Manager, Cybersecurity Assurance Job at Atco
Always there. Anywhere. That’s us! A team committed to delivering inspired solutions for a better world. We care for our communities and each other, and we are committed to showing up for those who need us. We value and encourage diversity, and we have the courage to do the right thing, even when it’s hard.
We’re looking for someone who cares about their work and strives for more each day. Someone who challenges the status quo, embraces change, and thrives in a collaborative work environment. If you are someone who approaches work with passion, curiosity and the courage to innovate, then this role is for you
We are looking for a Manager, Cybersecurity Assurance to join us in the exciting work we do in ATCO Group IT. This position is responsible for supporting the development and delivery of the Cyber Security Program within the functional areas of IT and OT operations and projects.
What You Get To Do:
Operational Cyber Security Program Management (25%)
Ensure adequate resources and organizational structure in place for each functional area within the Operational Cybersecurity group.
Support the 3-year business plan for the Cybersecurity Operations.
Provide written and verbal updates to the Operational Cybersecurity Director as required regarding the program status, barriers, road blocks and mitigation strategies.
Interface across organizational boundaries regarding security and compliance program activities, governance, and direction.
Provide ongoing education and other appropriate organizational change activities across ATCO as industry and operational technology evolves to ensure business impacts of emerging trends are understood, integrated as appropriate and addressed.
Work with other groups across ATCO to ensure that standards, processes, tools, roles and responsibilities that support Operational Cybersecurity are clearly defined, documented, communicated and followed.
Develop workforce and training budgets and plans in support of the Operational Cybersecurity Program
Responsible for quality control of the Operational Cybersecurity Program by ensuring completeness of controls implemented with an appropriate balance between risk mitigation of cyber security threats with efficiency and integrity of the operations of ATCO.
Conduct ongoing coaching, and scheduled quarterly performance reviews.
Establish, track and report work programs that support departmental objectives and priorities.
Establish performance objectives (initially in conjunction with the Operational Cybersecurity Director) including development plans
Proactively monitor for and identify issues related to the Operational Cybersecurity program and communicate their impacts for program execution, scheduling, critical path, resources, and risks.
Cybersecurity Operations Management (55%)
Ensure processes and procedures are in place to oversee and comment on the cybersecurity impacts of changes within the ATCO IT and OT environments.
Provide oversight of security systems and services to ensure they continue to provide required security functionality.
Ensuring appropriate participation and contributions are made to ATCO projects.
Providing tools as required to support the delivery of Operational Cybersecurity functions.
Working in a cross functional manner to provide organizational and tactical recommendations and solutions to accommodate security requirements within ATCO’s service areas and business units.
Working with project teams to ensure that cyber security requirements and standards are communicated and met.
Estimating cyber security projects, schedules and resource requirements
Provide leadership in the programs and projects supporting the Operational Cybersecurity program under your responsibility that supports ATCO core values, business objectives, prudent financial management, and effective resource utilization.
Ensure resources assigned to programs and projects under your direction are managed to the maximum effectiveness and efficiency possible.
Documenting all Cyber Security Program Owner approved program exceptions.
Work with project teams, other functional managers, and the PMO to establish and obtain commitment to a work plan to implement programs in place.
Lead creative and coordinated problem-solving processes across organizational boundaries to secure resources resolve governance issues, establish and/or clarify processes and procedures and ensure commitments to implement work plan
Cybersecurity Regulatory Compliance (20%)
Providing the ARS Compliance Program Manager, and ATCO Electric Senior Management with recommended interpretations of ARS CIP requirements and regulatory direction.
Establish and process for NERC CIP and ARS CIP Standards and recommending changes to the Cyber Security process and procedures as required.
Coordinating Cyber Security Program activities such as: program audits and self-assessments, compliance self-assessment, ARS CIP compliance audits, security architecture reviews, coordinating reviews of service agreements (related to outsourced CSO services) / access agreements / non-disclosure agreements.
Communicating ARS CIP Standard updates to the Compliance Program Manager and stakeholder managers participating in the cybersecurity aspects of regulatory filings, including preparation of business cases and responding to Information requests.
Working with internal and external auditors, regulatory authorities, and internal collaborators assembling and providing compliance evidence, managing self-certifications, reporting and mitigation strategies for non-compliance or suspected non-compliance events and incorporating audit findings and learning into policies, standards and processes.
