCADA/ICS and Operational Technology.



Applied experience and comprehension of industry standards and frameworks (e.g., NIST CSF, CIS, APTA).



Experience and working knowledge across multiple information and security domains, including privacy, OT operations, ICS, security platform administration and integrations, offensive security, audit, and risk.



Excellent written and verbal communication skills, along with effective presentation and problem-solving abilities, enabling seamless interaction with peers, internal customers, and vendors.



Excellent problem-solving skills utilized for developing creative and appropriate solutions to complex problems.



Sound planning, organization, and time management skills.



Strong interpersonal skills encompassing conflict management and mentoring.



Ability to influence others or facilitate problem/business issue resolution, incorporating negotiation skills when necessary.

Other Information

---------------------




Recruitment Process: An applicant will be required to demonstrate their suitability for this position by meeting the minimum level of qualifications and experience in order to be invited into the selection process. A standard interview format will be used including general, scenario and behavioural descriptive interview questions.

Work Schedule

-----------------




37.5 hours per week.

Work Designation

--------------------




Resident



This position works predominately on-site

Rate of Pay

---------------




The salary for this position ranges from $107,200 - $160,800 per annum . Actual salary offered will be based on education, experience, skills, and qualifications as they relate to the role.



We aim to provide competitive pay that reflects your professional background and expertise. We want to ensure our offer will align with your strengths considering experience, skills, and internal equity to offer a fair and equitable salary. The Total Compensation Package, which includes Extended Health, Dental, Transit Pass and enrollment in the Public Service Pension Plan as well as other employment offerings will be discussed in detail as your application progresses.

How to Apply

----------------




Please click the 'Apply' button at the top right corner or go to http://www.translink.ca/careers to apply for this position and view instructions on the process.



INSTRUCTIONS: Please save your (1) cover letter, and your (2) resume as one pdf document prior to uploading your application on-line.



Posting Date: September 08, 2025

Closing Date: Open until filled



Please note that only those short listed will be contacted.



Having trouble applying? Please view the System Requirements & FAQ's by going to http://www.translink.ca/careers.

Equal Employment Opportunity

--------------------------------




SkyTrain is committed to employment equity and building a diverse workforce, representative of the customers we serve and the many communities in the Metro Vancouver region. We welcome and encourage Indigenous applicants, people of colour, all genders, 2SLGBTQ+ and persons with disabilities to apply. Learn more about TransLink's commitment to to equity, diversity and inclusion.



Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email us at jobs@translink.ca.