Expert OT Security Architecture
2 months ago
The purpose of this role is to evaluate Operational Technology (OT) solutions, configurations, and designs against security requirements, and define cybersecurity reference architectures and standards for all OT environments at CN.
Main Responsibilities
OT Security Architecture Practice
·Put in place the proper sets of OT security architecture controls to ensure authenticity, non-repudiation, and least privilege commensurate with risk requirements.
·Ensure the OT security architecture is maintainable, sustainable and properly documented.
·Maintain and build relevant, current, valid and reliable team knowledge related to OT and Security Architecture to leverage existing cybersecurity infrastructure and process, where appropriate, while supporting Transportation, Mechanical and Network Ops functions in enacting risk-based security controls as part of a broader OT environment.
·Facilitate key decisions involving OT architecture and technologies.
·Advance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
·Ensure the full documentation of security designs, as built architectures and operational processes through clear diagrams and well-written documents.
OT Security Roadmap and Strategy
·Collaborate with the CISO, Sr Mgr OT Security Architecture, cybersecurity team, portfolio managers, other architects, and I&T leadership to understand the business direction and consequent impact on the security posture.
·Define the proper course of action and investment strategy by building business cases and security roadmaps.
·Engage the OT vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners.
·Continuously monitor and evaluate the environment through self-assessments and independent security reviews. Enable management to identify deficiencies and inefficiencies and to initiate improvement actions though security roadmap and strategies.
Requirements
Education/Certification/Designation
·Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, System Analysis or other relevant field
·At least one recognized security certification: Certified Information Systems Security Professional (CISSP), Global Industrial Cyber Security Professional (GICSP), ISA/IEC 62443 Cybersecurity Expert, etc.
·Architecture related certifications (TOGAF, Zachman, CISSP-ISSAP, etc.) preferred
Skills/Knowledge
·Ability to define and organise an architecture security apparatus in reusable building blocks: patterns, services, components, capability models, etc;
·Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological solutions that provide practical risk mitigation and business enablement;
·Strong knowledge of the processes, methodologies, tools and techniques, used for building large information technology systems;
·Proven experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations;
·Strong knowledge of the technologies and architecture principles required to build complex operational technology systems such as: Programmable Logic Controllers (PLCs); Supervisory Control and Data Acquisition (SCADA); Distributed Control Systems (DCS); Human Machine Interface (HMI); Industrial network ports and protocols (such as TCP/IP, UDP, DNP3, Modbus, IEC 61850, PROFINET, OPC, LonWorks, DALI, BACnet, KNX, EnOcean, etc.); etc;
·Deep understanding of ICS design considerations with emphasis on human safety and the availability/security of operating environment as well as threats, vulnerabilities, and exploits in ICS environments and appropriate mitigation techniques.
·Ability to derive security requirements from vaguely formulated business needs;
·Ability to interact with a broad cross-section of personnel to explain and enforce security measures
·Excellent written and verbal communication skills;
·Detail-oriented self-starter with a high level of commitment and personal motivation;
·Knack for prioritizing tasks and working in a fast-paced environment;
·Knowledge of standards, regulations and legislation governing Information Security, NIST, ISO 27001, OWASP, ISA 62443;
Experience
·Minimum 12 years overall IT work experience
·Minimum 8 years OT experience
·Minimum 5 years experience in OT security architecture experience
Assets (if applicable)
·Software development experience
·Experience with Agile and DevOps methodologies
·Knowledge of general IT security architecture and technologies including: service-oriented-architectures, mobile technologies including Mobile Device Management (MDM), data-centric design, advanced analytics, AI, Identity and Access Management (IAM) lifecycles, Digital Forensics, End Point Encryption, Encryption Key Management, Database Security, Enterprise Directory Services, IDS, IPS, Next Generation Firewall, Application Firewall, Enterprise Password Vaults , Cloud SaaS /PaaS/IaaS Security, SIEM, etc.
·Deep knowledge of security foundations: cryptography, Root of Trust, security models, etc.
