Senior Analyst, Industrial Cybersecurity

at  Toronto Transit Commission

JOB INFORMATION

Requisition ID: 9328
Number of Vacancies: 1
Department: Information Technology Services (20000014) - Information Security Office (30000033)
Salary Information: $101,719.80 - $127,218.00
Pay Scale Group: 10SA
Employment Type: Regular
Weekly Hours: 35 Off Days: Saturday and Sunday Shift:
Posted On: April 8, 2024
Last Day to Apply: April 21, 2024
Reports to: Director, Industrial Cybersecurity
The Toronto Transit Commission (TTC) is North America’s third largest transit system and has been recognized as one of the top places to work in the GTA. Guided by a forward-thinking strategic plan, the TTC’s vision is to be a transit system that makes Toronto proud. The TTC’s recruitment efforts are directly aligned to its mission of providing “a reliable, efficient, and integrated bus, streetcar and subway system that draws its high standards of customer care from our rich traditions of safety, service and courtesy.”

WHAT QUALIFICATIONS DO YOU BRING?

• University Degree in Computer Science, Information Security, Cybersecurity, or a related field as well as significant Cybersecurity experience and progressive experience in Microsoft and Linux platform environment or the equivalent combination of education and experience.
• Demonstrate a current and in-depth knowledge of Information Security best-practices, methodologies, and techniques.
• Progressive experience triaging security events related to malware, security log analysis (SIEM), EDR/MDR/NDR Tools, vulnerability and patch management, and the Incident Response (IR) process.
• Extensive experience with intelligence analysis processes and cyber investigation.
• In-depth understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP and LDAP.
• Excellent written & verbal communications skills (communicating at all levels with internal & external stakeholders).
• Strong analytical, problem-solving and troubleshooting skills.
• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
• Any of the following certifications will be an asset:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Auditor (CISA)

Reporting to the Director, Industrial Cybersecurity, the Senior Analyst Industrial Cybersecurity provides expertise for Operational Technology (OT) throughout the enterprise. With the accountability for providing technical expertise, support and services on all operational technology related initiatives, this role works closely with various OT and business subject matter experts to ensure appropriate security controls are in place to address identified enterprise security risks. Triages Analysts engaged in cybersecurity activities.
General responsibilities of this position include OT security governance, providing budgetary estimates, conducting audits, providing visibility into OT risks, OT business continuity, conducting OT based cybersecurity maturity assessments and setting up cybersecurity standards and policies related to OT infrastructure and technologies.
Ensures compliance to standards throughout the organization and remaining up to date on all matters relevant to security technology issues. Works with key internal OT groups and external security vendors to support the effective OT cybersecurity initiatives for the TTC.
The incumbent is also responsible for promoting a culture of cybersecurity throughout the TTC.
You will be responsible for OT Security Governance, Maturity Assessments, Audits, and Compliance and Risk management where in you will perform OT maturity assessments based on industry leading frameworks such as NIST 800-82 or IEC 62443 across people, process and technology domains, report the results and provide visibility to senior leadership across the organization, set security standards and policies for OT aligned with IT, investigate alerts, triage, perform deep dive and come up with proper action items and remediation plans, handle incidents as defined in playbooks and standard operating procedures and follow-up on remediation actions.
You will also be responsible for Vulnerability management and Patching Cadence and Incidence Response where in you will run scans across the network for various IT assets, recommend patches needed to maintain the currency of the underlying systems, work closely with the OT teams to do deploy patches for vulnerabilities across all asset classes and generate reports for patching cadence, create reports to showcase compliance to deployment of patches across IT asset classes, lead cyber incident response actions to ensure proper assessment, containment, mitigation and documentation, participate as part of a larger incident response team, providing analysis and support to the incident commander for large investigations and take ownership of investigation, provide relevant analysis and reporting, and coordinate remediation for small security incidents, perform advanced network forensics, including, but not limited to, network logging, network anomaly and Packet Capture (PCAP) analysis.
In addition to the above you will be responsible for treating passengers and/or employees with respect and dignity and ensuring the needs of passengers or employees with disabilities are accommodated and/or addressed (if applicable and within their area of responsibility) in accordance with the Ontario Human Rights Code and Related Orders so that they can fully benefit from the TTC as a service-provider and an employer and perform related duties as assigned.