Principal Consultant, Industrial OT Cybersecurity
at WSP
Montréal, QC, Canada -
Start Date | Expiry Date | Salary | Posted On | Experience | Skills | Telecommute | Sponsor Visa |
---|---|---|---|---|---|---|---|
Immediate | 21 Jan, 2025 | Not Specified | 22 Oct, 2024 | 10 year(s) or above | Application Security,Visio,Modbus,Soft Skills,Telecommunications,Outlook,Communication Skills,Dnp3,Technical Qualifications,Microsoft Office,Profinet,Network Technology,Network Administration,Security,Iec,Reverse Engineering,Vulnerability,Design | No | No |
Required Visa Status:
Citizen | GC |
US Citizen | Student Visa |
H1B | CPT |
OPT | H4 Spouse of H1B |
GC Green Card |
Employment Type:
Full Time | Part Time |
Permanent | Independent - 1099 |
Contract – W2 | C2H Independent |
C2H W2 | Contract – Corp 2 Corp |
Contract to Hire – Corp 2 Corp |
Description:
THE OPPORTUNITY:
WSP is currently seeking an Industrial / OT Cybersecurity Principal Consultant to join our Cybersecurity Practice in Canada.
This job function reports into the OT Cybersecurity Practice Director and is a delivery-focused role for WSP major infrastructure projects and professional services mandates.
This role aligns with WSP’s “Future Ready” vision to become the industry leader in digital engineering and advisory services. WSP’s Industrial OT Cybersecurity Practice is formed of Engineers, Specialists, and Consultants who plan, design and implement strategies, frameworks and solutions to ensure the security of (CNI) critical national infrastructures. Our mission is to deliver digital infrastructures that are resilient and can be maintained as such throughout their life cycle. This is an opportunity to work with leading experts within the ICS/OT Cybersecurity Industry, build a cross-functional network of professionals, work in a high-performing, flexible, fun and inclusive environment.
TECHNICAL QUALIFICATIONS, EXPERIENCE, AND SKILLS:
- Networking, Telecommunications or Cybersecurity Engineering degree, or equivalent
- 10 years minimum experience in the application of one or more of the following areas:
- Major Infrastructure Projects discipline lead / Project Management – digital infrastructure
- Telecommunications / Network Technology
- Automation / SCADA / Control Systems
- Distributed Control Systems / Operational Technology
- The candidate will possess in-depth experience in the Industrial Cyber Security field with most recent experience having come from any of the following areas:
- Infrastructure / Engineering Project Program definition and execution – OT Cybersecurity
- Vulnerability Scanning and Penetration Testing
- Application security
- Malware Reverse Engineering
- Threat Intelligence
- Security Architecture and Secure-by-Design process
- Operational Technology/Industrial Control Systems Security
- Telecommunications and Network Security
- System or Network administration in a complex multi-national network
- Experience in the Rail & Transit sector for major multi-discipline (3P) projects is required
- Experience of bridging and managing the technical, schedule and commercial constraints at a project level in relation to OT Cybersecurity
- Applied knowledge of NIST guidelines, ISA/IEC 62443 standards suite, and ISO 270001 cyber security frameworks
- Fundamental understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.)
- IEC 62443, CISSP, CompTIA Security+, or SANS GICSP valid certification is required
INTERPERSONAL AND SOFT SKILLS:
- Excellent communication skills, both written and verbal.
- Proficiency in Microsoft Office, including Excel, Word, Visio, Project and Outlook.
- The ability to work effectively remotely within an extended team.
- The ability to understand responsibilities and willingness to be accountable of the work delivered.
- Ability to communicate complex Engineering and Industrial Cybersecurity concepts to non-technical decision makers
- Ability to work on multiple mandates simultaneously.
Responsibilities:
- Provide cybersecurity expertise and technical leadership for Industrial Control Systems (ICS) and Operational Technology (OT) environments.
- Act as the discipline lead for Industrial Cybersecurity within WSP major infrastructure projects, in complex multi-discipline and stakeholder environments, with a focus on the Rail & Transit domain.
- Lead the planning of all cyber security activities and resources needed for major infrastructure projects and / or focused client mandates, spanning the following aspects: early feasibility studies and strategic advisory, requirements management design, procurement, implementation, testing and commissioning, into operations & maintenance.
- Define the KPIs by which the project Cybersecurity framework will be measured and continually seek to improve Cybersecurity discipline framework through real-world deployment and application.
- Oversight and execution of WSP’s Cybersecurity project plans, to ensure the cyber resilience of the digital infrastructure through the following workstreams: governance & planning, tools and technologies, policies and procedures, and people & expertise.
- Lead on the execution of cyber security threat, vulnerability, and risk assessments by identifying all the critical assets, network connectivity and threat vectors, to define mitigation options and residual risk.
- Derive, cascade, and clarify cyber security requirements to the suppliers of digital technology and controls systems, and engage in the procurement activities to manage cyber risk in the supply chain.
- Perform, and lead project teams to perform, the necessary analysis to provide all the required evidence to support the project requirements and verification of security controls through the V-cycle assurance process.
- Liaise with engineering design, project management and construction teams to ensure the cyber security activities and requirements are being implemented by the project team and by the suppliers.
- Review cyber security submissions from suppliers, and designers, and provide detailed technical comments.
- Plan, prepare and implement a cyber security testing strategy to validate the resilience of the digital infrastructure Vs. external and internal threats.
- Manage client relationships and advise clients on recommended actions relating to active projects – to seize opportunities or mitigate risks.
- Deliver on critical path project activities and deliverables in allocated timescales to meet overall project deadlines.
- Identify opportunities for new work, and occasionally contribute to the development of bid materials and proposal exercises to support winning of new work.
REQUIREMENT SUMMARY
Min:10.0Max:15.0 year(s)
Information Technology/IT
IT Software - Network Administration / Security
Software Engineering
Graduate
Engineering
Proficient
1
Montréal, QC, Canada