·Experience with NGFW, VPN, IPS/BDS, vulnerability management, access management, SIEM, and endpoint security in OT environments
·Railroad, transportation, or Global industrial experience is a significant plus
Working Conditions
Occasional business travel (Canada and US) in accordance with CN policy.
This position is posted as a grade LEVEL 7. For internal candidates, note that the grade level of the position may adjust based on the employee's experience.
-
OT Security Specialist
6 days ago
Montreal, Quebec, Canada Hamilton Barnes Associates Limited Full timeHamilton Barnes Associates Limited is seeking a seasoned OT Penetration Tester to conduct comprehensive security assessments of industrial control systems (ICS), SCADA systems, and other critical infrastructure components.The ideal candidate will possess in-depth knowledge of OT systems, protocols, and cybersecurity best practices, along with strong ethical...
-
Digital OT Cybersecurity Expert
3 weeks ago
Montreal, Quebec, Canada WSP Global Inc. Full timeExpertise in Industrial Control Systems CybersecurityWe are seeking a seasoned Digital OT Cybersecurity Expert to lead our Industrial Control Systems (ICS) security initiatives. This expert will be responsible for providing strategic guidance and technical leadership on cybersecurity matters related to ICS environments, with the aim of enhancing cyber...
-
Industrial OT Cybersecurity Expert
3 weeks ago
Montreal, Quebec, Canada WSP Canada Full timeWSP Canada is currently seeking a highly skilled Cybersecurity Principal Consultant to join our industrial OT cybersecurity practice in Canada. This role will provide cybersecurity expertise and technical leadership for Industrial Control Systems (ICS) and Operational Technology (OT) environments.### Key Responsibilities:* Provide cybersecurity expertise and...
-
Expert en Architecture de Solution TI/OT IoT
3 weeks ago
Montreal, Quebec, Canada CHROME TECHNOLOGIES Full timeÀ propos de Chrome TechnologiesNous sommes une entreprise leader dans le domaine de l'informatique et des technologies opérationnelles, avec une expertise reconnue dans la conception et la mise en œuvre de solutions innovantes.Salaire estiméEntre 120 000 $ et 180 000 $ par an, selon l'expérience et les qualifications.Description du...
-
Senior Program Manager – IT
6 months ago
Montreal, Canada Kruger Inc. Full timePOSITION SUMMARY The Senior Program Manager, IT/OT, will manage complex projects related to IT and operational technology systems. He/she will leverage their extensive experience and expertise to lead all aspects of project scope, budget, and schedule. This role requires a deep understanding of IT and OT systems and technologies, project and program...
-
Director OT/ IT Security
6 months ago
Montreal, Canada Kruger Inc. Full timePOSITION OVERVIEW As a senior member of the IT team, the Director of OT & IT Security leads the information security function across the Company to ensure consistent and high-quality information security management in support of business goals.The incumbent determines the information security approach and operating model, in consultation with...
-
Principal Consultant, Industrial OT Cybersecurity
2 months ago
Montreal, Canada WSP Full timeWSP is currently seeking an Industrial / OT Cybersecurity Principal Consultant to join our Cybersecurity Practice in Canada.This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.This role aligns with WSP’s “Future Ready” vision to...
-
Advisory Services Lead, Industrial OT Cybersecurity
2 months ago
Montreal, Canada WSP Full timeAdvisory Services Lead, Industrial OT CybersecurityWSP is currently seeking an Industrial / OT Cybersecurity Advisory Services Lead to join our Cybersecurity Practice in Canada.This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.This role...
-
Enterprise Security Risk Assessment Expert
2 days ago
Montreal, Quebec, Canada NTT DATA Services Full timeAt NTT DATA Services, we're committed to fostering a culture of innovation and excellence. We're seeking a highly skilled Enterprise Security Risk Assessment Expert to join our team in Montreal, Quebec, Canada.We estimate the salary for this role to be around $120,000 per year, commensurate with experience.About the RoleThis is an exciting opportunity to...
