Share this Job

Information Assurance Security Officer

Date: Feb 3, 2019

Location: Peterborough, ON, CA

Company: BWX Technologies

BWXT ITG Canada, Inc. provides its customers, who conduct life-saving medical procedures for patients around the world, the benefit of decades of experience in the development, manufacturing, packaging and delivery of medical isotopes and radiopharmaceuticals. Headquartered in Kanata, Ontario, BWXT ITG Canada, Inc. employs over 150 highly-skilled people in Kanata and Vancouver, British Columbia. BWXT ITG Canada, Inc. is part of the BWXT nuclear power segment (NPG) of BWX Technologies, Inc.

 

 

Information Assurance Security Officer

We are recruiting for an Information Assurance Security Officer for our facility in Peterborough, Ontario.

JOB SUMMARY:

The Information Assurance Security Officer in Canada remains familiar with local conditions including prevailing laws, organizational culture, and business activities. This is a senior position that is responsible for interpreting Cyber Security requirements and coordinating the implementation of controls to satisfy those requirements. This will require regular interaction with business leadership to ensure Cyber Security activities align with business initiatives and ensure leadership remains informed of Cyber Security initiatives.  The ideal candidate will be highly motivated, a seasoned expert with leadership experience who is interested in achieving excellence.  The ideal candidate is also experienced in implementing compliance frameworks and works effectively with minimal supervision.  The incumbent will report directly to the Sr. IT Manager, Cyber Security and will be responsible for the following scope of work duties for the Canadian operations:

RESPONSIBILITIES:

·         Participates in the strategic planning process to transform the security architecture as threats, regulatory requirements and the business changes.

·         Reviews, interprets, and guides the implementation of controls to satisfy regulatory and organization contractual requirements related to Cyber Security and the protection of privacy information such as PIPEDA and GDPR.  Works with local management and staff to assist them with efforts to maintain compliance with Cyber Security requirements.

·         Actively participates in internal and external audits associated with Cyber Security compliance, including remediation of compliance issues found during audits.

·         Provides Cyber Security advice and perspective to users and management.  When questions or issues cannot be resolved locally, acts as a liaison with the Sr. IT Manager, Cyber Security for resolution at the corporate level.

·         Coordinates the activities of users, local Systems Administrators, and local Network Administrators to help ensure that all documented Cyber Security requirements have been met.

·         Provides a first level Cyber Security review of Information Technology (IT) solutions, IT upgrade proposals, business application development proposals, new IT implementation plans, operating system conversion plans, IT outsourcing plans, and related information systems change requests.

·         Participates in IT project management and steering committees to ensure Cyber Security concerns are considered during the planning and execution of IT projects and business initiatives.

·         Produces metrics for reporting NOG Cyber Security risk, compliance, and security operations performance to the Chief Information Officer (CIO).

·         Ensures the development, documentation and presentation of Cyber Security education, awareness, and training activities for managers, IT personnel, information system owners, instrumentation and control system engineers, and general users.

·         Identifies and documents specific threats to information systems and information, develops and documents additional or modified protection measures for those threats, and obtains approvals for the modified protection measures.  Brings local Cyber Security issues, vulnerabilities, and compliance problems that have not been adequately addressed to the attention of the Sr. IT Manager, Cyber Security.

QUALIFICATIONS:

·         Must have a working knowledge of IT system architectures, including technology infrastructure, data, and applications.

·         Must understand best practices for securing virtual infrastructure, operating systems, databases, applications, and externally hosted solutions.

·         Must have excellent communications skills in order to effectively interact with business, Information Technology (IT) personnel, and Government agencies.

·         Must have a working knowledge of security frameworks and standards, ex:  CSA standard N290.7-14, ISO 27000 series, NIST SP 800-53, CIS Critical Security Controls, OWASP, SSAE 16/18, etc.

·         Must currently hold a related certification, such as CISSP, GSLC, CISA, CISM, or CRISC.  The PMP certification is also desirable.

·         Must be able to maintain confidentiality when working with sensitive information.

·         Prior experience in the Canadian nuclear energy industry with computer-based instrumentation and control systems is preferred.

·         Candidate should have experience conducting risk and vulnerability assessments, leading audit reviews, developing project plans, and leading cross-functional project teams.

 

BWXT ITG Canada, Inc. embraces diversity of thought, values individuality, encourages new perspectives and provides equal opportunity in employment for all qualified employees and applicants without regard to race, national or ethnic origin, colour, religion, age, sex, sexual orientation, marital status, family status, disability, a conviction for which a pardon has been granted or a record suspended or any other category protected by federal law.


Job Segment: Corporate Security, Law, Database, Information Systems, Security, Legal, Technology