Job Specification

Purpose :

The cyber security expert for OCWA. In a 7/24/365 environment, provide cyber security expertise and leadership for the cyber security practices for the Ontario Clean Water Agency (OCWA). To recommend, lead and implement safeguards that secure IT systems used to operate and maintain client treatment plants. To provide advice to executive stakeholders within OCWA and to regional managers in order to inform the ministry and OCWA's clients on cyber security procedures, processes and protocols that define who, how and when system access is secured for the water and wastewater treatment plants. The subject matter expert (SME) responsible for cyber security incident intelligence, threat forensic analysis, strategy, design and implementation in order to secure OCWA's network, data centres and IT systems and services.

Key Responsibilities :

1. Cyber Security Strategy, Design, Development and Management
 As cyber threats continue to evolve and become more sophisticated, research on cyber security software, tools and technology are constantly needed in order to provision a strong cyber security posture
 Recommend, design and lead implementation of cyber security protocols that align with National Institute of Standards and Technology (NIST) and Government of Ontario IT Standards (GO-ITS).
 Lead cyber security architecture, network engineering, server protocols to safeguard data centre hosted solutions
 Lead province-wide network topology and associated software, hardware and upgrades to conform with latest cyber security protocols to safeguard province-wide network
 Recommend and implement advanced analytic tools to determine emerging threat patterns and vulnerabilities
 Conducts research to assess the OCWA/client business direction, priorities, service demands, business impact and IT environment to assess and determine cyber security and infrastructure technology requirements to meet the client business needs.
 Quantifies and qualifies the potential value, costs and risks of new technology, processes, tools and methods to recommend the optimal unified architecture and systems configuration for success.
 Provides project oversight for all phases of infrastructure technology projects to support OCWA client and enterprise priorities, initiatives, application needs and technical developments, ensuring proper cyber security processes are implemented
 Recommend and develops data centre hosting, cloud and mobile application standards that are secure and confirm with NIST and GO-ITS standards
 Develops cyber security awareness training for all OCWA staff
 Develops technology requirements/specifications for RFPs and participates in assessing bids and negotiating SLAs with vendors. Manages assigned contracted service providers
 Lead and conduct forensic analysis of cyber threats and recommend corrective action
 Acts as cyber threat incident manager to identify, resolve and recover from security breaches and report back to senior leadership

2. Cyber Security Policy, Procedures and Standards Development
 Researches, develops, implements and maintains OCWA corporate IT related policies, standards and procedures, as approved by management, ensuring integration with enterprise IT policies and standards.
 Develops and implements approved assessment criteria to monitor and report with recommendations on policy and standards relevance, effectiveness, compliance and change. Follows-through as approved to ensure efficiency, effectiveness, compliance and ongoing integration with enterprise IT strategies, policies and priorities.
 Provides input to OCWA corporate IT project development policies, standards, and procedures.

3. Consultation, Expertise and Advice
 Consults with OCWA management/staff in regional hubs across the province and with clients (e.g. public sector partners, water and waste private sector companies, First Nations and municipalities) to provide cyber security advice when defining business, data centre operations, information and systems requirements and identifying secure solutions and deliverables suited to client needs.
 Provides infrastructure technology expertise, advice and recommendations to OCWA management on complex infrastructure technology issues solutions and strategies, and to promote and market cyber security solutions and gain buy-in for advanced systems opportunities.
 Develops, fosters and manages effective relationships and partnerships on behalf of OCWA with vendors, suppliers, staff, project team members and interdisciplinary colleagues to facilitate cooperative approaches and mutual business efforts.
 Provides strategic and situation-specific infrastructure technology and associated threat/risk advice and expertise to OCWA management/staff and clients.
 Works closely with IT infrastructure SME's to advise on and support successful implementation of approved changes resulting from infrastructure technology recommendations (e.g. cyber security designs, network engineering projects, policy changes, data centre optimization).
 Coaches peers and junior staff members on cyber security, network architecture and data centre optimization
 Develops and participates in related training for OCWA management/staff and clients e.g. cyber security awareness
 Participates on corporate OCWA committees and task forces to identify, assess and recommend strategies and approaches for architecture, platform and data centre implications to ensure effective integration and alignment.

