• jobs
  • 3 days ago

jobs description

Job Description

ONxpress Transportation Partners (OTP) was chosen by Metrolinx and Infrastructure Ontario (IO) to enter the Development Phase of the On-Corridor Works project – the largest project in Metrolinx’s GO Expansion. Unprecedented in its scale and complexity, this multi-billion dollar capital program will transform the GO regional rail network with electrification, more frequent service, shorter journey times and a more modernized system for the Greater Toronto and Hamilton Area. ONxpress Operations Inc. (OOI) has been engaged by OTP to manage and oversee the efficient and effective operations and maintenance of the GO Trains and Union Pearson Express.


Reporting to the Lead Cybersecurity, GRC, the Senior Cybersecurity Analyst GRC is a key member of the common Technology Working Group and is accountable for ensuring that the cybersecurity objectives are met by each of the ONxpress Operations workstreams. This role liaises with the Contracting Authority... (Metrolinx) and other ONxpress partners to understand and disseminate Cybersecurity requirements and supports all work activities to ensure compliance of deliverables with those requirements.


• Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information and operational technology (IT/OT) systems meet the organization's cybersecurity and risk requirements.
• Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
• Co-ordinates and/or leads cross-functional teams related to a variety of projects and initiatives as assigned.
• Identifies, communicates, clarifies Cybersecurity requirements and tracks project status accordingly.
• Plans activities within development life cycle, estimates costs and duration, and impacts to project timelines,
• Identifies and manages project risks pertaining to Cybersecurity deliverables.
• Ensures applicable IT security policies are applied to the systems and identifies and rationalizes required exceptions to support applications as required.
• Manages vulnerabilities and Cybersecurity issues and associated remedial actions plan,
• Manages project Cybersecurity related communication, and reporting.
• Manages relationship with external auditors as required and communicates action plans and lessons learned.
• Serve as the escalation point of contact for all project issues among joint ONxpress partners.
• Provides direction, expertise, training and advice to staff to ensure best practice Cybersecurity approaches are taken in projects and daily work.
• Provides direction and oversees performance of contracted security related services such as external consultants, vendors, etc.
• Participates on committees, work groups, task forces and special projects as assigned.
• Performs other duties as assigned, in accordance with the organizational objectives.


Education & Qualifications
• Successful completion of a university degree or college diploma in Engineering, Computer Science or a related field

Certifications or Designations
• One or more of Project Management professional (PMP), Agile Certified Practitioner (PMI-ACP), and Certified Scrum Master (CSM) are preferred.
• CISSP, CCSP and GCISP would be an asset

• Minimum five (5) years’ experience in Cybersecurity project delivery, including experience with security technologies in a planning and evaluation capacity within a large organization to develop and implement safeguards.
• Proven expertise in guiding and implementing two or more of the following solutions: advanced security and risk management, asset security, security engineering, communications and network security, identity and access management, security assessment and testing, security operations, software development security, categorization of information systems, selection of security controls, security control implementation, security control assessment, information system authorization, information security governance, information security program development and management, and information security incident management.

• Knowledge of and demonstrated ability in corporate core competencies including customer service, communication, team-work, initiative/self-management, accountability, flexibility and adaptability.
• Ability to relate strategy, business, and technology in the context of organizational dynamics.
• Ability to understand the basic concepts and issues related to cyber and its organizational impact.
• Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
• Ability to identify critical infrastructure systems with information communication technology that were designed without system security considerations.

Why Work with Us?
• We offer a competitive compensation package including competitive salary, incentive pay and health benefits.
• We have an open and approachable culture that enables you to bring your best ideas forward.
• We offer flexible working arrangements to support your need to balance life at work and at home.

Privacy Notice: ONxpress Operations Inc. ("OOI") safeguards the privacy of candidates and users of this career portal. We collect, use, and disclose personal information of job candidates solely for recruitment purposes, including, but not limited to, assessing qualifications, conducting background checks, communicating with applicants, and complying with legal obligations. Your information may be shared within OOI and third-party recruiters within Canada and potentially in other jurisdictions to facilitate the recruitment process. We retain your data only as long as necessary and protect it according to our policies. For more information on how OOI collects, uses and discloses your personal information please review our Privacy Policy here .

Accommodation: At OOI, we celebrate diversity and strive to create an inclusive environment where everyone feels valued and respected. We encourage individuals from all backgrounds to apply, including women, visible minorities, Indigenous peoples, persons with disabilities, and individuals of any sexual orientation or gender identity. If you require accommodation at any stage of the application process, please reach out to us at [email protected] OOI will consult with all applicants seeking accommodation during the recruitment process to ensure accommodation is provided in accordance with applicable legislation and is tailored to meet each applicant’s specific needs


Apply - Senior Cybersecurity Specialist Ontario