Senior Cyber Security Analyst, SCADA - Newmarket, Canada - The Regional Municipality of York

    The Regional Municipality of York
    The Regional Municipality of York Newmarket, Canada

    1 week ago

    Default job background
    Permanent Full time
    Description
    POSITION PURPOSE Reporting to the Projects Manager, SCADA Security, is responsible for developing, recommending and implementing SCADA, network and industrial control security systems, security programs and SCADA specific policies; working directly with ITS Security staff on Corporate Security initiatives and providing input; identifying, assessing and mitigating security threats or vulnerabilities to the SCADA system; educating, promoting compliance and enforcing security practices and procedures; ensuring security components of business continuity and disaster recovery processes and procedures are considered, maintained and executed for the security of SCADA data, network and process control systems, information and systems; and recommending solutions to complex security systems issues; providing guidance, direction and training to assigned project related staff.

    MAJOR RESPONSIBILITIES

  • Implements and recommends technology security programs and processes to prevent and mitigate security threats, risks and vulnerabilities to the Region's SCADA and Industrial Controls System.
  • Develops controls to enforce SCADA security compliance and makes recommendations based on output of security systems.
  • Investigates and remediates security issues seeking direction from management when required.
  • In direct consultation with corporate ITS Security Team, ensures applicable corporate IT security policies are applied to the SCADA system, and identifies and rationalizes required exceptions to support industrial applications as required.
  • Maintains and updates SCADA specific security policies, guidelines and procedures.
  • Assists and provides input to the maintenance and updating of corporate technology security policies, guidelines and procedures.
  • Develops processes to prevent compromise of the SCADA system and the Region's critical, valuable, and sensitive information resources.
  • Performs security audits and penetration testing as required.
  • Works directly with ITS Security staff to ensure alignment and adherence of Corporate and Departmental planning and policies.
  • Collects and works with a wide array of log data from disparate sources.
  • Plans, manages and executes log and data analysis in line with business needs.
  • Produces meaningful and useful reports and visualizations delivering key information in a usable format.
  • Develops and maintains communication with colleagues, other internal and external agencies and contacts.
  • Provides direction, expertise, training and advice to technical SCADA staff to ensure best practice security approaches are taken in projects and daily work.
  • Performs other duties as assigned, in accordance with Branch and Department objectives.

    • QUALIFICATIONS

  • Successful completion of a Community College Diploma in Computer Science or a related field and a security certification such as the Certified Information Systems Security Professional (CISSP).
  • Satisfactory Police Criminal Background Check.
  • Demonstrated experience applying tools, techniques and practices for auditing and assuring adherence to standards associated with accessing, altering and protecting corporate networks.
  • Certifications in MCSE; CCNA; CEH (Certified Ethical Hacker); Security +; ECSA (EC Council Certified Security Analyst); GIAC GSEC – GSEC: GIAC Security Essentials Certification.
  • Security monitoring experience with one or more SIEM technologies, Next Generation Firewalls such as CISCO FirePOWER and instrusion detection and prevention technologies, including experience in security incident management, risk and privacy management, malware management and vulnerability management processes.
  • Knowledge of Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA) systems, Operational Technology (OT), Industrial Networks, Industrial Communication Protocols and Critical Infrastructure.
  • Experience working with a SIEM or log analysis tool such as Splunk.
  • Experience in structured methodologies for the design, development and implementation of a SIEM such as Splunk.
  • Experience developing, recommending, implementing and managing technical security architecture for implementing a SIEM/log management tool tool such as Splunk.
  • Ability to travel to off-site locations in a timely and efficient manner, as required.
  • Ability to work effectively independently and cooperatively in a team environment.
  • Ability to work outside normal business hours and ability to perform standby duties as required in accordance with Branch policy and to respond to emergency situations.