4. Project Leadership and IT Change Management (ITIL)
 Plans and manages projects for the design, development and implementation of infrastructure technology models, standards and related procedures and processes, and makes operational decisions related to assigned projects/ activities to achieve objectives within required timelines.
 Conduct vulnerability testing of new solutions as part of the project implementation process
 Ensures change management process is followed for infrastructure and application production releases by following established governance models
 Provides technical leadership, guidance, advice and subject matter expertise to assigned project team members and consultants including determining work priorities and assignments; assigning ongoing projects/initiatives; providing ongoing guidance and technical direction; assessing and approving tasks as part of the change management cycle
 Leads/conducts special projects as assigned by the Director Infrastructure Services
 Participates as a team member on large scale OCWA project initiatives.

5. Relationship and Vendor Management
 Develops and manages effective relationships with external intelligence specialists, Cyber Threat intelligence Working Groups, government agencies, other jurisdictions and law enforcement organizations to acquire and share threat intelligence information, best practices and to identify opportunities for collaboration.
 Builds and maintains relationships with security staff in all Clusters to provide information and insight into threat intelligence.
 Consults with CSOC incident response teams by relaying actionable intelligence and analysis regarding scope, priority, and threat of the intrusion/breech, along with researching possible response and mitigation
 Works with vendors and manages 3rd party contracts for cyber security products and services

Knowledge / Skill :

 Cyber security certified or in progress to acquire certifications
 Security operations concepts, and incident remediation to lead the identification of key risk areas and to ensure adequate levels of control are in place to address risks.
 Malware forensic and incident response methodologies best practices to triage, plan and lead complex incident response activities, maintain chain of custody reporting, and full documentation of issues from identification through remediation; develop comprehensive processes, procedures, and techniques to ensure successful remediation
 Network security, cloud security, intrusion detection and analysis, cyber defense, vulnerability and threat assessments; network devices (e.g. firewalls, routers, switches, etc.) messaging systems, operating systems, common attack tools; security protocols, applications and authentication tools; cryptography and encryption methods
 Industry best practices and standards in infrastructure security, secure application development principles, IT security methodologies, vulnerability assessment methodologies, security design and infrastructure architecture
 Change management skills including release, version and security patch management
 Project management skills, including planning, estimating, budgeting, scheduling, measuring, monitoring and controlling, to manage multiple, concurrent, complex large-scale infrastructure technology projects.
 Research, analytical, evaluation and problem-solving skills to conduct cyber threat incidents analysis and provide resolutions and improvements
 OCWA administrative policies and procedures (finance, procurement, contract management), estimate and manage project budgets, write technical specifications, prepare input for RFPs; participate in evaluating proposals, select and negotiate SLAs with vendors; and manage vendor performance against contract requirements.
 Oral and written communications and customer service skills to consult with OCWA management/staff and clients to determine architectural needs, promote innovative cyber security solutions, provide ongoing technical expertise and advice, prepare reports, presentations and briefings, and provide expertise, advice and recommendations to OCWA senior management and clients.

Interpersonal / Influencing Skill :

 Consultation and advisory skills to work with OCWA and client managers to identify infrastructure technology needs and to provide guidance on infrastructure technology and data management policies, standards, practices and options, and to develop and sustain effective business relationships.

 Persuasion, networking, and negotiating skills to assist IT project managers in appreciating the long term benefits of including cyber security considerations such as vulnerability testing in projects, and to assist client managers with diverse interests, technical and non-technical backgrounds to accept best infrastructure technology options.

 Communication skills to clarify needs; explain technical concepts and terminology, and present information, options and recommendations for diverse audience.

 Leadership skills to provide direction, leadership, and mentorship to technical and non-technical personnel within the cyber security operation environment.

 Coaching and training junior to intermediate IT staff on cyber security best practices and standards

Analyzing / Problem Solving Skill :

Work autonomously to:
 evaluate new and emerging cyber security solutions including encryption technologies and make recommendations
 lead the planning and delivery of cyber security protocols in infrastructure technology and software project initiatives across the OCWA enterprise.
 identify, research and assess appropriate infrastructure technology needs in consultation with OCWA client senior management and clients, and analyze/recommend innovative architecture options and integration strategies.
 determine project priorities and schedules, assess/determine resources required, monitor activities and timeframes and expenditures, and ensure systems meet quality standards for reliability, confidentiality, security and contingency recovery.
 evaluate infrastructure technology directions, trends, standards and policies in a complex and evolving environment and make recommendations on general and specific infrastructure technology and data management issues.
 identify, research, develop and assess OCWA corporate infrastructure technology and data center operational policies, standards and methods.

