Security Architect
Share
Job Location:
Monthly Salary:
Posted on:
30+ days ago
Vacancies:
1 Vacancy
Job Summary
Description
#LI-MM3
Metrolinx is connecting communities across the Greater Golden Horseshoe. Metrolinx operates GO Transit and UP Express as well as the PRESTO fare payment system. We are also building new and improved rapid transit including GO Expansion Light Rail Transit routes and major expansions to Torontos subway system to get people where they need to go better faster and easier. Metrolinx is an agency of the Government of Ontario.
At Metrolinx equity diversity and inclusion are essential to living our values of serving with passion thinking forward and playing as a team.
Metrolinxs Innovation and Information Technology group supports female team members via Go Tech Women an affinity group for women in Information Technology led by our Chief Information Officer.
If you enjoy technology and innovation value diversity appreciate work/balance and are looking for an opportunity to make a better world via public service Metrolinx would like to hear from you!
The OT Security Architect is responsible for designing assessing and governing cybersecurity architecture for OT specifically in railway operational technology environments. This role ensures that rail systems such as signaling SCADA wayside assets onboard systems communications networks maintenance systems and dispatch platforms are secure resilient and aligned with standards including IEC 62443 NIST CSF NIST SP 800-82 TS 50701 APTA guidance and applicable rail safety/security regulations.
Note: This is a On-site opportunity that requires working from office all five days a week.
What will I be doing
- Review system designs interface control documents network diagrams and procurement specifications and define cybersecurity requirements for rail projects upgrades and tenders.
- Collaborates with business leaders developers engineers enterprise architecture and other stakeholders to identify future needs to streamline the security strategies define security standards and reference security architecture.
- Assists with translating security architecture roadmaps into a portfolio of programs projects enhancement and other initiatives to define the journey map from current state to the future state.
- Contribute to policy standards and technical baselines for OT security and in rail OT.
- Conduct cyber security risk assessments for new and existing rail OT systems against standards and frameworks including one or more of the following: IEC-62243/ISA-99 APTA CLC/TS 50701 OWASP CVE WASC NIST 800-82 methodologies.
- Ability to conduct technical risk assessments and mitigation on AI Machine learning technologies and platforms
- Recommend remediation roadmaps balancing security safety availability and operational constraints.
- Work with signaling communications rolling stock infrastructure operations safety and enterprise IT teams for secure integration into rail environments
- Engage with OEMs integrators assessors and project managers.
- Provide technical leadership to engineers and project teams on OT security architecture decisions.
- Broad understanding of applications and infrastructure data flow to build threat models
- Strong communication skills and the ability to understand and translate cyber security threats from a technical perspective to business-line ability to communicate risks and propose counter measures to senior technology executives.
What Skills and Qualifications Do I Need
- Bachelors degree in Cybersecurity Electrical Engineering Computer Engineering Systems Engineering or related field.
- Demonstratedyears in cybersecurity with significant experience in OT/ICS security architecture experience in rail transit transportation or other critical infrastructure environments is preferred
- Experience with standards/frameworks IEC 62443 NIST CSF NIST SP 800-82 TS 50701 and ISO 27001 and APTA and transport-sector cybersecurity guidance
- Experience with IEC 62443 2-3 risk assessment methodology
- Good technical understanding of common OT systems such as PCS SCADA PLCs RTUs HMIs CNC etc.
- IEC 62443 related certifications
- Ability to work independently on initiatives with little oversight.
- TOGAF Certification is an asset.
- Enhanced reliability security clearance or equivalent is an asset.
- For projects involving classified information/assets Enterprise Security Architects may require enhanced reliability clearances or equivalent.
Dont Meet Every Requirement
If youre excited about working with Metrolinx but your past experience doesnt quite align with every qualification of this posting we encourage you to apply. You just might be the right candidate for this or other roles. We are always looking for great talent to join our team.
We invite all interested individuals to apply and encourage applications from members of equity-deserving communities including those who identify as Indigenous Black racialized women people with disabilities and people with diverse gender identities expressions and sexual orientations.
Accommodation:
We value the unique skills and experiences each person brings to Metrolinx and are committed to creating and maintaining an inclusive and accessible environment. We are committed to the requirements of the Accessibility for Ontarians with Disabilities Act so if you require accommodation during the hiring process please let our Recruitment team know by contacting us at: or email .
Application Process:
All applicants must be legally entitled to work in Canada. Metrolinx will be using email to communicate with you for all job competitions. It is your responsibility to include an updated email address that is checked daily and accepts emails from unknown users. As we send time-sensitive correspondence we recommend that you check your email regularly. If no response is received we will assume you are no longer interested in pursuing the opportunity. Please be advised that a Criminal Record Check may be required of the successful candidate.
For Internal applicants with the recent implementation of the Internal Mobility Policy the internal recruitment process has changed for non-union roles. Candidates must be in their current role for 12 months prior to applying for another role and each applicant must be in good standing (not participating in a Performance Improvement Plan). Please review all provisions of the policybefore submitting your application.
Should it be determined that any background information provided is misleading inaccurate or incorrect Metrolinx reserves the right to discontinue with the consideration of your application.
We thank all applicants for their interest however only those selected for further consideration will be contacted.
WE ARE AN EQUITABLE AND INCLUSIVE EMPLOYER.
#LI-MM3
Required Experience:
Staff IC
