Director, Industrial Cybersecurity
City : Toronto
Category : Information Security Office
Industry : Public Transportation
Employer : Toronto Transit Commission (TTC)
If you previously applied during the original posting period of 11/22/2023 to 12/15/2023, no need to reapply as all applications will be considered. Thank you.
Requisition ID: 8590
Number of Vacancies: View on TTC website
Department: Information Technology Services (20000014) - Information Security Office (30000033)
Pay Scale Group: 12SA
Employment Type: View on TTC website
Weekly Hours: View on TTC website, Off Days: View on TTC website Shift: View on TTC website
Posted On: February 23, 2024
Last Day to Apply: March 8, 2024
Reports to: View on TTC website
The Toronto Transit Commission (TTC) is North America's third largest transit system and has been recognized as one of the top places to work in the GTA. Guided by a forward-thinking strategic plan, the TTC's vision is to be a transit system that makes Toronto proud. The TTC's recruitment efforts are directly aligned to its mission of providing "a reliable, efficient, and integrated bus, streetcar and subway system that draws its high standards of customer care from our rich traditions of safety, service and courtesy."
The Director of Industrial Cybersecurity services will lead the development of the cybersecurity program as it relates to industrial and critical infrastructure, Operational Technology (OT), and Internet of Things (IoT) at TTC and ensure cybersecurity policies, standards and practices at IT and OT are aligned. The Industrial Cybersecurity Director will be a focal point for industrial cybersecurity and report to the CISO. This role will work closely with the IT, engineering, and OT teams in strategic decision-making roles to build a unified cybersecurity framework, strategy, and standard operating models to address cybersecurity risks.
The Industrial Cybersecurity director will develop the industrial cybersecurity strategy, roadmap, processes, policies, and guidelines related to the OT environment in partnership with the engineering team at Signal Electrical Communication, that manages SCADA (Supervisory Control and Data Acquisition), ICS (Incident Command System) and backbone network infrastructure. The Industrial Cybersecurity Director for cybersecurity will work closely with those teams, CISO and other cybersecurity directors to align OT cybersecurity initiatives and standardize cybersecurity processes and procedures in IT and OT environments.
Key Job Functions
Provide strategic leadership in industrial cybersecurity and work closely with CISO, senior executive, vendors and OT engineering team
- Assist CISO in developing industrial cybersecurity accountability.
- Provide visibility to senior leadership on industrial cybersecurity risks, initiatives and alignment with the overall cybersecurity strategy.
- Prepare and present industrial cybersecurity risk management reports to stakeholders.
- Partner with business stakeholders as well as the engineering and signalling teams to raise awareness of risk management concerns regarding industrial cybersecurity.
- Maintain and provide visibility to OT asset inventories at corporate level.
- Escalate cybersecurity risks versus OT operations continuity trade-offs to the senior leadership.
- Provide guidance on the acquisition and implementation of OT technologies and services. Advise on the selection of new OT technologies and services.
- Facilitate vendor management and communication with OT vendors on cybersecurity requirements.
Develop the industrial cybersecurity strategy, roadmap, policies, processes, and guidelines related with OT environment:
- Develop industrial cybersecurity strategy, framework, and roadmap that is aligned with TTC’s priorities and enables and facilitates the TTC's business objectives ensuring stakeholder buy-in.
- Establish an industrial cybersecurity governance structure and a collaboration framework with the engineering teams.
- Define policies, procedures, and guidelines for industrial cybersecurity aligned with overall cybersecurity and IT cybersecurity framework at TTC.
- Align IT and OT cybersecurity policies with consistent standards.
- Establish annual and long-term industrial cybersecurity and compliance goals with define industrial cybersecurity metrics, targets, and reporting mechanisms for continual program improvements.
- Manage the operational plans and performance objectives for industrial cybersecurity programs, technologies, and activities.
- Responsible for industrial cybersecurity governance, budgets, audits, risk, and compliance.
Oversee industrial cybersecurity-related projects, review technical security architecture platforms as part of new projects and initiatives and assess current OT infrastructures and solutions at TTC
- Provide direction, standards and standard procedure for the OT staff on day-to-day cybersecurity activities – Patch deployment, vulnerability management, Incident response, threat detections, network monitoring and logging, end point protection, OT DMZ (demilitarized zone) management, etc. This will be done in partnership with the OT leadership to analyze and escalate trade-offs for leadership decision making where needed.
- Provide direction for OT assets tracking, and minimum standard security requirements and configurations (e.g., routers, firewalls, LANs, WANs, VPNs, PLCs, HMIs, SCADA).
- Provide direction for patching schedule, vulnerability and patch management on OT assets in partnership with engineering team maintaining the operation and its continuity.
- Review OT network security architectures design and provide security best practices and standards aligned with the IT security standard to the OT network infrastructure team.
