IT Advisor (Cybersecurity Audit and OT Risk)

BC Hydro

* Perform security and compliance impact assessments for technology or corporate initiatives, including documenting threats, identifying risks, and recommending controls.

* Maintain knowledge of current cyber threats and conduct security analyses of internal and external measures to identify risks, weaknesses, and vulnerabilities.

* Ensure that risk assessments, vulnerability assessments and threat analyses are conducted periodically and consistently to identify cybersecurity risk to the organization's information.

* Provide direction and education to business areas and maintain expertise. In addition, help develop and maintain knowledge of BC Hydro's program's methodologies, policies, and published practices.

* Conduct vulnerability assessment reviews and perform vulnerability scans as required.

* Lead and coordinate the 3rd party vendor risk assessment by evaluating their security posture and ensuring compliance with security and regulatory standards through SOC 2 Type 2 or similar reports and attestation forms.

* Monitor existing risk to ensure that changes are identified and managed appropriately.

* Analyze to assess the security controls when reviewing Privacy Impact Assessments (PIAs).

* Improve regulatory compliance by consulting with appropriate regulatory SMEs when required.

* Participate as Technology security SME on projects or initiatives to improve BC Hydro's cybersecurity posture, especially focused on the cybersecurity risk management, etc.

* Participate or coordinate response to various internal and external cybersecurity audits when required.

What you bring

* A university degree or equivalent combination of education and experience, with a minimum of 7 years in IT/OT technology, cybersecurity, risk management, or audit-related work.

* Experience in system, application, and network security, risk management, IT security monitoring, and knowledge of industry standards (ISO 270001/2, NIST, COBIT5) and NERC CIP standards is preferred.

* Experience on developing, managing or supporting Cyber Security Information Technology (IT) or Operational Technology (OT) programs (for example, patching programs, password controls or threat assessment) would be considered an asset.

* Preference given to candidates with demonstrated knowledge and understanding of Cyber Security related to both IT and OT assets as well as a strong knowledge of Protection and Control concepts. However, transferable experience may be considered.

* Understanding of audit requirements, including the ability to analyze compliance quality, accuracy and adequacy.

* Ability to obtain security clearance for a Security Sensitive Position, translate technical risks into actionable business language, and negotiate effectively.

* Excellent presentation, interpersonal, and documentation skills, with the ability to communicate technical matters to nontechnical audiences.

* Work experience in various domains, including system security, application security, network security, risk management, and IT security monitoring.

* Experience on project management and task coordination.

* Experience on internal control process improvement.

* A team player with strong time-management and organizational skills, capable of working autonomously in a dynamic environment and adjusting quickly to multiple demands, shifting priorities, and rapid change.

What we offer

- A minimum of 15 paid vacation days

- Flexible work model, depending on your role type

- Training and development courses

For more information on the benefits we offer, visit bchydro.com/benefits.

What else you should know

* Please note this is a hybrid position with the expectations to work in our office in Vancouver, BC for a minimum of 2 days per week.

Don't forget to update your Candidate Profile with your current resume and copies of your certifications. If applicable, include your Trades Qualification. This will ensure we have all the necessary information to assess your application without any delays.

To apply for this position, please click the appropriate "Apply" button (or follow the application instructions listed in the Job Description above). If more than one Apply button appears below, please select the option you prefer.

Please Notify Me Of:

New Job Listings Posted By This Company
News and Editorial Regarding This Company
Company Profile Changes and Updates
Personnel Changes At This Company

Company Alert Notification Settings

Please select how you would like to be notified of updates by this Company:

Display Updates For This Company in My Member Account Online

Please Send me an Email Alert (With All of My Company Updates) On The Following Dates:

(Updates from all selected companies are combined and sent in a single email)

IT Advisor (Cybersecurity Audit and OT Risk)

Post your resume on T-Net and let employers come to you.

• Upload, Copy and Paste or Create your resume easily.
• Save Time Applying For Future Positions.
• Make "Searchable" or "Confidential" (optional) and BC Tech and IT employers can search our database and contact you.
  
  

Registration on or use of this website constitutes acceptance of our Terms of Use .

IT Advisor (Cybersecurity Audit and OT Risk)
BC Hydro
Vancouver