Principal Consultant, Industrial OT Cybersecurity

Overview

Join to apply for the Principal Consultant, Industrial OT Cybersecurity role at WSP in Canada.

WSP is currently seeking a Principal Consultant, Industrial / OT Cybersecurity to join our Cybersecurity Practice in Canada. This delivery-focused role serves major infrastructure projects and professional services mandates. The opportunity aligns with WSP’s "Future Ready" vision to become a leader in digital engineering and advisory services. Our Industrial OT Cybersecurity Practice includes engineers, specialists and consultants who plan, design and implement strategies, frameworks and solutions to ensure the security of critical national infrastructures (CNI). Our mission is to deliver digital infrastructures that are resilient throughout their life cycle. This role offers the chance to work with leading experts in the ICS / OT Cybersecurity Industry, build a cross-functional network, and operate in a high-performing, flexible, inclusive environment.

• We value a culture of inclusion and belonging
• Flexible Work Policy to support work–life balance
• A Canadian success story with a strong national footprint
• Opportunity to impact environments from environment to roads to buildings
• Outstanding career opportunities and a collaborative culture

We offer attractive pay, flexible work options, comprehensive benefits including virtual healthcare and a wellness platform, great savings programs, and a clear vision for the future.

WeAreWSP

• Provide cybersecurity expertise and technical leadership for Industrial Control Systems (ICS) and Operational Technology (OT) environments.
• Act as the discipline lead for Industrial Cybersecurity on major infrastructure projects, especially in Rail & Transit, within complex multi-discipline environments.
• Lead strategy and planning of all cyber security activities and resources for major projects and client mandates across feasibility, requirements, design, procurement, implementation, testing, commissioning, and operation & maintenance.
• Define KPIs for the project Cybersecurity framework and continually improve through real-world deployment.
• Oversee and execute Cybersecurity project plans to ensure cyber resilience through governance, tools, policies, and people & expertise.
• Lead threat, vulnerability, and risk assessments; identify critical assets, connectivity and threat vectors; define mitigation options and residual risk.
• Translate cyber security requirements to suppliers and engage in procurement to manage supply chain risk.
• Lead analysis to provide evidence for project requirements and verification of security controls through the V-cycle assurance process.
• Coordinate with engineering design, project management and construction teams to ensure cyber security activities are implemented by project teams and suppliers.
• Review cyber security submissions and provide detailed technical comments.
• Plan and implement a cyber security testing strategy to validate resilience against threats.
• Manage client relationships and advise on actions to seize opportunities or mitigate risks.
• Deliver on critical path activities and meet project deadlines; identify opportunities for new work and contribute to bid materials as needed.

Technical qualifications, experience, and skills :

• Networking, Telecommunications or Cybersecurity Engineering degree, or equivalent
• Relevant cybersecurity training and certifications (e.g., GICSP, GIAC, IEC 62443, or a master’s in Cybersecurity)
• 10+ years in areas such as : major infrastructure project discipline lead, telecommunications / network technology / cloud, automation / SCADA / OT, distributed control systems / OT
• Extensive Industrial Cyber Security experience in OT / ICS, including vulnerability management, threat intelligence, security architecture, and secure-by-design processes
• Experience in Rail & Transit sector for major multi-discipline projects or operations
• Experience bridging technical, scheduling and commercial constraints at the project level related to OT Cybersecurity
• Knowledge of NIST guidelines, ISA / IEC 62443, ISO 2700x; understanding of IT / OT networks (TCP / IP, DNP3, Modbus, IEC 61850, OPC / OPC UA, PROFINET, etc.)
• Certifications such as IEC 62443, CISSP, CompTIA Security+, or SANS GICSP
• Interpersonal and soft skills :
• Excellent written and verbal communication
• Proficiency with Microsoft Office tools (Excel, Word, Visio, Project, Outlook)
• Ability to work effectively remotely within an extended team
• Accountability for work delivered
• Ability to communicate complex concepts to non-technical decision makers
• Ability to manage multiple mandates simultaneously
• What sets you apart :
• Experience managing technical teams and project workstreams
• Transportation industry OT Cybersecurity leadership experience (LRT, Heavy Rail, Metro)
• Knowledge of Systems Engineering and Systems Assurance concepts in the Railway domain
• International experience in rail infrastructure and projects
• Professional Engineer (PEng) or Chartered Engineer (CEng) or pursuing accreditation
• Consulting experience with budget and interdisciplinary considerations
• Hands-on OT Cybersecurity asset discovery and vulnerability tooling
• Experience in cybersecurity project or program management
• Bilingual French / English is an asset

WSP is one of the world\'s leading professional services firms. We have over 65,000 team members globally. In Canada, our 12,000+ people work on environmental remediation, urban planning, engineering iconic buildings, designing sustainable transportation networks, and renewable energy projects.

• We value our people and our reputation
• We are locally dedicated with international scale
• We are future focused and challenge the status quo
• We foster collaboration in everything we do
• We have an empowering culture and accountability

WSP is committed to the principles of employment equity. We welcome applications from people with disabilities and accommodations are available on request for candidates taking part in all aspects of the selection process.

WSP does not accept unsolicited resumes from agencies. For more information please read the full policy.

J-18808-Ljbffr