The Ontario Clean Water Agency (OCWA) believes in Our Communities, Our Environment and Our People. As a trusted partner to municipalities, First Nations communities, businesses, governments and institutions across Ontario, we provide our clients with total solutions in water and wastewater. We are dedicated to working closely with our clients to help them build healthy sustainable communities and organizations and provide safe and reliable drinking water to thousands of Ontarians each day.
In this role you provide cyber-security expertise and leadership to OCWA. You will recommend, lead and implement safeguards that secure IT systems used to operate and maintain client treatment plants. You will provide advice to executive stakeholders within OCWA and to regional managers in order to inform the ministry and OCWA's clients on cyber-security procedures, processes and protocols that define who, how, and when system access is secured for the water and wastewater treatment plants.
What's in it for you?• Flexible learning and development opportunities, including support for professional certifications (e.g., CISSP, CISM, CCSP).
• Opportunities for career advancement and specialization with the largest provider of water and wastewater services in Ontario.
• Work with the partner of choice for more communities than any other water and wastewater service organization in Ontario for over 30 years.
• Opportunity to work with cutting-edge technologies and innovative solutions in a mission-driven organisation.
• A defined benefit pension plan; Comprehensive Health Plan; Life and Disability Insurance.
Maternity and parental leave top-up benefits including for adoptive parents.
About the job
• Lead the design, implementation, and continuous improvement of cybersecurity protocols aligned with the latest National Institute of Standards and Technology (NIST), Government of Ontario IT Standards (GO-ITS), and other relevant frameworks (e.g., ISO/IEC 27001, CIS Controls).
• Architect and oversee secure network, cloud, and hybrid infrastructure, ensuring resilience against evolving threats including ransomware, supply chain attacks, and insider risks.
• Drive province-wide network and application security upgrades, integrating zero trust principles and secure-by-design methodologies.
• Evaluate and deploy advanced analytics and threat intelligence tools to proactively identify and mitigate emerging risks and vulnerabilities.
• Conduct ongoing research to align OCWA's cybersecurity strategy with business priorities, regulatory requirements, and the rapidly changing threat landscape.
• Provide technical leadership and project oversight for infrastructure initiatives, ensuring robust security controls are embedded throughout the lifecycle.
• Develop and maintain secure standards for data centre hosting, cloud, mobile, and IoT applications, ensuring compliance with NIST, GO-ITS, and privacy regulations.
• Champion cybersecurity awareness and training programmes for all staff, fostering a culture of security and vigilance.
• Lead and conduct forensic investigations, incident response, and post-incident reviews, ensuring lessons learned are integrated into future practices.
• Act as incident manager for cyber threats, coordinating response, recovery, and reporting to senior leadership and stakeholders.
What you bring to the team
Knowledge and Skills:
• Current cybersecurity certifications (or actively pursuing): CISSP, CISM, CCSP, CEH, or similar.
• Deep understanding of modern security architectures, cloud security (AWS, Azure, GCP), secure application development, DevSecOps, and infrastructure-as-code.
• Experience with security operations, incident response, threat hunting, and vulnerability management using contemporary tools (e.g., SIEM, SOAR, EDR).
• Knowledge of malware analysis, digital forensics, and chain-of-custody best practices.
• Familiarity with network security, cloud security, intrusion detection, cyber defence, and cryptography.
• Strong change management and project management skills for complex, multi-stakeholder initiatives.
• Analytical and problem-solving skills to assess threats, recommend solutions, and drive continuous improvement.
Interpersonal and Communication Skills:
• Ability to consult and advise stakeholders at all levels, translating technical concepts for diverse audiences.
• Persuasive, collaborative, and influential, able to drive adoption of security best practices across technical and non-technical teams.
• Leadership and mentoring skills to foster growth and excellence within the cybersecurity team.
• Excellent written and verbal communication skills for reports, briefings, and presentations.
• Commitment to customer service, innovation, and continuous improvement.
Don't meet every qualification?
If you are excited about this position and meet most, but not all, of the listed qualifications, please still consider applying. We recognize that no one person might have every qualification in this job ad, and you just might be the right candidate!
How we support diversity, inclusion and accessibility
We are building an inclusive workforce that reflects the communities we serve. We encourage everyone interested in working with us to apply, including people with disabilities, Indigenous, Black and racialized individuals, as well as people from all ethnicities, cultures, sexual orientations, gender identities and gender expressions.
Our hiring process is accessible, consistent with Ontario's
Human Rights Code and the
Accessibility for Ontarians with Disabilities Act, 2005. We are working to prevent and remove barriers in our hiring processes and can offer
accommodation to address specific needs related to Code-protected grounds such as disability, family status and religion. For more information about accommodation during the hiring process please
contact us.Learn more about the work the OPS is doing to create an inclusive, anti-racist, accessible and diverse workplace: