Arobas personnel is looking for a Security OT for a contract with one of our clients located in Montréal.

*Remote : Hybrid-Mode*

What does your day to day look like?

• Coordinate OT Security activities manufacturing plants.
• Conduct risk assessments to identify potential security threats.
• Collaborate with team members to ensure successful projects delivery.
• Responsible for monitoring, managing, and assessing OT cyber security risks.
• Participate & Contribute to the development of the OT Security Program.
• Manage the process of gathering, analyzing, and assessing the current and future threat landscape, as well as providing a realistic overview of risks and threats in the operational environment.
• Contributes to the development of the OT security strategic plan and roadmap:
• Identification of short- and long-term goals and objectives.
• Participate in project prioritization.
• Participate in the development of business cases to support request for funding.
• Provide OT Security guidance on OT Projects.
• Provide recommendations on how best to mitigate OT risks.
• Responsible for the development & implementation of OT Security policies & procedures.
• Responsible for the development and implementation of OT governance.
• Monitor existing OT Security solutions to recommend initiatives / projects.
• Document & follow up OT cyber security incidents.
• Contribute to the establishment and maintenance of OT Incident Response capability – Policy / Procedures / Plans.
• Present changes at the Change Advisory Board (CAB) as needed.
• Establish metrics and key performance indicators to monitor the overall health and effectiveness of the OT cybersecurity and infrastructure program.
• Planning of all OT Security related projects.
• Participation in projects as required.
• Provide best possible proactive and reactive measures to minimize OT security incidents and loss of production.
• Build relationships with mill process control groups to provide insight into OT Security risks.
• Stay informed about the latest cyber threats to the OT and ICS environment.

What we’re looking for?

• University degree in information system, computer science or engineering, or a related field of study and a M. Eng in information security is preferred.
• A minimum 5 years’ experience within Cyber Security inspired from Operational Technology environments.
• Any of the certifications such as, Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or Global Industrial Cyber Security Professional Certification (GICSP) would be an asset.
• Experience in conducting cyber incident investigation.
• Experience in contributing to the development of cybersecurity and infrastructure technology strategies for OT environments with clear understanding of the differences between IT and OT environments (e.g. 24x7 production operating model, safety, and environmental risk factors, patching and anti-virus processes, segmentation requirements and security policies in ICS environments, etc.).
• Experience in developing and maintaining policies, procedures, standards, and guidelines.
• Experience in working with OT technologies / providers (i.e., PLCs, SCADAs, Rockwell, Allen-Bradley, Citect, etc.)
• Experience in development of OT Security policies & procedures.
• Knowledge of information security frameworks and standards (NIST CSF, NIST 800-82, IEC 62443, ITIL).
• Technical expertise with SIEM, vulnerability management, threat management technologies such as Tenable, QRadar, Sentinel, Microsoft XDR.
• Technical expertise with networking concepts such as TCP, Switches, Firewalls, Routers, IDPS, Secure Remote Access, etc. as well as understanding of Purdue model.

Skills Required:

• Excellent written and verbal communication and presentation skills in both French and English with the ability to articulate new ideas and concepts to technical and nontechnical audiences at all levels of the organization.
• Strong leadership skills and the ability to work effectively and efficiently with the IT and OT managers, the OT engineers and OT operations staff.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Excellent understanding of the differences between IT and OT environments as it pertains to cyber security & mitigation as well as OT security concepts, protocols, industry best practices and strategies.
• Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
• Ability to manage tasks and priorities in a context of fast-paced teamwork.
• Project management skills and experience in creating and managing project plans, including budgeting and resource allocation.
• An understanding of operating system and network protocols.
• Sound judgment and the ability to make informed decisions.
• Practical approach to problem solving and decision-making.

What are the benefits for you?

• Competitive salaries
• Advantageous corporate agreements
• Full range of group insurance benefits
• Group retirement pension plan with employer contribution
• Purchase option of company stocks
• Group RRSP
• Health and wellness program in the workplace
• Assistance program for employees and their families