-
Data Architecture Expert
3 weeks ago
Montreal, Quebec, Canada Intact Full timeTransforming Business through Innovative Data SolutionsWe are seeking a highly skilled Data Architecture Expert to join our team at Intact. As a key member of our Enterprise Architecture team, you will play a crucial role in shaping the future of our organization by designing and implementing cutting-edge data solutions.About the Role:Design and Implement:...
-
Principal Consultant, Industrial OT Cybersecurity
2 months ago
Montreal, Canada WSP Canada Full timeThe Opportunity:WSP is currently seeking an Industrial / OT Cybersecurity Principal Consultant to join our Cybersecurity Practice in Canada.This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.This role aligns with WSP's "Future Ready"...
-
Advisory Services Lead, Industrial OT Cybersecurity
2 months ago
Montreal, Canada WSP Global Inc. Full timeThe Opportunity:WSP is currently seeking an Industrial / OT Cybersecurity Advisory Services Lead to join our Cybersecurity Practice in Canada.This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.This role aligns with WSP’s “Future...
-
Cloud Security Expert
3 days ago
Montreal, Quebec, Canada Fivesky Full timeFivesky, a global technology solution provider, seeks a skilled Cloud Security Expert to join their team. **Job Summary:**The successful candidate will have 5–8 years of information security experience, with hands-on expertise in application and/or infrastructure security in an enterprise environment. They will possess advanced proficiency in AWS, AWS...
-
Spécialiste en cyber sécurité
2 months ago
Montreal, Canada oilandgas.org.uk Full timeJob DescriptionSpécialiste en cyber sécurité (ICS/OT)Vous êtes à la recherche d'une opportunité enrichissante en tant que spécialiste en cyber sécurité (ICS/OT)? Ce rôle correspond à la mission de AtkinsRéalis de transformer, d'adopter les technologies numériques et de garantir la croissance continue de ses capacités en cybersécurité...
-
Montreal, Canada WSP Full timeThe Opportunity: WSP is currently seeking an Industrial / OT Cybersecurity Advisory Services Lead to join our Cybersecurity Practice in Canada. This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates. This role aligns with WSP’s “Future...
-
Advisory Services Lead, Industrial OT Cybersecurity
2 months ago
Montreal, Canada WSP Canada Full timeThe Opportunity:WSP is currently seeking an Industrial / OT Cybersecurity Advisory Services Lead to join our Cybersecurity Practice in Canada.This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.This role aligns with WSP's "Future Ready"...
-
Advisor, Information Security Architecture
5 months ago
Montreal, Canada PSP Investments Full timeEXPERIENCE THE EDGE At PSP, we encourage our employees to grow, forge powerful relationships, contribute and fuel inspired investment launchpads. We are committed to a culture that fosters collaboration and allows us to think beyond, in an interconnected way. We advocate for our employees to speak-up, learn, experiment, share, and be part of an where...
-
Montreal, Quebec, Canada WSP Full timeAbout the OpportunityWe are seeking a highly skilled Senior Cybersecurity Professional to join our team as an Industrial OT Cybersecurity Advisory Services Lead in Canada.This role will involve providing cybersecurity expertise and technical leadership for Industrial Control Systems (ICS) and Operational Technology (OT) environments, increasing...
-
Spécialiste en cyber sécurité
3 months ago
Montreal, Canada AtkinsRéalis Full timeJob Description Spécialiste en cyber sécurité (ICS/OT) Vous êtes à la recherche d’une opportunité enrichissante en tant que spécialiste en cyber sécurité (ICS/OT)? Ce rôle correspond à la mission de AtkinsRéalis de transformer, d'adopter les technologies numériques et de garantir la croissance continue de ses capacités en...
-
Montreal, Quebec, Canada Software International Full timeAbout the RoleWe are seeking a seasoned Mainframe Security Expert to join our team at Software International. This is an exciting opportunity for an experienced professional to take on a key role in shaping our clients' mainframe security strategies.
