Cybersecurity Specialist

at  Halton Region

CYBERSECURITY SPECIALIST

Halton Region is committed to fostering a diverse, inclusive, and equitable workplace that reflects the communities we serve. We value, welcome and respect the unique perspectives and contributions of all individuals. We encourage applications from Indigenous Peoples (First Nation, Métis, Inuit), Black and racialized persons, persons with disabilities, women, and members of the 2SLGBTQ+ community. Accommodations are available at any point upon request for candidates participating in the selection process
Over the next 4 years, the Region’s goal is to become a Digital First organization that is committed to delivering high-quality services in the digital age. Our Digital Mission is to offer 125 of our most used customer-facing services and the top 50 internal processes and staff experiences as complete digital services by 2025.
Through collaboration, innovation, digital and information decision-making models, accountability, and partnerships, Halton Region aims to Build a Strong Digital Culture. The Region aims to invest in education, and training, celebrate and showcase successes and build a community of practice that will share knowledge and tap into individual skills.
There is no better time to join Halton Region as we transform our conventions and practices to better serve our community and employees.
As an employer of choice, Halton Region recognizes the many benefits of hybrid work arrangements including flexibility and better work-life balance for our employees. This position is eligible for our Hybrid Work Program.
Number of Positions: 2
Posting ID: 3903
Department: Digital & Information Services
Division: Digital Workplace & Technology
Pay Range: $88,790 - $118,367
Job Type: Permanent
Hours of Work: 35 hours per week
Work Location: 1151 Bronte Road, Oakville, Ontario
Employee Group: OCT
Posting Date: February 03, 2025
Application Deadline: February 23, 2025
Please be advised that the results of this competition may be used to fill subsequent vacancies of the same position within the next 18 months.
If you’re enthusiastic about the opportunity to work with Halton Region but don’t meet every qualification listed, we still encourage you to apply! This position may be eligible for an underfill opportunity for candidates who do not meet every qualification. We’re always on the lookout for exceptional talent to join our team!

JOB SUMMARY

Reporting to the Manager of IT security, this position role will work to fulfill and maintain the Halton Region’s Cybersecurity Strategy and Program by implementing security architectures and processes to mitigate risks and balance compliance (including legislative) and business objectives.
We are currently hiring for 2 Cybersecurity specialist with one role focusing on Cloud and Application security and the other SCADA/OT. You will be a member of a security team providing deliverables in your primary area of focus but also act as a backup for other members of the team

SKILLS & QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Technology or a related discipline.
• Industry qualifications - CISSP / CISA / CRISC / SABSA or similar.
• Technology specific certifications (MCSE, RHCE etc.) as a baseline proficiency requirement in one or more security/infrastructure/application solution implemented at Halton Region.
• 6+ years of experience managing enterprise class infrastructure in a multi/hybrid cloud environment that includes Azure (inclusive of Office365), AWS or other cloud.
• Strong knowledge of LAN/WAN configuration and design, VPN (SSL/IPSEC), firewalls (stateful to NGFW), wireless, especially Windows Active Directory and protocols such as DNS, TCP/IP, TLS etc.
• Experience with modern cloud infrastructure, network monitoring and management tools.
• Knowledge of current information security, audit and legal industry practices and standards, specifically ISO 2700x, NIST, COBIT, PCI-DSS, PIPEDA, PHIPA and ITIL.
• Understanding of information security principles and best practices (e.g., Zero Trust or ISF Standards of Good Practice for Information Security).
• Experience securing Building Automation Systems and other OT/SCADA technologies.
• Proficiency or familiarity with Application Security and offensive security techniques.
• Experience operating SIEM, MDR, Security tools for network and endpoint security, Next Gen Firewalls (Fortinet, Palo Alto), IPS/IDS.
• Third party vendor management – audit/assess partner organizations and potential vendors as a part of our third party risk management program.

• Identify, develop, and implement initiatives, policies, standards and procedures related to cybersecurity while balancing multiple requirements from various technology and line of business drivers to achieve operational efficiency while ensuring appropriate security.
• Act as additional resource for ongoing monitoring of threats that could compromise Halton Region’s security.
• Operationalize – Identify, protect, detect, respond and recover functions across various asset classes (data, devices, applications, users, network).
• Collaborate with escalations from the Region’s partner triaging process to conduct digital investigations into potential security incidents.
• Provide advisory services during security breach responses to senior management, line of business management, legal and emergency management to achieve best available technical outcome.
• Provide design/architecture and related guidance to digital transformation projects with cloud and application security elements or SCADA/OT elements.
• Conduct root cause analysis for technical and process related security issues to identify and recommend resolutions that minimize security issues in the future.