OT Cybersecurity Advisor
Apply NowCompany: Alithya Group inc.
Location: Scarborough, ON M1B 6H8
Description:
#LI-Hybrid
Please note that this is a hybrid position. The candidate will provide on-site and off-site support to clients as needed. Less than 25% travel is expected in this role.
Do you want to experience the essence of a large organization in a company with a personal touch? Come and work with us! We are looking for creative, innovative, and collaborative people like you to join our team.
Take your ambitions to the next level
When it just clicks!
Does this sound like you?
Language skills:
Please note that this is a hybrid position. The candidate will provide on-site and off-site support to clients as needed. Less than 25% travel is expected in this role.
Do you want to experience the essence of a large organization in a company with a personal touch? Come and work with us! We are looking for creative, innovative, and collaborative people like you to join our team.
Take your ambitions to the next level
- Perform:
- cybersecurity governance risk and compliance (GRC) activities for our nuclear clients, including:
- gap analyses;
- risk assessments and management;
- creating standards and procedures;
- developing cybersecurity training materials;
- conducting organizational training as a subject matter expert (SME).
- factory acceptance testing (FAT) and site acceptance testing (SAT) as required, diagnosing issues and effectively communicating solutions.
- cybersecurity governance risk and compliance (GRC) activities for our nuclear clients, including:
- Prepare and review technical documentation (e.g., assessments, reports);
- Review product- or system-specific engineering documentation such as manufacturing manuals, instrumentation and control (I&C) and network drawings to perform risk and controls assessments;
- Work both independently and as part of a team in a project-based environment as needed;
- Complete client-specific engineering change control (ECC) training to obtain necessary qualifications to work on the station-specific deliverables;
- Participate in cybersecurity research and development (R&D) activities, including software and hardware development;
- Contribute to sales initiatives, including attending conferences, writing proposals, estimating, and meeting with potential clients.
When it just clicks!
Does this sound like you?
- Minimum of 4 years of experience working in the field of cybersecurity, preferably in an operational technology (OT), I&C, or nuclear environment;
- Post-secondary degree in computer science, engineering, information security, or any related field;
- Experience preparing client deliverables in the form of technical documentation;
- Knowledge of the cybersecurity CIA triad is required;
- Working knowledge of:
- NIST Cybersecurity Framework, NERC CIP, or CSA N290.7 Standard;
- the Purdue model;
- industrial control systems (ICS), computer operating systems (OS) and virtual machine (VM) technologies;
- network architecture and basic networking concepts such as communication protocols, network topology, transmission media, etc.
- Excellent oral and written communication skills;
- Comfortable in client-facing environments;
- Assets:
- Professional Engineering designation (P.Eng);
- Cybersecurity-specific certifications (Security+, GICSP, CISSP, ISA/IEC 62443, etc.);
- 5 years of residence in Canada;
- Experience with OPG or Bruce Power ECC;
- CSIS Level 2 security clearance (preferably at OPG or Bruce Power);
- Working knowledge of:
- the Harmonized Threat and Risk Assessment (HTRA) methodology;
- firewall and network switch configurations;
- ICS communication protocols, ICS security components, physical and logical hardening controls, etc.
Language skills:
- English: Proficient