Conducting reviews as required and reporting on ARS CIP compliance status within AE to the Program Owner and the Operational Cybersecurity Director
Provide leadership and guidance to the business with respect to the execution of the compliance program for CIP.
Lead in the identification, response and reporting of CIP Compliance contraventions.
Provide resources, tools and responses for regularly scheduled vulnerability testing in support of the ARS CIP Compliance program.
Participate in industry related groups for the development of standard processes, identification of issues, execution of industry initiatives and information sharing
Who You Are:
Knowledge of NIST security practices, NERC CIP Standards and Alberta ARS CIP Standards.
Ability to pragmatically communicate cyber security risks in business terms to all levels of the organization and develop appropriate action plans (10+ years)
Bachelor’s Degree in Commerce, Business or Computer Science, Information Systems Technology, or Information Systems Security;
Security Certification such as CISSP, CISM, CISA, ISSAP, others
Managerial/Supervisory responsibilities - 30% of time
Significant experience (5+ years) in operational technologies focused in substation control systems, networks or real time systems such as supervisory control and data acquisition (SCADA) systems.
Significant experience (5+ years) in securing process control and real time operational systems including their computers operating systems, networks operating systems and related commercial applications.
Security program management experience (7+ years), security policy development and security project management experience.
What We Offer:
A culture based on caring, integrity, agility, collaboration, and striving for excellence
Competitive compensation
Flex benefits
Tuition assistance program
Training and mentorship programs
Charitable donation matching
We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.
Canadian Utilities is part of ATCO Ltd. ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com.
At ATCO, we support a diverse and inclusive environment that values the contributions and perspectives of everyone on the ATCO team. We believe the ATCO team is the foundation of our business and our most valuable asset across our global operations. Without each team members’ unique skills, strengths, and knowledge, we simply wouldn’t be able to achieve our fundamental vision of delivering life’s essential services to our customers around the world.
ATCO is an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Please Note :
nvalabs.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, nvalabs.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.
We’re looking for someone who cares about their work and strives for more each day. Someone who challenges the status quo, embraces change, and thrives in a collaborative work environment. If you are someone who approaches work with passion, curiosity and the courage to innovate, then this role is for you
We are looking for a Manager, Cybersecurity Assurance to join us in the exciting work we do in ATCO Group IT. This position is responsible for supporting the development and delivery of the Cyber Security Program within the functional areas of IT and OT operations and projects.
What You Get To Do:
Operational Cyber Security Program Management (25%)
Ensure adequate resources and organizational structure in place for each functional area within the Operational Cybersecurity group.
Support the 3-year business plan for the Cybersecurity Operations.
Provide written and verbal updates to the Operational Cybersecurity Director as required regarding the program status, barriers, road blocks and mitigation strategies.
Interface across organizational boundaries regarding security and compliance program activities, governance, and direction.
Provide ongoing education and other appropriate organizational change activities across ATCO as industry and operational technology evolves to ensure business impacts of emerging trends are understood, integrated as appropriate and addressed.
Work with other groups across ATCO to ensure that standards, processes, tools, roles and responsibilities that support Operational Cybersecurity are clearly defined, documented, communicated and followed.
Develop workforce and training budgets and plans in support of the Operational Cybersecurity Program
Responsible for quality control of the Operational Cybersecurity Program by ensuring completeness of controls implemented with an appropriate balance between risk mitigation of cyber security threats with efficiency and integrity of the operations of ATCO.
Conduct ongoing coaching, and scheduled quarterly performance reviews.
Establish, track and report work programs that support departmental objectives and priorities.
Establish performance objectives (initially in conjunction with the Operational Cybersecurity Director) including development plans
Proactively monitor for and identify issues related to the Operational Cybersecurity program and communicate their impacts for program execution, scheduling, critical path, resources, and risks.
Cybersecurity Operations Management (55%)
Ensure processes and procedures are in place to oversee and comment on the cybersecurity impacts of changes within the ATCO IT and OT environments.
Provide oversight of security systems and services to ensure they continue to provide required security functionality.
Ensuring appropriate participation and contributions are made to ATCO projects.
Providing tools as required to support the delivery of Operational Cybersecurity functions.
