Senior IT/OT Security Analyst

at  Northland Power

Who We Are:
At Northland, we’re enablers of change, united by our journey to transform the energy sector into the foundation for a sustainable future.
Since our inception, we’ve been early movers in the energy industry, adopting new initiatives that pave the way for communities across the globe and helping forge their path towards a carbon-neutral landscape.
We’re a different kind of independent power producer. As developers, owners and operators who are at the forefront of the energy transition, we’re uniquely positioned to leave a lasting impact in the regions where we operate. We’ve expanded our business across Canada, the United States, Latin America, Europe and Asia to become a global leader, all by bringing together industry experts to find solutions with an entrepreneurial mindset.
While our work powers communities across the globe, Northland is powered by our people.
The Senior IT/OT Security Analyst will be responsible for day-to-day IT/OT security operations, including implementation of security projects, ensuring the success of day-to-day operations, and assisting other IT/OT teams and business units with security related tasks. You will be responsible for working closely with global teams and managed service partners to ensure the security of IT and OT assets. Additionally, you will be accountable for the management and/or oversight of several technologies, including data loss prevention, endpoint security, network security, vulnerability management, third-party risk management, security incident and event management system, security automation, secure email gateway, firewall policy risk management, and more.

Key Responsibilities

• Identify and analyze relevant threats to, and vulnerabilities of, Northland networks, systems, and assets, and recommend appropriate countermeasures and mitigations.
• Implement procedures and technology changes to maintain and evolve Northland’s security maturity.
• Work with various stakeholders, including Managed Service Providers, Internal IT/OT teams, business partners, and trusted security partners to advance Northland Power’s security posture and respond to security incidents.
• Ensure organization activities are performed in a manner that is compliant with applicable security regulation and organizational policy.
• Participate and support, as required, in organization security audit activities including but not limited to ensuring auditable controls, evidence gathering, and remediation activities.
• Participate in daily security operations tasks, including incident triage, incident investigation, service requestions, system enhancements, and system maintenance.
• Participate in assigned organization projects, as required, to ensure applicable security controls are built-in.
• Review organization cyber security performance, identify opportunities for improvement, and implement approved program changes.
• Participate as required in project pipeline activity to ensure IT/OT acquisitions and implementations are in line with Northland IT/OT Security requirements.

Who You Are:

• Collaborative: You are a natural relationship builder and are comfortable working and engaging with a diverse group of internal and external stakeholders at all levels. You lead by example and focus on supporting others to achieve project success.
• Diligent: You have solid attention to detail, and you follow up with others where needed to ensure outstanding information or actions are complete. You are hands-on and will roll up your sleeves to complete deliverables within required deadlines.
• A lifelong learner: You are continuously looking for opportunities to expand your knowledge. You understand that failure is an opportunity to improve and take accountability for your personal development.
• A strong communicator: You have exceptional oral and written communication skills and are able to articulate your ideas in a clear and concise manner to technical and non-technical audiences.
• A problem-solver: You are very analytical, are evidence driven, seek to understand the greater picture, and develop robust, effective, and efficient solutions to problems and issues.
• Collaborative: You are comfortable working and engaging with a diverse group of internal and external stakeholders. You enjoy working as a team to get things done while encouraging cross-functional sharing of information.

Qualifications and Experience

• Undergraduate degree in Computer Science or related field, or a combination of a post-secondary diploma with a minimum of 5 years of work experience.
• Certifications such as CISSP, GICSP, GRID are considered an asset.
• Solid understanding of IT Security principles and practices.
• Understanding of Data Privacy laws at a global level, including but not limited to GDPR.
• Understanding of critical infrastructure protection and cyber security regulations, including CRITIS, NIS2, and NERC-CIP.
• Sound knowledge of network design (LAN, WAN) and network security concepts.
• Experience working with network, endpoint, email, identity and/or cloud security solutions.
• Knowledge of ISO 27000 standards and NIST CSF.
• Solid knowledge of IT security products, services, hardware/software security tools.
• Experience with programming and scripting languages is an asset.
• Ability to fluently communicate (written and verbal) in both English and German is required

What’s In It for You:

Our employees are the driving force behind our achievements. We are unwavering in our commitment to not only recognise your contributions but also to empower you to excel in every aspect of your life. Here’s a glimpse of why Northland is the place where you’ll truly thrive:

• Presence with purpose – You can take advantage of our hybrid model (team-dependent, you work from wherever makes you most comfortable). Our Workplace Reimagined framework offers flex time so you can define your work schedule within certain parameters.
• Thoughtful benefits – Pension, paid parental leave; childcare allowance, and a contribution towards your transportation to and from the office are just some of the benefits you’ll have access to.
• Wellbeing first – Staying true to our taking care of ourselves and each other value, you will have access to our global Wellness Program and Employee Assistance Program, including access to mental health resources and access to a fitness program
• Birthdays off – You will get your birthday off work so you can celebrate however you choose. This is a paid day off to do what is important to you!
• Continuous Learning support– You will gain new skills by accessing LinkedIn Learning’s on-demand platform with 16,000+ courses in multiple languages, and by taking advantage of our education reimbursement program.

We hire talented and passionate people from different backgrounds. If you’re excited about a role but your past experience doesn’t align perfectly with this job description, we still encourage you to apply. Learn more about our
diversity, inclusion and belonging commitments
.
Disclaimer
This document is a guide. The duties, responsibilities, and requirements of the jobs as described herein are not inclusive and are subject to change.
Northland Power is an equal opportunity employer and we are committed to creating a fair, inclusive and accessible environment. As part of our commitment we work to ensure our application process is accessible to all candidates. If you require special assistance or accommodation during the hiring process, please notify a member of the HR Department.

• Identify and analyze relevant threats to, and vulnerabilities of, Northland networks, systems, and assets, and recommend appropriate countermeasures and mitigations.
• Implement procedures and technology changes to maintain and evolve Northland’s security maturity.
• Work with various stakeholders, including Managed Service Providers, Internal IT/OT teams, business partners, and trusted security partners to advance Northland Power’s security posture and respond to security incidents.
• Ensure organization activities are performed in a manner that is compliant with applicable security regulation and organizational policy.
• Participate and support, as required, in organization security audit activities including but not limited to ensuring auditable controls, evidence gathering, and remediation activities.
• Participate in daily security operations tasks, including incident triage, incident investigation, service requestions, system enhancements, and system maintenance.
• Participate in assigned organization projects, as required, to ensure applicable security controls are built-in.
• Review organization cyber security performance, identify opportunities for improvement, and implement approved program changes.
• Participate as required in project pipeline activity to ensure IT/OT acquisitions and implementations are in line with Northland IT/OT Security requirements