Senior Information Systems Analyst (Cyber Security)

Job Posting Start Date:

Job Posting End Date:

At Bruce Power, you’ll experience the meaningful work of advancing Ontario’s clean energy future and medical isotope innovation while contributing to a culture of excellence. Step into an inclusive and dynamic environment that values collaboration, encourages bold ideas and empowers you to make a real difference.

From safely delivering clean, reliable power to families and businesses across the province and cancer-fighting medical isotopes around the world to supporting challenging and innovative nuclear projects like our multi-year Life Extension Program, we offer interesting and impactful opportunities. Ongoing training and development are part of every job, providing constant growth and skill-building potential.

Be a part of the team — our future is bright!

In support of achieving excellence and business results through safe, reliable operations, our Cyber & Information Security division is currently hiring for a Senior Information Systems Analyst. Our Cyber & Information Security team is dedicated to safeguarding Bruce Power's digital assets and ensuring the security of our information systems. We focus on prevent, detect, and respond capabilities to continuously improve security measures and collaborate across the enterprise to improve the reliability and security of our systems.

We are looking for a major contributor to our Cyber Security Operations Centre (CSOC), to identify and respond to cyber security incidents.  This is a senior responder role, and it is important that the successful candidate possesses a broad set of Information Security skills, as they will be called on to offer additional support and leadership across all domains within Cyber & Information Security. The individual will be a self-starter, who is trustworthy and passionate to fulfill Bruce power’s regulatory and international cyber security obligations, and to protect the business.

This is a permanent, full-time position which offers a competitive benefits, compensation and pension package and is located on site in Tiverton, Ontario.

More than 1 position may be available.

Specific Responsibilities:

• Contributes to the work program of the team by completing assigned tasks and projects on schedule.
• Follows applicable legislation, policies, programs, procedures, and agreements in daily work.
• Collaborates with team members to support the development and delivery of cyber and information security initiatives.
• Participates in training and development activities to maintain and enhance skills and qualifications.
• Provides feedback on performance and suggests improvements to enhance team effectiveness.
• Communicates and collaborates with colleagues and other teams to address issues and ensure smooth workflow.
• Supports the implementation of future plans and goals as communicated by and developed in cooperation with the leadership team
• Provides input on strategy, technology, policies, compliance, and communications as needed.
• Risk identification, management, and mitigation across the Cyber Essential Asset, Business Technology, and Information Protection domains 
• Interface with stakeholders both inside and outside of the Division to deliver effective cyber security operations capabilities and incident response
• Champion, refine, and develop standards, procedures, and processes for the Cyber & Information Security team 
• Collaborate with Enterprise Architecture to develop and maintain a technology roadmap for Cyber & Information Security operations 
• Continuously improve the operations of systems and supporting processes 
• Proactively researching and championing courses of action to resolve and prevent problems and to maintain high service levels for the user and stakeholder community. 
• Identify opportunities and champion continuous improvement for application optimization, redesign, or process improvement. 

Knowledge and Skills:

• In-depth knowledge of Information Security best-practice frameworks and standards including ISO 27000 series, NERC CIP, IAEA, SOX, PIPEDA, NIST, CSA, etc.
• Proven ability to establish excellent working relationships with both internal and external contacts at all levels is key.
• Experience interfacing with CCCS and other key stakeholders.
• Experience in hardening assets against cyber or insider attacks, including vulnerability management, patch management and secure configuration.
• Experience in Information Security incident handling techniques, processes and frameworks.
• Experience as an operator in a Security Operations Centre, and expertise in related tools including detection-rule building.
• Experience with the following is an asset: SIEM/SOAR platforms (e.g. MS Sentinel or Splunk), Threat Intelligence and Monitoring platforms, Identity & Access Management, Endpoint Detection & Response, Vulnerability Management; business knowledge of technology and security needs for key business functions including Operations, Maintenance, Engineering, IT, HR, Finance, Projects, Supply Chain; on-premise application infrastructure, Cloud hosting models, implementation and support of commercial off the shelf and custom applications on desktops, servers; and Managed Task / Service contracts.
• Experience in proper investigative/forensic and evidence-handling techniques including evidence collection and analysis on live and imaged systems, and malware infection analysis.
• Experience in security architecture and ‘defense in depth’ strategies.
• Experience in the particular security requirements of ICS/SCADA systems.
• Experience in performing threat and risk assessment of high value targets, including penetration tests.
• Experience in mitigation tools for malicious software.
• Experience in security policy development.
• Experience in forensic investigation.
• Experience developing internal/external documentation such as detailed procedures, IR playbooks and operational metrics reports.
• Profile log/network/malware/device analysis and making recommendations for remediation of security vulnerability conditions.
• Very strong TCP/IP network and protocol knowledge.
• Intricate knowledge of windows/Unix/Linux operating systems internals.
• Knowledge of scripting languages such as Powershell/Perl/Python etc. to automate common tasks.
• Preferred GIAC Certifications e.g. GRID, GCIH etc.: Any GIAC certifications will be beneficial.

Education and Experience:

• This knowledge is considered to be normally acquired through the completion of 4 years of university training in a related field.
• Certifications in Cyber & Information Security (CISSP, GIAC, CCSP, etc.) are considered an asset.
• A period of over eight years and up to and including ten years is considered necessary to gain this experience.

Are you ready for a change?

Please complete the online application and attach a cover letter and resume, indicating your education and experience as it relates to this opportunity. We look forward to receiving your application and will be in contact with you, should you be selected for an interview. 

The successful candidate will be selected based on related and required education, experience, knowledge and skills, a competency-based interview, and background reference checks.

As one of Canada’s Best Diversity Employers, Bruce Power is committed to promoting a culture of diversity, equity and inclusion where workers feel valued for their uniqueness and are recognized for their individual differences, talents and skills. Diversity, equity and inclusion is critical to our business as we recognize that our people are our greatest resource. To support our inclusive workplace culture, we welcome and encourage everyone to apply.