Cyber Security Specialist Jobs

Status: Regular Full time

Working Conditions: Hybrid (3 days in office)

Education Level: 4 years of University degree in an appropriate field such as Computer Science plus 1 year of further concentrated study in Cybersecurity programs.

Location: Toronto, ON

Shifts(s): Days

Travel: No

Deadline to Apply: June 29, 2023

BE THE GENERATION to help build a brighter tomorrow.

OPG continues to set the bar for environmental protection, community involvement and economic impact—all while safely keeping the lights on.

Now we’ve set our sights on being a net-zero carbon company by 2040 and a catalyst to help the economies where we operate achieve net-zero by 2050.

OPG operates a diverse portfolio of generation assets including nuclear, hydroelectric, biomass and solar. We are also a clean tech leader and innovator, offering challenging and unique work opportunities. Help us use our power to change the world. 

NEW CAMPUS: In late 2024, OPG is establishing our new campus at 1908 Colonel Sam Drive, Oshawa, Ontario. The new campus will provide a cutting-edge work environment that fosters collaboration and innovation.

Job Overview

Ontario Power Generation (OPG) is looking for dynamic, strategic, and results-driven professional to join our team in the role of Cyber Security Specialist.

Reporting to the Senior Manager, Cyber Security Operations, the Cyber Security Specialist is accountable to provide leadership and participate as a member of the Cybersecurity team by tracking and investigating security threats and driving remediation strategies, that includes creating reports, authoring playbooks, and maintaining compliance to cybersecurity policies. Be required to keep abreast of up-to-date developments and trends in cybersecurity management information systems, networks, and computer applications.

This is an exciting opportunity to work in an environment where you will contribute to OPG’s public outreach, engagement, and education efforts as part of the company’s commitment to growing its social license.

 

Key Accountabilities 

 

• Conduct studies, identify emerging threats, tactics, and procedures, and collaborate with internal and external teams to share trends and provide actionable threat intelligence.
• Provide input to and maintain compliance to policies, standards, and procedures. Work with other team members to provide up to date information to stakeholders.
• Maintain an in depth understanding of Threat Assessments, Risk Management, and Incident Response.
• Apply a sound understanding regarding the design of OPG’s Business Unit networks, applications, and external connections to provide an effective service, including attack surfaces and critical vulnerabilities.
• Create reports for key metrics and deliverables for Cybersecurity Operations and present to senior management, as assigned. Identify opportunities for improvement and work with stakeholders on implementation.
• Support Cybersecurity Office in audits and compliance reporting. Such involves performing procedures for critical controls in collaboration with system owners to ensure regulatory compliance.
• Conduct application, host, and network log analysis to identify incidents for insecure configurations and incidents. Working with internal/external teams and system owners to drive remediation and arrive at solutions that maintain business continuity.
• Drive remediation of vulnerabilities across the network by working with internal/external teams and system owners to mitigate based on a risk-based approach, that could require the business to upgrade or disable features. Provide system owners with accurate action plans and follow up on implementation.
• Utilize Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR) and other tools to track and investigate threats within the Ontario Power Generation (OPG) information technology and systems environment in accordance with Corporate requirements and legal statutes.
• Conduct quarterly Firewall rule reviews and identify misconfigurations, insecure protocols, and overly permissive rules. Work with the network team and business owners to evaluate impact of remediation and mitigate risks.
• Support or lead incident response lifecycle. Work with internal/external Incident Response leads, and advise on decisions during or after the incident, ensuring root cause analysis (RCA) and lessons learned are tracked.
• Work in collaboration with multiple teams across the organization to optimize procedures and processes based on events and incidents to ensure continuous improvement in improving detection and response. Keep up to date with assets, configurations, and design of the environment.
• Identify and support the development of processes and procedures to improve monitoring, detection, and response to threats.
• Collaborate with and provide advice to Cybersecurity team on best practices and assist with awareness of Cybersecurity from a regulatory and industry perspective. Attend workshops with industry peers and exchange information on emerging technologies and controls.
• Other Duties as Required.

EDUCATION

 

• 4 years of University degree in an appropriate field such as Computer Science plus 1 year of further concentrated study in Cybersecurity programs.

 

Qualifications

 

• Requires knowledge gained through security and other training organizations, such as Information Systems Security Certification Consortium (ISC2), SysAdmin Audit Network and Security (SANS), or Information Systems Audit & Control Association (ISACA), to investigate threats to corporate information technology systems applications, and networks, and assess, evaluate, and recommend additions, modifications, or replacement.
• Requires experience with OPG to become familiar with and be able to assess the operation and function of applicable management systems, networks and applications, and Search Information and Event Management (SIEM) tools such as Microsoft 365 Azure Sentinel, Defender and the like, MacAfee and other OPG tools.
• Requires a good knowledge of communications, both oral and written, prepare procedures and playbooks and communicate effectively with other.
• Requires an advanced knowledge of computer sciences and cybersecurity, including in-depth understanding of security best practices, risks and technologies, and the solutions to address those risks.
• Minimum of 6-8 years of experience in a similar role.
• Requires practical experience working in cybersecurity operations, including email and mobile, device management and public cloud environments to understand security threats, trends, risks and possible methods and technology solutions to counter them.
• Requires experience to have gained an understanding of various vulnerability assessments, threat vectors, methodologies, and social engineering techniques to ensure events are categorized correctly and remediated in a timely manner.
• Requires experience to become familiar with the contacts and resources to facilitate the work function and with procedures and policies governing product/equipment acquisition and approval levels.

The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.

WHY OPG?

As Ontario’s largest clean energy generator, OPG offers an exciting combination of challenging opportunities and career diversity in a fast-paced work environment. Being an OPG employee means you can apply your knowledge, broaden your skills, and make a valuable contribution to an organization that is vital to the province’s wellbeing.

At OPG, our values are our strengths.  They are fundamental truths about our organization that don’t change.  Safety. Integrity. Excellence. People and Citizenship.  

Here's why OPG might just be the ideal workplace for you:

• Long-term career growth and development opportunities
• Electricity is vital to the province and OPG’s clean electricity is helping decarbonize other sectors.
• Exceptional range of opportunities province-wide

If you are looking to learn from others and be part of something important, and you are excited about the future of power generation, you will find the right fit at OPG.

Our Promise To You

• Partner with Indigenous communities and support local businesses.
• We care about the safety and the well-being of our employees. It is our utmost priority.
• Offer different ways for you to give back to communities where we operate.
• Opportunities to stretch and develop.
• A supportive work environment where you can be your best every day.
• We support employment equity, diversity, and inclusion.

APPLICATION PROCESS

Please submit your application online at https://jobs.opg.com/ by 11:59 PM E.S.T. June 29, 2023.  OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.

ACCOMMODATIONS

OPG is committed to fostering an inclusive, equitable, and accessible environment where all employees feel valued, respected, and supported. If you require accommodation during the application or interview process, please advise us as soon as possible so appropriate arrangements can be made.

If you require information in a format that is accessible to you, please contact [email protected]