Analyst, Industrial Cybersecurity

at  Toronto Transit Commission

JOB INFORMATION

Requisition ID: 9326
Number of Vacancies: 1
Department: Information Technology Services (20000014) - Information Security Office (30000033)
Salary Information: $88,306.40 - $110,401.20

WHAT QUALIFICATIONS DO YOU BRING?

• University Degree in Computer Science, Information Security, Cybersecurity, or a related field as well as several years of cybersecurity experience as well as experience in Microsoft and Linux platform environment or the equivalent combination of education and experience.
• Demonstrate a current and working knowledge of Information Security best-practices, methodologies, and techniques.
• Experience dealing with security events related to malware, security log analysis (SIEM), EDR/MDR/NDR Tools, vulnerability and patch management, and the Incident Response (IR) process.
• Experience with intelligence analysis processes and cyber investigation.
• In-depth understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP and LDAP.
• Excellent written & verbal communications skills (communicating at all levels with internal & external stakeholders).
• Strong analytical, problem-solving and troubleshooting skills.
• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
• Any of the following certifications will be an asset:
  o Certified Information Systems Security Professional (CISSP)
  o Certified Information Security Manager (CISM)
  o Systems Security Certified Practitioner (SSCP)
  o Certified Information Systems Auditor (CISA)

Reporting to the Director, Industrial Cybersecurity, the Analyst Industrial Cybersecurity provides support for Operational Technology (OT) throughout the enterprise. With the accountability for providing technical support and services on all operational technology related initiatives, this role works closely with various OT and business subject matter experts to ensure appropriate security controls are in place to address identified enterprise security risks.
General responsibilities of this position include OT security governance, providing budgetary estimates, conducting audits, providing visibility into OT risks, OT business continuity, conducting OT based cybersecurity maturity assessments and setting up cybersecurity standards and policies related to OT infrastructure and technologies.
Ensures compliance to standards throughout the organization and remaining up to date on all matters relevant to security technology issues. Works with key internal OT groups and external security vendors to support the effective OT cybersecurity initiatives for the TTC.
The incumbent is also responsible for promoting a culture of cybersecurity throughout the TTC.
You will be responsible for OT Security Governance, Maturity Assessments, Audits, and Compliance and OT Risk management where you will contribute to OT maturity assessments based on industry leading frameworks such as NIST 800-82 or IEC 62443 across people, process and technology domains, prepare the findings report, share the results and provide visibility to senior leadership across the organization, contribute to setting security standards and policies for OT aligned with IT, provide OT assets security requirements in the following areas - routers, firewalls, LANs, WANs, VPNs, PLCs, HMIs, SCADA, investigate alerts, triage, perform deep dive and come up with proper action items and remediation plans, support incident handling as defined in playbooks and standard operating procedures and follow-up on remediation actions and maintain knowledge of current cyber threat actor tools, techniques, and procedures (TTPs).
You will also be responsible for Vulnerability management and Patching Cadence and Incident Response where you will contribute to running scans across the network for various IT assets recommend patches needed to maintain the currency of the underlying systems, work closely with the OT teams to do deploy patches for vulnerabilities across all asset classes and generate reports for patching cadence, support cyber incident response actions to ensure proper assessment, containment, mitigation and documentation, participate as part of a larger incident response team, providing analysis and support to the incident commander for large investigations and take ownership of investigation, provide relevant analysis and reporting, and coordinate remediation for small security incidents and perform advanced network forensics, including, but not limited to, network logging, network anomaly and Packet Capture (PCAP) analysis.
In addition to the above you will be responsible for treating passengers and/or employees with respect and dignity and ensuring the needs of passengers or employees with disabilities are accommodated and/or addressed (if applicable and within their area of responsibility) in accordance with the Ontario Human Rights Code and Related Orders so that they can fully benefit from the TTC as a service-provider and an employer and perform related duties as assigned.