Weare hiring a Full-Time Permanent position working out of Edmonton, AB.
The Security Policy and Audit Specialist, working with other specialized cross functional groups is accountable to design, document, build, and measure EPCOR Distribution and Transmission, Inc. (EDTI) wide cyber security policies. The specialist is also accountable to provide process expertise, manage and update documentation, and collect/present evidence for EDTI focused aspects of the Alberta Reliability Standards (ARS) Cybersecurity Infrastructure Protection (CIP) Standards regulatory requirements and coordinate EPCOR wide ARS CIP requirements to ensure ongoing consistent and accurate evidence collection and presentation to demonstrate compliance.
The Security Policy and Audit specialist analyzes highly technical documentation including firewall and SIEM logs, network and infrastructure design documentation, Operational Technology (OT) /SCADA equipment configuration, and detailed product technical documentation in order to design and build EDTI’s cyber security program.
The Security Policy and Audit Specialist is accountable to the Manager, Operations Network & Security, and operates within the context and prescribed limits established by the Manager.
- Provide input to the Operations Network and Security (ONS) plans and directions, and demonstrate on-going appropriate relationships with other positions, as required.
- Ensure all EDTI OT assets are properly inventoried and categorized by risk, with appropriate policies in place to ensure that systems are configured, and monitored to protect EPCOR s operational computing and communications infrastructure from malicious attacks and/or unintended changes.
- Leading a cross functional group of SME’s, manage and maintain EPCOR’s NERC/ARS CIP policies covering information classification, change management, access management, electronic security perimeter, physical security, malicious software prevention, security testing, ports and services management, patch management, security incident response, disaster recovery, audit evidence collection, and other applicable activities through ongoing and yearly update and review processes.
- Oversee compliance sustainment and continuous improvement efforts associated with EPCOR’s ARS CIP compliance program. Review ARS CIP related incidents for systemic problems and opportunities for process improvements.
- On a regular basis, review, maintain, and update EDTI’s position in EPCOR’s cyber security framework documentation, and lead collaboration with SME’s across EDTI
- Provide specialized technical level SME advice, guidance, and assistance as required, to teams within EDTI and EPCOR on ARS CIP compliance.
- Responsible to collect, format, and present evidence for regulatory, security, and policy audits. Provide accurate and timely responses to audit information requests.
- Assist in the planning, development, and execution of training programs designed to ensure compliance with ARS CIP and related internal cyber security policies.
- Maintain awareness of emerging electrical utility industry compliance issues, through benchmarking and participation in appropriate forums/groups. Stay up to date on new versions of NERC and ARS standards and participate in industry consultation. Distribute relevant information to impacted SMEs and provide education as required.
- Provide technical and business analysis, develop business cases and participate in regulatory filings related to cyber security initiatives.
- Develop and maintain business unit KPIs for cyber security related metrics. Participate in or drive cross-functional teams to design and maintain dashboards to support EDTI’s cyber security posture.
- Effectively and clearly communicating highly technical information both verbally and in writing to team members, management, executive, and others.
- Demonstrate a high performance, high discipline, safe, accountable, focused, innovative and achievement-oriented, easy to do business with manner of working.
- Bachelor’s degree in Cybersecurity, Computer Science, Information Technology or a related discipline such as business administration, management of information systems, etc.
- 10 years of experience in IT/OT:
- 5 years' experience in IT cyber security or related area and/or 3 years working specifically in a Critical Infrastructure Protection information security operations or consulting function;
- 2+ years’ experience with ARS or NERC CIP regulatory requirements is preferred.
- Experience performing assurance work (audits/reviews), and business risk assessments is required
- Working experience with cyber security frameworks (C2M2, NIST CSF, CIS)
- Security-related training/certifications are an asset (CISA, CISSP, CISM, CIRSC)
- Security experience including threat identification, proactive defense, incident response, and development of mitigation strategies is an asset
- Experience with protection and control, automation, telecontrol and SCADA operational technologies would be considered an asset
- Experience in power systems or electrical utilities would be considered an asset
- Experience managing and analyzing data from system event logs, SIEM logs, firewall rules, and baseline reporting software
- Strong reporting and data analysis skillset is required
- Requires proficiency in business writing for the preparation of reports and presentations
- Requires effective presentation skills, appropriate for senior or executive management levels
- Experience with business and process analysis
Hours of work: 80 hours of work biweekly
Application deadline: Sunday, August 9th, 2020 at 12:00:00AM MST
Learn more about Working at EPCOR!
Please note the following information:
- A requirement of working for EPCOR is that you are at least 18 years of age and legally entitled to work in Canada. (A copy of a valid work permit may be required.)
- If you are considered for the position, clearance on all applicable background checks (which may include criminal, identity, educational, and/or credit) and professional reference checks is required. Some EPCOR positions require an enhanced level of background assessment, which is dictated by law. These positions require advanced criminal record checks that must also be conducted from time to time after commencement of employment.
- A technical/practical assessment may be administered during the selection process and this exercise will be used as a part of the selection criterion.
- To meet the physical demands required of some positions, candidates must be in good physical condition and willing to work in all weather conditions. Clearance on pre-placement medical and drug and alcohol testing may be required.