Senior Analyst, Industrial Cybersecurity

at  Toronto Transit Commission

JOB INFORMATION

Requisition ID: 9824
Number of Vacancies: 1
Department: Information Technology Services (20000014) - Industrial Cybersecurity (30000595)
Salary Information: $105,541.80 - $131,986.40
Pay Scale Group: 10SA
Employment Type: Regular
Weekly Hours: 35, Off Days: Shift:
Posted On: July 26, 2024
Last Day to Apply: August 16, 2024
Reports to: Director, Industrial Cybersecurity
The Toronto Transit Commission (TTC) is North America’s third largest transit system and has been recognized as one of the top places to work in the GTA. Guided by a forward-thinking strategic plan, the TTC’s vision is to be a transit system that makes Toronto proud. The TTC’s recruitment efforts are directly aligned to its mission of providing “a reliable, efficient, and integrated bus, streetcar and subway system that draws its high standards of customer care from our rich traditions of safety, service and courtesy.”

WHAT SKILLS DO YOU BRING?

Communicate in a variety of mediums
Demonstrate appropriate and effective interpersonal communications through various media
Apply analytical skills
Assess and manage corporate risk
Demonstrate specialized expertise and knowledge in the assigned field
Use office technology, software and applications

WHAT QUALIFICATIONS DO YOU BRING?

• University Degree in Electrical and Control Systems Engineering, Computer Science, Information Security, Cybersecurity, or a related field as well as significant Cybersecurity experience and progressive experience in industrial automation and control systems (PLC, RTU, HMI, SCADA, smart instrumentation, industrial switches, firewalls, protocol converters,…) within operational (OT/IIoT) environments or the equivalent combination of education and experience relevant to industrial cybersecurity practices including the design and implementation of prevention, detection and response capabilities
• Demonstrate a current and in-depth knowledge of Operational Technology (OT) and Industrial Internet of Things (IIoT) Security best-practices, methodologies, and techniques.
• Progressive experience triaging industrial cybersecurity events related to automation and control systems, malware, OT/IIoT security log analysis (SIEM), EDR/MDR/NDR Tools, OT/IIoT vulnerability and patch management, and the Incident Response (IR) process.
• Extensive experience with OT/IIoT intelligence analysis processes and cyber investigation.
• In-depth understanding of OT/IIoT networking principles including various industrial communication protocols within SCADA, TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP and LDAP.
• Excellent written & verbal communications skills (communicating at all levels with internal & external stakeholders).
• Strong analytical, problem-solving and troubleshooting skills.
• Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
• Any of the following certifications will be an asset:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Systems Security Certified Practitioner (SSCP)
• Certified Information Systems Auditor (CISA)

Reporting to the Director, Industrial Cybersecurity, the Senior Analyst Industrial Cybersecurity provides expertise for Operational Technology (OT) and Industrial Internet of Things (IIoT) throughout the enterprise. With the accountability for providing technical expertise, support and services on all operational technology related initiatives, this role works closely with various OT and business subject matter experts to ensure appropriate security controls are in place to address identified enterprise security risks.
General responsibilities of this position include OT security governance, providing budgetary estimates, conducting audits, providing visibility into OT risks, OT business continuity, conducting OT based cybersecurity maturity assessments and setting up cybersecurity standards and policies related to OT infrastructure and technologies.
Ensures compliance to standards throughout the organization and remaining up to date on all matters relevant to security technology issues. Works with key internal OT groups and external security vendors to support the effective OT cybersecurity initiatives for the TTC.
The incumbent is also responsible for promoting a culture of cybersecurity throughout the TTC.
You will be responsible for OT Security Governance, Maturity Assessments, Audits, and Compliance and Risk management where in you will perform OT maturity assessments based on industry leading frameworks such as NIST 800-82 or IEC 62443 across people, process and technology domains, report the results and provide visibility to senior leadership across the organization, set security standards and policies for OT aligned with IT, investigate alerts, triage, perform deep dive and come up with proper action items and remediation plans, handle incidents as defined in playbooks and standard operating procedures and follow-up on remediation actions.
You will also be responsible for OT/IIoT Vulnerability management and Patching Cadence and Incidence Response where in you will run scans across the network for various IT/OT/IIoT assets, recommend patches needed to maintain the currency of the underlying systems, work closely with the OT teams to do deploy patches for vulnerabilities across all asset classes and generate reports for patching cadence, create reports to showcase compliance to deployment of patches across OT/IIoT asset classes, lead cyber incident response actions to ensure proper assessment, containment, mitigation and documentation, participate as part of a larger incident response team, providing analysis and support to the incident commander for large investigations and take ownership of investigation, provide relevant OT/IIoT analysis and reporting, and coordinate remediation for small OT security incidents, perform advanced OT/IIoT network forensics, including, but not limited to, network logging, network anomaly and Packet Capture (PCAP) analysis.
In addition to the above you will be responsible for treating passengers and/or employees with respect and dignity and ensuring the needs of passengers or employees with disabilities are accommodated and/or addressed (if applicable and within their area of responsibility) in accordance with the Ontario Human Rights Code and Related Orders so that they can fully benefit from the TTC as a service-provider and an employer and perform related duties as assigned.