IT Security Engineer is a hybrid role which offers a cross-business exposure and requires from the incumbent a deep understanding of the relevant engineering disciplines (PACO, IT systems engineering and data networking), technical HSSE, project engineering techniques, coupled with a strong set of business analysis skills.
- Assuring the design, deployment, and support for resilient PCD architectures and system configurations during project that are sustainable and deliver value to the Asset team
- Ensuring adequate PCD IT security awareness, capability, and competency training for relevant roles in the Operate phase of the Asset.
- Assist PACO in providing execution support to the EPC contractor with respect to PCD IT security scope
- Coordinate the execution interfaces between the Infrastructure providers and the various contractors (most importantly between the EPC contractor, MAC, TSI and other 3rd party providers), specialist applications vendors and the packaged equipment vendors
- Throughout the execution of the PCD IT Security scope assure (monitor compliance with the technical standards and Company specifications) and intervene as appropriate
- Assist the future Asset IMIT and Operations team in defining the manning requirements including the technical competencies and skills necessary to successfully operate, maintain and support the PCD IT Security systems, applications and infrastructure
- Facilitate the handover of the completed PCD IT Security scope to the Asset Operations team and in doing so ensure the correctness and completeness of the handover documentation pack / dossiers
- Facilitate the development of the PCD IT Security – related DCAF controls. Support project execution assurance / value assurance activities as defined in the Project Controls and Assurance Plan (PCAP)
- Support the evergreening of the IT Plan.
- Engineering degree or equivalent field/industry experience (IT security engineer, Information Risk Management (IRM) engineer or analyst, PACO discipline / design engineer past experience)
- Capital project experience
- 5+ years in an operating asset, IACSs vendor/supplier or equivalent external industry experience
- Ability to document and describe typical IACSs, PCD networks, and data/communications
- Expert level understanding of PCD/SecurePlant environments
- Designated as technical authority (at least TA3, preferably TA2) by engineering discipline in PCD IT Security or demonstrated industry experience in technical authority position.
- 5+ years implementing and managing IT security projects within an operating environment
- 5+ years conducting and communicating security evaluations and communicating cyber risk impacts, consequences to all levels of stakeholders
- A strong understanding of industrial/IT security standards (DEPs, AMS, DCAF, IT Control Frameworks, etc) or industry equivalents
- A strong understanding of international industrial cyber security standards and ecosystem (NIST, ISA, ISo27001, COBIT, etc.)
- Ability to document and describe cyber risk in the context of industrial operations (loss of view/control, Risk Assessment Matrix, etc) • Professional cyber security designation(s). CISSP, GISCP, CRISC, CISA, CISM, CEH, etc.
- 5+ years’ experience and recognized as high-performer when leading virtual indirect teams or stakeholder groups
Work Location: Calgary, Yokohama, Kitmat
Work Schedule: Normal 40 hrs workweek. Construction Site: 5/2 workweek, 10hrs a day.