Decision Making / Responsibility :

Responsible for:
 Leading a team conducting intelligence collection, tracking threat actors, identifying malicious behaviours and
 Analyzing cyber threat information from diverse sources to identify and prevent security issues through the production of actionable intelligence.
 Recommending and implementing innovative tools and technologies to realize best-in-class threat intelligence capability.
 Providing subject matter expert for the development of key elements of technical, operational and strategic practices and processes
 leading the development and communication of comprehensive cyber security and data centre standards and policies for OCWA.
 ensuring effective usage of assigned financial, material and human resources by preparing, managing and controlling project plans and budgets.
 Quality assurance and quality control checks on IT architecture design to ensure best practices and standards are followed.
 providing expertise and guidance within OCWA and to client management on network design, server virtualization, infrastructure technology standards, templates, techniques, recommendations and strategies.
 providing input into OCWA's corporate IT operational plans.
 determining project approach, priorities and schedules, and developing business cases for systems solutions that meet client business needs; assessing resources required; delegating and controlling tasks; monitoring project progress, timeframes and expenditures; preparing reports; and developing infrastructure technology solution recommendations.
 identifying complex infrastructure technology systems issues, determining areas of risk and recommending innovative alternatives and options for resolution to meet client needs with impacts on broader OCWA IT objectives.
 leading project teams comprised of unit technical staff and external consultants.
 tendering and retaining external IT consultants; monitoring/managing contract costs and deliverables.
 Works with IT Project manager to determine scope and direction of projects, project budgets and procurement/resourcing strategies; and project plans/priorities to ensure cyber security technology integrations, alignment and compliance with OCWA IT strategies.
 Decisions are guided by OCWA's strategic IT objectives and industry standards for effective infrastructure technology project management.

Contacts / Stakeholder :

 OCWA clients (regional hub management, public sector partners, water and waste private sector companies, First Nations and municipalities) to discuss and define cyber security system needs, identify solutions, deliverables and timelines; resolve issues and report on project status.
 Project implementation teams to market and promote IT products, review/advise on major project milestones, provide input to critical program decision-making, and provide advice and expertise in the development and implementation of new infrastructure technology technical solutions.
 OCWA senior management to provide cyber threat briefings, advice, expertise and recommendations on solutions and strategies.
 Project staff to provide infrastructure technology project leadership, guidance and direction.
 Suppliers, internal/external stakeholders and other public sector jurisdictions to review new infrastructure technology products and systems, discuss technology trends and initiate partnerships for participation in integrated projects.
 External IT consultants to tender/select/retain project contractors, negotiate contracts, provide project leadership, schedule project activities, review project scope and timelines, monitor work for the delivery of infrastructure technology systems under tight timeframes and ensure compliance with contract requirements.
 Peers and colleagues in the systems community to maintain an awareness of state-of-the-art infrastructure technology and its application to client needs.

Guidance / Supervision :

 Provides technical leadership to assigned project staff by creating work plans, assigning and tracking work, establishing priorities, providing ongoing project leadership/guidance, monitoring quality of deliverables, explaining work procedures and resolving project issues.
 Provides infrastructure technology expertise, guidance and support to clients, senior and program management expertise to identify business needs and priorities and to lead the deployment of infrastructure technology solutions to meet business needs.

Demands / Pressures :

Work Demands :

 Frequently works extended hours to meet project work priorities and deadline requirements.
 Routinely deals with unexpected changes to deadlines and work demands.
 Routinely works within tight time pressures and conflicting priorities.
 Occasional travel to regional sites to support clients and IT project implementation
 On-call availability for evenings and weekends, as the Ontario Clean Water Agency is open 364 days per year.
 This work may require the ability to lift heavy objects weighing up to 25 kg and the dexterity and skill to work with delicate electronic components.

Mental / Sensory :

 Frequent requirement to concentrate when analyzing complex infrastructure technology project data, leading project teams, or consulting with OCWA and client management.

Conditions / Environment :

Work is performed in a typical office environment and occasionally at client water and wastewater sites.