Working in a cross functional manner to provide organizational and tactical recommendations and solutions to accommodate security requirements within ATCO’s service areas and business units.
Working with project teams to ensure that cyber security requirements and standards are communicated and met.
Estimating cyber security projects, schedules and resource requirements
Provide leadership in the programs and projects supporting the Operational Cybersecurity program under your responsibility that supports ATCO core values, business objectives, prudent financial management, and effective resource utilization.
Ensure resources assigned to programs and projects under your direction are managed to the maximum effectiveness and efficiency possible.
Documenting all Cyber Security Program Owner approved program exceptions.
Work with project teams, other functional managers, and the PMO to establish and obtain commitment to a work plan to implement programs in place.
Lead creative and coordinated problem-solving processes across organizational boundaries to secure resources resolve governance issues, establish and/or clarify processes and procedures and ensure commitments to implement work plan
Cybersecurity Regulatory Compliance (20%)
Providing the ARS Compliance Program Manager, and ATCO Electric Senior Management with recommended interpretations of ARS CIP requirements and regulatory direction.
Establish and process for NERC CIP and ARS CIP Standards and recommending changes to the Cyber Security process and procedures as required.
Coordinating Cyber Security Program activities such as: program audits and self-assessments, compliance self-assessment, ARS CIP compliance audits, security architecture reviews, coordinating reviews of service agreements (related to outsourced CSO services) / access agreements / non-disclosure agreements.
Communicating ARS CIP Standard updates to the Compliance Program Manager and stakeholder managers participating in the cybersecurity aspects of regulatory filings, including preparation of business cases and responding to Information requests.
Working with internal and external auditors, regulatory authorities, and internal collaborators assembling and providing compliance evidence, managing self-certifications, reporting and mitigation strategies for non-compliance or suspected non-compliance events and incorporating audit findings and learning into policies, standards and processes.
Conducting reviews as required and reporting on ARS CIP compliance status within AE to the Program Owner and the Operational Cybersecurity Director
Provide leadership and guidance to the business with respect to the execution of the compliance program for CIP.
Lead in the identification, response and reporting of CIP Compliance contraventions.
Provide resources, tools and responses for regularly scheduled vulnerability testing in support of the ARS CIP Compliance program.
Participate in industry related groups for the development of standard processes, identification of issues, execution of industry initiatives and information sharing
Who You Are:
Knowledge of NIST security practices, NERC CIP Standards and Alberta ARS CIP Standards.
Ability to pragmatically communicate cyber security risks in business terms to all levels of the organization and develop appropriate action plans (10+ years)
Bachelor’s Degree in Commerce, Business or Computer Science, Information Systems Technology, or Information Systems Security;
Security Certification such as CISSP, CISM, CISA, ISSAP, others
Managerial/Supervisory responsibilities - 30% of time
Significant experience (5+ years) in operational technologies focused in substation control systems, networks or real time systems such as supervisory control and data acquisition (SCADA) systems.
Significant experience (5+ years) in securing process control and real time operational systems including their computers operating systems, networks operating systems and related commercial applications.
Security program management experience (7+ years), security policy development and security project management experience.
What We Offer:
A culture based on caring, integrity, agility, collaboration, and striving for excellence
Competitive compensation
Flex benefits
Tuition assistance program
Training and mentorship programs
Charitable donation matching
We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.
Canadian Utilities is part of ATCO Ltd. ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com.
At ATCO, we support a diverse and inclusive environment that values the contributions and perspectives of everyone on the ATCO team. We believe the ATCO team is the foundation of our business and our most valuable asset across our global operations. Without each team members’ unique skills, strengths, and knowledge, we simply wouldn’t be able to achieve our fundamental vision of delivering life’s essential services to our customers around the world.
ATCO is an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.
Please Note :
nvalabs.org is the go-to platform for job seekers looking for the best job postings from around the web. With a focus on quality, the platform guarantees that all job postings are from reliable sources and are up-to-date. It also offers a variety of tools to help users find the perfect job for them, such as searching by location and filtering by industry. Furthermore, nvalabs.org provides helpful resources like resume tips and career advice to give job seekers an edge in their search. With its commitment to quality and user-friendliness, Site.com is the ideal place to find your next job.