NETWORK CYBER SECURITY ENGINEER

NETWORK CYBER SECURITY ENGINEER  

WINNIPEG, MB

• Competitive salary and benefits package.
• Defined-benefit pension plan.
• Nine-day work cycle which normally results in every other Monday off, providing for a balanced approach to work, family life and community.
• Flex-time and partially remote work schedule (providing the option to work remotely 3 days per 2 week period), depending on nature of work, operational requirements and work location.

• Lead the establishment of corporate policies and standards for design, implementation, and sustainment of network security controls: Protect IT and OT network technology assets from cyberattacks. Identify and address instances of potential non-compliance of standards and policies. Update standards and programs associated with network security based on cyber threat landscape, utility best practice and in response to threat intelligence and known vulnerabilities.  Support network design teams as required to support mitigations required due to threat intelligence.
• Design corporate strategies, guidelines, configurations and hardened baselines: In collaboration with network design teams across the corporation apply utility best practice for configuring firewalls, intrusion detection systems, and other security systems to enforce access control policies and prevent unauthorized access. Identify and implement detection and response telemetry, alert thresholds, and response plans for network security. 
• Sustain network cyber security maturity: Research emerging threats and vulnerabilities to aid in the identification of network incidents, and supports the creation of new architecture, policies, standards, and guidance to address them. Support the creation of network-specific business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies. Create and support testing requirements for new computers, software, switch hardware and routers before implementation to ensure security requirements are met. Develop IT/OT segregation strategy, guidelines and security-related design criteria and oversee periodic IT/OT network separation testing. Coordinate strategy and design criteria updates resulting from such testing.
• Organizational change management: In cases where network resources are to be changed; plan, deliver, and lead required organizational change management activities including awareness and training. 
• Provide mentorship and coaching: Provide coaching and mentoring to staff across the division and ECSP through various forms (including information sharing presentations, documentation and process reviews, brainstorming, guidance, counsel and coaching and technical training plan development and implementation). Play a lead role in documenting work processes and continuous improvement.  
• Support the Enterprise Cyber Security Program: Assist in the delivery of the enterprise cyber security program including implementing projects, policies, standards and technology to assist in increasing the cybersecurity maturity of Manitoba Hydro to utility average and maintaining at or above average network security maturity.
• Support cyber security operations where required:  Support cyber event incident response and recovery as part of the Incident Response Team. In the event of a significant cyber security incident, you may be called to support response activities at any time during a 24-hour period to assure Manitoba Hydro system security and reliability.  

• Graduate in Engineering from a university of recognized standing, plus a minimum of seven years related experience, including two years related experience in Cyber Security, Operational Technology, or Information Technology Infrastructure support.
• Member in good standing with Engineers Geoscientists Manitoba
• Has or be willing to obtain certification within 12 months: ISAACA CSX Cybersecurity Practitioner (CSX-P) or (ICS)2 Entry -Level Cybersecurity certification; and maintain that certification in good standing. Professional certifications such as CISSP, CISM, CRISC, OSCP, CEH, CGIH, GPE, SANS, etc would be an asset.
• Possess an understanding of Cyber security concepts, controls, frameworks and standards including NIST and ISO. Knowledge of ICS Cyber Security Risk Management and NERC Critical Information Protection (CIP) Standards, Programs and Procedures, CIP infrastructure components and CIP cyber assets. Familiarity with compliance standards, evidence requirements and understanding audits and assessments. 
• Technical expertise in analyzing network-specific threat event data, evaluating malicious activity, documenting unusual files and data, and identifying tactics, techniques and procedures used by attackers to drive development of corporate-wide standards, policies, procedures, guidelines and design criteria.
• Familiarity with business needs and commitment to delivering high-quality, prompt and efficient service to the business.
• Technical system support experience with Information Technology, Operational Technology and infrastructure components.
• Strong written and verbal communication skills with a demonstrated ability to communicate effectively, deliver reports, recommendations, and presentations, and the ability to build and maintain harmonious working relationships with staff across the enterprise at all levels.
• Excellent organizational and interpersonal skills, including facilitation, and negotiation. 
• Demonstrated creativity in resolving complex information technology issues, implementing new processes and products and redesigning work processes. 
• Demonstrated initiative, and ability to prioritize, and achieve results in a timely manner.
• Possess good analytical skills, be self-motivating, and possess mature judgment with the ability to make and implement sound decisions.
• Possess a valid Province of Manitoba Driver's License.
• Must obtain and maintain a current Personnel Risk Assessment and a "Clear" security rating in accordance with Manitoba Hydro policy P513.
• Must complete Manitoba Hydro Standards of Conduct training.
• Critical Infrastructure Protection (CIP) Training is required and must be completed prior to transfer date and renewed annually.