Specialist Information Security

Apply now »

Date: Dec 18, 2024

Location: CA

Company: Independent Electricity System Operator

INDEPENDENT ELECTRICITY SYSTEM OPERATOR (IESO)

Requisition ID:  20091
Location: Mississauga, Hybrid 
Status:    Regular
Business Unit:  Information & Technology Services


Why join us? 

You’ve got great skills. And you want to use them in an organization where you know what you do every day matters. We get that.
We also know that ensuring Ontarians have access to affordable and reliable power doesn’t happen by accident. So we give you the tools, flexibility and support you need to achieve your goals, and development opportunities to help you grow. You’ll thrive in a collaborative, team-based environment that values your unique skills and experiences – and recognizes that when you do better, we become even better too.  

Who we are 

The Independent Electricity System Operator (IESO) works at the centre of the province’s power system, ensuring Ontarians have access to reliable and cost-effective electricity when and where they need it. We operate the province’s electricity grid 24/7, design, run and oversee the wholesale electricity markets, and plan and prepare to meet Ontario’s electricity needs – now and into the future.

 

The opportunity

The Specialist, Information Security coordinates, plans and/or organizes the development and delivery of Information Security services internally and externally. Not only will the Specialist play a key role in maintaining the integrity of vital computer applications and information systems across IESO, they will also support executives and managers in fulfilling their due diligence responsibilities regarding Information Technology Security.

 

What you'll do

  • Investigate all identified security breaches, or concentrated attempts at breaching IESO security.
  • Report the results of Technical Information Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to internal and external stakeholders.
  • Keep abreast of developments in the areas of geopolitics; cyber threats; legal, regulatory, corporate requirements; technological developments; and best practices in the Information Technology and Corporate Security field.
  • As required, will lead projects, assign work, resolve problems and assess performance.
  • Will have access/handle confidentiality issues, requiring high level of trust and integrity.

Additional Responsibilities include:

  • Oversee/monitor access logs and privileges.
  • Deliver or conduct the delivery of Information Security and contingency planning and disaster recovery programs for business units/departments across IESO.
  • Review and assess all requests for Exception and/or Exemption to policy.
  • Contribute to the development of Information Security standards and procedures for business units consistent with corporate security objectives and generally accepted and leading-edge Information Security practices and professional security standards and in coordination with IT Process Development Leaders and the Information Security Manager.
  • Deliver the Information Security programs, including Information Security framework for applications, tools, anti-virus, encryption, and fire walls, implementation support, identification of system vulnerabilities, system assessments, Information Security advice and consultation, business resumption planning and disaster recovery planning.
  • Provide input to supervision on all areas of Information Security.
  • Contribute to the development/delivery of awareness training and general Information Security education.
  • Report the results of Technical Information Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to Supervisor/Management Team.
  • Review new and updated systems/applications to ensure that security is configured properly.
  • Work with business units to determine data classification and ownership/custodianship.
  • Ensure there are adequate security tools available for performing system reviews.
  • Perform other duties/tasks/projects as required or assigned.

 

What you need to succeed

  • Sound knowledge of computer science, information technology and telecommunications systems.
  • Experience analyzing and reporting on Information Security incidents using models and frameworks such as the Cyber Kill Chain, Diamon Model, and MITRE ATT&CK.
  • Excellent written and oral communication skills to present analysis findings to internal and external stakeholders.
  • This knowledge is normally acquired either through the successful completion of a university degree in Information Security, Computer Science, or related discipline or equivalent.
  • Certifications in the fields of Threat Intelligence, Security Incident Response, Security Operations, or related fields are beneficial.
  • Experience coordinating/analyzing enterprise security systems on a diverse set of computing platforms, operating systems and applications, especially Windows NT and UNIX.
  • Experience with networking products, large package and systems implementation.
  • Previous experience as part of a large multi-disciplined project, and with systems vendors, which requires having sound project management skills.
  • A period of over 5 years, up to and including 10 years is considered necessary to gain this experience.

 

Core Competencies

  • Functional/Technical Skills
  • Structured analysis Skills
  • Written and Vocal communication
  • Customer Focus
  • Approachability
  • Problem Solving
  • Action Oriented
  • Learning on the Fly
  • Priority Setting
  • Self-Development

What’s in it for you

  • A comprehensive total rewards program, including best-in-class benefits and a flexible workplace 
  • A challenging, fast-paced and collaborative team environment, where your perspectives and experiences matter 
  • Leaders who support your growth and success through regular feedback and coaching 
  • The opportunity to work with some of the brightest minds in the industry 
     

Deadline: (December 24, 2024)

For future reference, please ensure to save a copy of the job description as it will no longer be available once the posting closes.


At the IESO, we know that achieving great results depends on embracing diversity by attracting, developing and retaining people from a wide variety of backgrounds. We do this by ensuring our recruitment and advancement policies are fair and equitable, and by creating an accessible and inclusive environment – one that values every team member’s unique skills and experiences and ensures they have the support they need to achieve their potential. If you require accommodation during the recruitment process, please let us know. 

We thank you for your interest in a career at the IESO, but we will only contact those candidates selected for an interview. 

Note: The successful candidate must be eligible to work in Canada and will be subject to a background check.

The IESO offers a hybrid work model program to most of our employees, based on business needs. Individuals participating in the program can work an average of three days per week remotely within Ontario. It also offers three flex weeks when individuals can work remotely within Ontario . When working in the office, you will be located at our Mississauga, Toronto, or Oakville location.

Join our talent community

Sign up for talent community; stay in touch, find out about new opportunities – and discover how you can make a difference. Discover how we use our expertise and commitment to deliver reliable and affordable electricity to Ontario’s businesses and communities, and how we’re innovating to secure a stronger energy future for all Ontarians. Visit Careers at IESO and be sure to follow us on LinkedIn.

Find out why we were selected as Greater Toronto’s Top 2024 Employers, and what we offer.