Apply now »

Specialist Information Security (Risk Assessment & Architecture)

 

Date November 24, 2025

Location Mississauga, ON – Hybrid

Requisition ID 20369

Status Regular

Business Unit Information and Technology Services

 

Why join us?

 

The IESO is committed to ensuring Ontario’s electricity system meets the province’s needs today and into the future. We are charged with purpose, delivering reliable, affordable, and sustainable electricity for homes, businesses, and communities across the province. We are energized to grow, embracing opportunities to shape the future of a dynamic and evolving energy sector while advancing our careers. We are powered by teamwork, supported by diverse and passionate colleagues who foster respect, celebrate successes, and thrive on shared achievements. At the IESO, it’s not just what we do—it’s who we are! 

 

Who we are

 

Our central role includes managing the provincial power grid in real-time, overseeing and evolving Ontario’s electricity market, engaging with government, municipalities and Indigenous communities, and planning for Ontario’s future electricity needs. Our employees play a key role in driving grid innovation, protecting the system from threats, advancing the province’s energy conservation programs, and forecasting and procuring the electricity resources we’ll need in the decades to come. 


This role is a part of…

  • The Specialist, Information Security, under the direction of the Supervisor, Security Architecture and Risk, will be part of the team responsible for IESO's information security architecture, threat and risk assessment, and vulnerability management programs.
  • They will participate with project teams as an InfoSec subject matter expert throughout the project lifecycle.
  • Working with various IESO teams, they will collect data, analyze information, and conduct threat and risk assessment reports on projects, IT procurements, and vendor risk assessments.
  • Information and Technology Services - unionized

 

What makes this role exciting

 

The energy sector is rapidly evolving, offering exciting new opportunities for those who want to make a difference.

 

  • This opportunity allows the Specialist Information Secuiity to facilitate secured growth of the IESO through the guidance and implementation of security best practices, security architecture reviews, and security technologies.  This role will require a high degree of autonomy and consensus building amongst a cross functional team of individuals and lines of business.  Experience in implementing and hardening DLP, BYOD/MobileAV, Office 365, & Email Security (DMARC, DKIM, SPF) solutions, and familiarity with security architecture concepts is an asset. Ideally, knowledge of IAM governance is also an asset but not required.

 

What you’ll do

 

In this role, you’ll make a meaningful impact by contributing to the IESO team and supporting the electricity needs of the province through:

 

  • Contribute to the development of Information Security standards and procedures for business units consistent with corporate security objectives and generally accepted and leading edge Information Security practices and professional security standards and in coordination with IT Process Development Leaders and the Information Security Manager.
  • Support the delivery of the Information Security Operations and Technology programs for applications, tools, anti-virus, encryption and fire walls, implementation support, identification of system vulnerabilities, system assessments, Information Security advice and consultation, business resumption planning and disaster recovery planning.
  • Deliver or conduct the delivery of Information Security and contingency planning and disaster recovery programs for business units/departments across IESO.
  • Contribute to the development of Information Security standards and procedures for business units consistent with corporate security objectives and generally accepted and leading edge Information Security practices and professional security standards and in coordination with IT Process Development Leaders and the Information Security Manager.
  • Deliver the Information Security programs, including Information Security framework for applications, tools, anti-virus, encryption and fire walls, implementation support, identification of system vulnerabilities, system assessments, Information Security advice and consultation, business resumption planning and disaster recovery planning.
  • Review and assess all requests for Exception and/or Exemption to policy.
  • Provide input to supervision on all areas of Information Security.
  • Contribute to the development/delivery of awareness training and general Information Security education.
  • Investigate all identified security breaches, or concentrated attempts at breaching IESO security.
  • Report the results of Technical Information Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to Supervisor/Management Team.
  • As required, will lead projects, assign work, resolve problems and assess performance.
  • Review new and updated systems/applications to ensure that security is configured properly.
  • Work with business units to determine data classification and ownership/custodianship.
  • Ensure there are adequate security tools available for performing system reviews.

 

In a typical day, you will

 

  • Report the results of technical IT Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to Manager - Information Security, and business leaders.
  • Keep abreast of developments in the areas of legal, regulatory, corporate requirements, technological developments and best practices in the Information Technology and Corporate Security field.
  • Will have access/handle confidentiality issues, requiring high level of trust and integrity.
  • Perform other duties/tasks/projects as required or assigned.

 

Role Requirements

 

Our team consists of experts from diverse backgrounds, each bringing their unique perspectives and skills. 


To succeed in this role, you’ll need: 

 

Education: 

  • Requires a sound knowledge of computer science, information technology and telecommunications systems.
  • Excellent written and oral communication skills, in order to deal with end-users, review/input on procedures, standards and/or methods; and design/deliver training.
  • This knowledge is considered to be normally acquired either through the successful completion of a university degree in the area of Computer Science or related discipline or equivalent.

 

Experience:

  • Experience in conducting threat and risk assessments.
  • Requires experience coordinating/analyzing enterprise security systems on a diverse set of computing platforms, operating systems and applications, especially Windows NT and UNIX.
  • Experience with networking products, large package and systems implementation.  Previous experience as part of a large multi-disciplined project, and with systems vendors, which requires having sound project management skills.
  • A period of over 8 years, up to and including 10 years is considered necessary to gain this experience.

 

How We Support You

 

From a comprehensive total rewards program to dynamic learning and development opportunities—including job rotations to broaden your expertise—we empower you to define and shape your own success. When you join the IESO, here’s what you can expect:

 

  • Best-in-class benefits and long-term support in the form of a defined benefit pension plan. 
  • A commitment to flexibility as we currently support a hybrid model where applicable, that supports a blend of remote and in-office work based on business needs. Participating employees typically work in-office a minimum of four days and work remotely up to six days over a two-week period with a goal of maximizing in-office time through the use of established team days. 
  • Work in a dynamic and evolving sector that offers exciting opportunities and the chance to explore new career paths.
  • Leadership that values meaningful discussions, welcomes feedback, and prioritizes career development. 
  • A strong, inclusive culture and a collaborative team environment with a shared passion for impactful work.
  • Compensation packages that are regularly reviewed to remain competitive and to best accommodate the diverse needs of our employees. 

 

Thank you for your interest in a career at the IESO. Only candidates selected for an interview will be contacted. Please note that the successful candidate must be legally eligible to work in Canada and will be subject to applicable background checks. 

 

IESO will not conduct interviews or offer positions via online, text, chat or social media platforms. We will not gather personal information directly from candidates or potential candidates. Selected candidates will work with our Talent Acquisition team to ensure their application is processed.  

 

We believe in opportunities for everyone.

 

At the IESO, we know that achieving great results depends on embracing diversity by attracting, developing, and retaining people from a wide variety of backgrounds. We do this by ensuring our recruitment and advancement policies are fair and equitable, and by creating an accessible and inclusive environment—one that values every team member’s unique skills and experiences and ensures they have the support they need to achieve their potential. If you require accommodation during the recruitment process, please let us know.  

 

We’re proud to say we’ve been recognized as a supportive, inclusive employer. 

 

    

Apply now »