Sr Governance, Risk & Cmplnc Cnslt

Select how often (in days) to receive an alert:

Status: Regular Full Time
Working Conditions: Hybrid
Education Level: 4 Year University Degree, preferably in Computer Science, Computer Engineering or a related field
Base Location: Oshawa, ON (for positions based at CHQ see job aid and CHQ Guidelines for all other positions enter regular location)
Temporary Work Location: Pickering, ON
Shifts: Days
Travel: 10%
Deadline to Apply: May 21, 2025
Salary Range: $2,658.86 - $3,118.72 Per Week

Electrify your career and help build a brighter tomorrow.

Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders, and change-makers. Join us as we work to electrify life in one generation and build a sustainable future powered by our electricity, ideas, and people. Join OPG and make history.

Whether you work in skilled trades or are a business professional, a career at OPG offers opportunities to electrify your life on and off the job.

Ontario Power Generation (OPG) is seeking a dynamic, strategic, and results-driven professional to join our team as a Senior Governance, Risk & Compliance Consultant.

Reporting to the Section Head of Information Systems, this role involves staying informed on new government regulations and governance requirements, ensuring that OPG's Nuclear cybersecurity policies and practices remain compliant with the latest standards.

1. Perform policy gap and control assessments against CSA N290.7, nuclear regulations, and cybersecurity frameworks to identify improvements and ensure compliance.
2. Review and improve OT security policies, configurations, procedures, and processes, overseeing Cyber Governance, Risk, and Compliance for OT systems.
3. Develop and maintain OT-specific KPIs and KRIs for the Cyber Governance Security Program, advising on best practices.
4. Audit Nuclear OT systems for security adherence and lead cybersecurity projects to enhance organizational security posture.
5. Represent OPG Cyber Security at external forums and committees.
6. Conduct risk, control, maturity, and compliance assessments, recommending security improvements.
7. Perform third-party cyber risk assessments, ensuring vendor compliance and advancing the Third-Party Risk Management program.

• 4-year university degree in Computer Science, Computer Engineering, or a related field.
• 6-8 years of experience in Cyber Risk, Governance, and Cybersecurity compliance, with knowledge of business continuity, OT architecture, incident response, and risk management.
• Expertise in OT system design and security architecture for industrial environments.
• Experience in OT security operations, including incident response, audits, threat assessments, and regulatory reporting.
• Knowledge of security frameworks such as CSA N290.7, NIST CSF, CIS, COSO, ISO 27001, and NERC-CIP.
• Proven experience in reviewing and enhancing OT security policies and processes.
• Experience in developing OT KPIs and KRIs and advising business units.
• Strong project management and leadership skills.
• Excellent communication and presentation skills for external and internal stakeholder engagement.

The successful candidate will demonstrate integrity and uphold OPG's values and Code of Business Conduct.

OPG is committed to fostering an inclusive, equitable, and accessible environment. For accommodations during the application or interview process, contact AODA@opg.com.

Note: This position will relocate to OPG Corporate Headquarters at 1908 Colonel Sam Drive, Oshawa, in Summer 2025. Until then, it is based temporarily in Pickering, ON.

OPG operates across Ontario and the U.S., being one of the most diverse power producers in North America, supplying about 50% of Ontario's electricity, primarily from low-carbon sources like nuclear and hydro.

We aim to electrify life in one generation and are developing new low-carbon technologies such as SMRs, refurbishments, and electrification projects. Join us and make history.

Apply online at jobs.opg.com. We thank all applicants; only shortlisted candidates will be contacted.