Information Security Engineer

Our client has an immediate opening for an Information Security Engineer to join their team in Vancouver.

The organization has a rich 35 year history and they pride themselves on putting people first at the heart of their story and by attracting passionate people who enjoy long-term careers with the organization. Additionally, company offers a competitive compensation package including base salary, annual discretionary bonus, generous vacation package, Benefits from Day 1, RRSP match, fitness and transportation allowance and support continuous education.

The successful candidate will be accountable for serving as a subject matter expert on Information Security aspects related to OT architecture, networks and systems. This role will work cross-functionally with the business operational teams, IT Operations, and Information Security & Enterprise Architecture teams while managing a strong relationship with external partners.

Responsibilities:

This Information Security Engineering role has special emphasis on operational technology (OT) networks and awareness of the IT and cyber security requirements for operational environments.

IT & OT Systems, Network, Architecture & Security:

• Serve as a subject matter information security expert on OT systems, providing technical guidance and support on building technology systems.
• Work with business operational teams and IT Infrastructure on the design and implementation of secure and uniform OT architectures, systems, and networks.
• Work with a Security Operations Center (SOC) to investigate escalated Information Security related incidents as reported to the organization or identified with security tools and technologies.
• Perform root-cause analysis on Information Security related incidents and update or enhance procedures or controls to stop/mitigate future incidents.
• Evaluate the risk posture of IT & OT systems and infrastructure, including identifying potential threats, vulnerabilities, and business impacts. Develop risk mitigation strategies and work with customers to prioritize and address identified risks.
• Perform vulnerability assessments and assess gaps against standard IT & OT security controls; provide recommendations to address the gap, define the target state, and create a roadmap to achieve the target state.
• Develop and maintain detection and response solutions for OT environments.
• Develop and maintain IT & OT information security policies, standards, procedures, incident response procedures and playbooks.
• Collaborate on projects, change management processes, and risk management activities related to IT and OT.

Project Planning & Execution:

• Collaborate with stakeholders (including IT teams, operations teams, and management) on new developments and builds to integrate Information Security objectives, deliverables & success criteria.
• Develop detailed IT & OT Information Security project plans, including resource allocation, timelines & budget estimates.
• Coordinate IT & OT Information Security project activities, monitor progress & proactively identify & mitigate risks.

Experience and Characteristics:

• 4+ years' experience in Cybersecurity disciplines, including IT & OT governance, security operations, and developing OT security architecture. Demonstrated capability to build an IT & OT security strategy and work with others to ensure implementation meet expectations.
• Have a passion for making a difference as an OT security subject matter expert.
• CISSP, CISA or equivalent security certification
• Strong working knowledge of NIST or ISO and MITR security frameworks
• Strong understanding of ITIL frameworks and ITSM methodologies
• Experience with vendor selection and management.
• Demonstrated experience in designing and implementing IT & OT security systems in a property management, construction or similar industry is an asset.
• Bachelor’s degree in computer science or related discipline beneficial
• Strong written and verbal communication skills.
• Ability to work well in matrix organizations.
• Ability to work flexibly with others in a confident and collaborative manner.
• Independent thinker and self-starter, able to easily navigate a variety of stakeholders with diplomacy, thoughtfulness, and creativity.

Recommended:

Cyber Security for Control Systems post-diploma certificate

GICSP (Global Industrial Cyber Security Professional)