Status: Regular Full Time
Education Level: 4 year university degree in Computer Science, Information technology or related fields.
Working Conditions: Hybrid
Location: Toronto/Clarington, ON
Shifts(s): Days
Travel: Yes- 10%
Deadline to Apply: November 13th 2022
OPG continues to set the bar for environmental protection, community involvement and economic impact all while safely keeping the lights on.
Now we've set our sights on being a net-zero carbon company by 2040 and a catalyst to help the economies where we operate achieve net-zero by 2050.
OPG operates a diverse portfolio of generation assets including nuclear, hydroelectric, biomass and solar. We are also a clean tech leader and innovator, offering challenging and unique work opportunities. Help us use our power to change the world.
New! In 2024, Ontario Power Generation (OPG) is establishing a new corporate headquarters on a campus setting in the Municipality of Clarington located within Durham Region. The new campus will include the existing Darlington Energy Complex located just south of Highway 401 and a new building to be constructed on adjacent land presently owned by OPG.
BE THE GENERATION to help build a brighter tomorrow.
JOB OVERVIEW
Ontario Power Generation (OPG) is looking for dynamic, strategic and results-driven professional to join our team in the role of Junior Cyber Security Analyst, reporting to Senior Manager IT Services.
As a member of the Cybersecurity team, monitor systems to close real time alerts from security tools. Review and categorize phishing and spam reports, and provide support by assisting in remediation tasks. Prepare reports. Be required to assist in incident response and recovery activities, as assigned.
This is an exciting opportunity to work in an environment where you will contribute to OPG's public outreach, engagement and education efforts as part of the company's commitment to growing its social license
KEY ACCOUNTABILITIES
-
Track and action assigned alerts, and ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
-
Review and carry out analysis on email messages, such as phishing and spam reports. Ensure correct categorization and action. As required, communicate with users to investigate and provide feedback. Contact service providers, as necessary for further remediation/actions.
-
Conduct access control reviews on a case by case basis to systems and work with internal and external resources to update user control lists and provide reports.
-
Support internal/external Audit processes, working in collaboration with the Cyber Office.
-
Evaluate and approve/reject exemption requests as per corporate policy and standards. Provide guidance and information as to the risks involved with specific exemptions.
-
Monitor threat feeds and provide regular threat intelligence updates.
-
Maintain the vulnerability security digest and provide updates to relevant parties within Ontario Power Generation (OPG).
-
Assist in remediation tasks related to audits/penetration tests.
-
Assist in governance of security tools and configurations. As assigned, work with internal and external teams to maintain and update tool configuration and usage.
-
Carry out quarterly firewall rule reviews and identify misconfigurations, insecure protocols and overly permissive rules. Work with the network team and business to evaluate impact of remediation and mitigate risks.
-
Participate in internal and external table-top exercises related to cybersecurity.
-
Govern and/or manage tools such as Data Loss Prevention (DLP), CyberArk Endpoint Privilege Management (EPM) etc.
-
Support development of procedures for Cyber Operations.
-
Assist, as required, during Incident Response and Recovery activities.
-
As assigned, represent OPG Cyber in sessions for internal policy/projects and/or general updates for Security e.g. interface committee to explain the need for changes, based on feedback provided by users. Participate in external workshops with industry peers, representing and sharing operational issues/trends etc.
-
Apply understanding of environment and operational issues to work with external or internal parties to implement or optimize specific use cases which help improve detection and response.
-
Perform other duties as required.
EDUCATION
-
4 years of Bachelor/ University degree in Computer Science, Information Technology or related field.
-
Requires a knowledge of computer sciences including cybersecurity monitoring and reporting applications and technologies, to work effectively with cybersecurity operations to investigate threats, such as reviewing and action tracking phishing and spam events, and closing out real time alerts using security tools, a well as providing support to the Cyber team and other stakeholders.
-
Requires a good communications skill, both oral and written, to prepare reports and communicate effectively with others.
QUALIFICATIONS
-
Minimum of 4 years of practical cybersecurity experience, using security tools and applications, including cloud environments, such as Microsoft 365 suite of Security tools, MacAfee and the like to have gained a familiarity with monitoring and actioning alerts.
-
Requires experience to have acquired a working knowledge of phishing emails to analyze and categorize them.
-
Requires experience with OPG to become familiar with and be able to assess the operation and function of applicable management systems, networks and applications, internal and external contacts and resources, including procedures, standards and policies, and changes in technology to facilitate the work function.
The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.
Ontario Power Generation
700 University Ave
Toronto
Ontario Canada
www.opg.com