GENERAL DUTIES AND ROLES IN ACHIEVING OBJECTIVES
- Direct and oversee the development of a multi-year industrial cybersecurity program plan, detailed strategic goals and objectives, operating and capital budgets, and monitor to ensure compliance with approved budgets, organizational policies and the TTC’s corporate plan and directives.
- Partnership with stakeholder to prioritize industrial cybersecurity initiatives and recommend reallocation of resources, budget, initiatives, and activities in order to deliver the industrial cybersecurity strategy and roadmap.
- Monitor the flow of work to ensure that industrial cybersecurity program activities meet quality and quantity standards and address cybersecurity risks at an enterprise level.
- Conduct regular meetings with key stakeholders at IT, OT, and enterprise level to discuss risks, trade-offs, share relevant knowledge on the cybersecurity risks, threats, and initiatives.
- Lead and motivate a diverse workforce, ensure effective teamwork, resolve workforce/alternate service delivery issues (including labour relations issues), ensure high standards of work quality and organizational performance, and encourage continuous learning and innovation in others.
- Develop outsourcing plans and vendor relationship management to meet industrial cybersecurity demands where in-house skillsets, resources, and technology do not meet the requirements.
- Act as strategic advisor for direction to respond to cybersecurity incidents with impact on the OT environment in partnership with the Signal/Electrical/Communication (SEC) team.
- Oversee the response activities to cybersecurity incidents, and report on the incidents impact, root-cause and post-mortem lessons to the board and Information Technology Executive Committee (ITX).
- Support industrial cybersecurity audits and assessment by facilitating information and evidence gathering.
- Promote a respectful work and service environment that supports diversity, inclusion, and is free from harassment and discrimination. Provide leadership in the development and implementation of inclusive and accessible policies, programs and/or services for employees and customers in accordance with TTC’s commitments and obligations under the Ontario Human Rights Code (OHRC) and Related Orders, the Accessibility for Ontarians with Disabilities Act (AODA), and TTC’s policies.
- Perform other related duties as assigned.
Education and Experience
- Possession of certificates or education related to industrial automation and engineering or the combination of education and experience.
- Possession of certificates of industrial automation or security, preferably in ICS domain (ICS vendors, ISA 62443, GICSP-GIAC).
- Knowledge of cybersecurity policies and standards related to industrial/OT/ICS/SCADA, with the ability to apply knowledge best practices to implement new cyber defense and resiliency techniques for industrial environments.
- Understanding of attack vectors, vulnerabilities, and how they are leveraged by malicious actors.
- Knowledge of the cybersecurity concepts typical to the industrial/OT/ICS environments especially in two or more areas such as vulnerability management, security operations access management, network architecture & segmentation, asset management, defense in depth, etc.
- Experience in designing enterprise-wide industrial cybersecurity organizational structures and processes.
- Experience with supporting and drafting security architectures for industrial/OT/ICS environment.
- Understanding of technologies (assets, communication protocols, technical architectures, segmentation requirements) utilised by industrial/OT/ICS systems (SCADA/DCS/PLC/RTU) and network infrastructure.
- Knowledge of the technical security concepts and solutions utilised within IOT/ICS systems and networks.
- Experience with configuring and monitoring of network infrastructure, firewalls, IDS/IPS and SIEM tools.
- A detailed understanding of one or more industrial/OT/ICS security standards and frameworks such as: ISA/IEC 62443 and NIST 800-82.
- Experience successfully executing on multiple industrial cybersecurity programs in complex technical and organizational environments with operation continuity trade-offs.
- Demonstrated work experience in municipal administration.
- Demonstrated work experience in transit or critical Infrastructure.
- Experience in regulated and unionized environments in relevant industrial cybersecurity senior positions.
- Awareness of and experience leveraging industry best practices for network and cloud security.
The TTC is committed to upholding the values of equity, diversity, anti-racism and inclusion in the delivery of its services and in its workplaces. The TTC is committed to fostering a diverse workforce that is representative of the communities it serves at all levels of the organization, and supports an inclusive environment where diverse employee and community perspectives and experiences bring value to the organization. The TTC encourages applications from all applicants, including members of groups with historical and/or current barriers to equity, including but not limited to, Indigenous, Black and racialized groups, people with disabilities, women and people from the LGBTQ(IA+) community. The TTC values and supports an inclusive and barrier-free recruitment and selection process. Accommodations for applicants are available upon request throughout the recruitment and selection process, including for those who identify as having a disability. Please contact Talent Management at (416) 393-4570. Any information received related to an accommodation will be addressed confidentially.
The TTC’s policy prohibits relatives of current TTC employees from being hired, assigned, transferred or promoted into positions, where there is a conflict of interest due to a relationship. Should you be selected for an interview, you will be required to disclose the name, relationship and position of any relative who is a current TTC employee.
We thank all applicants for their interest but advise only those selected for an interview will be contacted.