Status: Regular Full time
Working Conditions: On site
Education Level: 4-year university degree in Computer Science, Information Technology or related fields.
Location: Toronto, ON
Number of Position(s): 2
Shifts(s): Days
Travel: Yes- 10%
Deadline to Apply: Sunday May 15th 2022
JOB OVERVIEW
Ontario Power Generation (OPG) is hiring a Senior Manager, Security Operations, this person will manage all operational aspects of our security program that includes but not limiting to vulnerability management, identity & access Management, incident response and data loss prevention. They will also have solid experience in information security technologies as well as excellent communication and interpersonal skills.
This is an exciting opportunity to work in an environment where you will contribute to Ontario Power Generation's continued growth and success in generating safe, clean, reliable low-cost power in a sustainable manner.
You will also have an opportunity to work in an environment where you will contribute to OPG's public outreach, engagement and education efforts relating to Information Security as part of the company's commitment to growing its social license.
KEY ACCOUNTABILITIES
- Manage a team of Information Security Operations professionals.
- Develop relationships with technical, operations, and business stakeholders to influence the adoption of security practices while meeting OPG's business goals.
- Maintain operational security posture through incident management, vulnerability management, hardening, key management, identity and access management, data loss prevention etc.
- Manage the day-to-day activities of threat and vulnerability management, recommend treatment plans and communicate information about residual risk.
- Enhance OPG's threat intelligence capability, conduct research on emerging threats and identify and deploy solutions to prevent such threats.
- Manage third-party security partners, ensure SLA's are met, and work in partnership to continuously improve security operations processes.
- Respond to security incidents, manage the process and escalate as required.
- Conduct investigations of alleged or potential breaches of security by staff and/or external groups and individuals, and provide advice on disciplinary matters regarding cyber security breaches. On behalf of management, prepare and issue reports, including making recommendations, attending meetings/grievances/arbitrations that may result as an outcome of investigations.
- Organize, participate in, and, if required, chair post-incident reviews for presentation to senior management.
- Develop and measure metrics to demonstrate efficiency and effectiveness of services being delivered.
- Document risk and mitigation controls, including policy/procedure updates.
- Participate in audits and assessments and provide support, as appropriate.
- Work closely with both the Security Architecture & Consulting Team, the Governance, Risk, and Compliance (GRC) Team and the Operational Technology Cybersecurity teams.
- Analyze established operational security controls and procedures and recommend improvements.
- Manage Security Operations projects, including process improvement and technology investments.
- Define and maintain the roadmap of program and technology changes driven by the Security Operations department.
- Evaluate appropriate tools for supporting the security operations function.
- Liaise with the Information technology and business continuity teams to Manage and deliver the Disaster Recovery Plan.
- Other Duties as Required
EDUCATION
- 4-year university degree in Computer Science, Information Technology or related field is an asset
- Cyber Security designation is a strong asset
- Requires an advanced knowledge of computer sciences and cybersecurity, including in-depth understanding of security best practices, risks and technologies, and the solutions to address those risks.
QUALIFICATIONS
- 7 + years of practical cybersecurity experience
- 4 + years of working as a Manager in Security Operations or in a similar capacity role
- Requires experience to become proficient in the work by handling a variety of jobs, problems and programs.
- Require experience to stay current on changes regarding security best practices, network and application security, identity and access management, mobile device technology and other security environments, to address problems and arrive at optimum plans and solutions.
The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.
Ontario Power Generation
700 University Ave
Toronto
Ontario Canada
www.opg.com
