Industrial Cybersecurity Specialist

Summary

We are currently recruiting for an Industrial Cybersecurity Specialist for our Industrial Networking & Cybersecurity Team in Edmonton, Burnaby, or Calgary. In this role you will work with the Control Systems Lifecycle and Project Services teams throughout a range of cybersecurity engagements. Your work will be performed both in the office and at customer sites, applying cybersecurity expertise to consult, deploy, and support new and existing industrial automation solutions. The successful candidate will report to the Manager, Lifecycle Services.

This is a unique career-building opportunity for individuals who want to work with a leading industrial automation and digital solutions supplier in Western Canada. At Spartan, we provide solutions based on leading edge and industry recognized technologies in some of the largest industrial facilities in Western Canada. This position will provide an opportunity to apply your IT/OT knowledge and experience to the industrial side of the business from design through application, implementation and ongoing service and support with the guidance and support of a highly qualified team. The training provided for this opportunity will consist of formal training, mentoring, and partnering with peers in the Industrial Networking & Cybersecurity Team.

Role and Responsibilities

• Provide technical expertise for cybersecurity solutions to customers
• Support preliminary cybersecurity system designs for sales team as required
• Develop, implement, and maintain cybersecurity policies, standards, and procedures for industrial control system (ICS) environments
• Ensure compliance with industry standards and regulations (e.g. IEC 62443, NIST CSF, ISO 27001, NERC CIP, CIS)
• Design, deploy, and monitor secure architectures for OT networks, including segmentation, firewalls, and secure remote access
• Implement endpoint protection, intrusion detection/prevention (IDS/IPS), and security monitoring in ICS environments
• Completion of cybersecurity assessments during system design, commissioning, and upgrades of industrial automation systems
• Review and provide recommendations on customers OT network architecture (L0 to L5)
• Provide actionable mitigations for identified asset vulnerabilities
• Monitor OT/ICS environments for cybersecurity events and anomalies
• Participate and support the incident response process for customer security breaches.
• Conduct root cause analysis and create remediation action plans
• Work with customers automation, OT, IT and operations staff
• Serve as a liaison between IT security teams and OT/ICS staff
• Integration between operational and business information systems
• Hardware and software configuration:
  • Switches, routers and firewalls
  • Virtualization computing systems (e.g. Hyper-V)
  • VPN’s, encryption, PKI
  • Backup and recovery solutions
  • Endpoint protection, whitelisting
  • Network security monitoring
  • Security Information and Event Management
  • Security Orchestration Automation and Response
  • Vulnerability Management
  • Automated patch management
• Provide input into improvement of current engineering and service processes and practices
• Travel required

Qualifications and Skills

• Network Engineering Technology Diploma, Cybersecurity for Control Systems Diploma, Industrial Network Cybersecurity Diploma, Bachelor of Technology - Cybersecurity or Bachelor of Applied Information Systems Technology (emphasis on Network Management Major)
• 3-7 years of experience in industrial automation, control systems or cybersecurity
• Cybersecurity certifications (GICSP, GRID, CSSA, CEH, CompTIA Security+, OSCP) are an asset
• Technical working knowledge of IT/OT firewall equipment
• Training will be provided; however, related automation system experience would be an asset
• Expertise with cybersecurity best practices, security policies and common controls
• Expertise with industry standards such as IEC 62443, NIST CSF, NERC CIP, ISO27001, CIS, etc.
• Experience with red/blue/purple team type engagements an asset
• Experience with Microsoft and Linux operating systems and virtualization
• Experience with threat hunting, analysis and response
• Experience with Active Directory and DNS configuration and troubleshooting
• Experience with backup and recovery systems
• Understanding of the Purdue model and effective zone separation
• Good working knowledge of or willingness to learn the nuances of working in industrial environments
• Strong analytical and problem-solving skills
• Strong technical/computer background
• Strong technical writing and communication skills
• Passion for technology, working closely with customers and other team members
• Exceptional communication skills and customer service practices
• Adaptability to fast-changing threat landscapes and industrial environments
• Work independently and within a team environment
• Entrepreneurial work ethic
• Willingness to travel; valid Class 5 driver license required
• Spartan is committed to providing a safe workplace for all employees. This position is classified as safety-sensitive, and as such, the successful candidate will be required to pass a pre-employment alcohol & drug test.