Senior Specialist Risk Management

91992
Toronto, ON
Permanent/Direct Hire
18 hours ago

 

 

Job Title Senior Specialist Risk Management – Confirmation Program
Division Toronto Cyber Security
Reports To Manager Cyber Compliance
Salary Range $126,000 to $176,140
Work Location 55 John Street, Toronto
Job Type Permanent Full Time
Shift Information Monday to Friday, 35 hours work week

JOB SUMMARY:
To support the Manager of Cyber Compliance and the Chief Information Security Officer (CISO) in maintaining a City-wide cyber security program that enhances protection across the organization.

To conduct comprehensive cyber security compliance assessments across the City’s divisions and its agencies and corporations. The role will include conducting compliance based assessments, identifying gaps in cyber security posture, and areas of non-compliance.

The aim is to strengthen the overall cyber security posture by identifying and assessing cyber risks and providing recommendations across all City-managed entities.

MAJOR RESPONSIBILITIES:

  • Conduct cyber security compliance assessments of City’s divisions, agencies & Corporations.
  • Participate in regular cyber security compliance review to assess and improve the City’s cyber security posture.
  • Contribute to the development of Cyber Compliance Program, IT & OT methodologies, and processes for improving cyber security assessments.
  • Assess IT and OT systems, networks, and applications to identify potential vulnerabilities, risks, and areas of improvement.
  • Evaluate security frameworks, policies, and controls against industry standards and regulatory requirements (e.g., NIST, ISA-62443, etc).
  • Prepare detailed reports documenting findings, including identified vulnerabilities, risks, and recommendations for mitigation strategies.
  • Work closely with business, OT, IT, network security, and other stakeholders to ensure cyber security practices are integrated into systems and projects.
  • Assist with preparing compliance documentation including Risk Treatment Plan for reviews.
  • Test and validate cyber security controls such as firewalls, encryption, access controls, and intrusion detection/prevention systems (IDS/IPS) for effectiveness.
  • Recommend improvements to the cyber security posture based on test results.
  • Provide expert guidance on cyber security best practices, risk management, and threat mitigation to internal teams and management.
  • Document assessment processes, findings, and remediation steps in clear, concise, and comprehensive reports.

QUALIFICATIONS/CERTIFICATIONS:

  • Post-secondary degree or diploma in Engineering or Technology or a related discipline
  • A minimum of 6-8 years hands-on experience with securing IT and OT domains in Government jurisdictions and or large private sector organizations.
  • Strong foundational Operational Technology, IT and cyber security knowledge
  • Extensive experience with Industrial Control Systems, PLCs, and SCADA Systems
  • Technical expertise in IT/OT integration and convergence.
  • Expertise in security protection solutions including firewall, intrusion detection and protection systems, web application firewalls, anti-virus, and security monitoring solutions.
  • Cyber Certifications are an asset such as CISSP, CCSP, CISM, ISA, GIAC, GRID
  • Experience with Incident Response planning in IT and preferably OT environments.
  • Strong Proficiency in MS Office specifically MS Visio, Excel, PowerPoint, Project, SharePoint

SKILLS:

  • Assess, review, and make recommendations to improve on secure network architecture and technology roadmaps.
  • Reports and presentations for all levels of management and stakeholders.
  • Provide input to Cyber Governance artefacts (policies, standards) and practices applicable to OT and IT environment.
  • Track cyber risks, suggest recommendations, and maintain Risk Treatment Plan with assignment, due date etc. for remediation of cyber risks in City environments.
  • Other duties/deliverables as assigned for cybersecurity governance and compliance.
  • Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors).
  • A creative, critical, and strategic thinker.
  • Ability to achieve business objectives through influencing and effectively working with key stakeholders.
  • Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
  • Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors).
  • A creative, critical, and strategic thinker.
  • Ability to assess communications gaps and opportunities and to develop new content strategies that deliver on business objectives.
  • Ability to create content, toolkits and awareness materials that support the success of transformative divisional programs.
  • Ability to lead efficient communication between all project stakeholders, including internal divisional teams, corporate partners, clients and external partners.
  • Ability to achieve business objectives through influencing and effectively working with key stakeholders.
  • Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors.
  • Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
  • Keen attention to detail and strong organizational skills.
  • Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.
  • Ability to work in a fast-paced environment, managing multiple priorities with proven time management skills.
  • Strong analytical skills with the ability to prioritise and multitask.
  • Ability to prioritize and effectively manage competing priorities and projects.
  • Ability to manage multiple initiatives while adhering to strict deadlines.
  • Able to work extremely well under pressure while maintaining a high level of professionalism
  • Self-motivated person with desire to go above and beyond required tasks.
  • Transferable skills, including business transformation  and decision-making, are equally important.Being able to think on your feet and show good judgment are especially valuable in this field. Professionals in cyber security must be able to react quicky and strategically to cyber-related incidents.

ADDITIONAL COMMENTS/INFORMATION:
A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.
               
*Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Toronto Cyber Security handles highly sensitive and confidential information.

Equity, Diversity and Inclusion

The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

ACCOMODATION

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.

The pay range that the employer reasonably expects to pay for this position is between CA$126,000 and CA$151,070

Our voluntary benefits offering includes medical, dental, vision and retirement benefits.

This posting is for an existing vacancy.

If you believe this post to be fraudulent, please report by clicking here

Tundra Technical Solutions is a global workforce and technology delivery firm, ranked by Staffing Industry Analysts as one of the largest in North America. At Tundra, we aren't just hiring top talent at the world's most recognizable brands; we are pioneers of social recruitment. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other legally protected characteristics. We welcome and encourage diversity in the workplace.

We use artificial intelligence tools to help our recruiters screen and assess talent. These tools do not replace human decision making in the process.

Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!