Cyber Security and Controls Specialist

The Cyber Security and Controls Specialist will ensure that Seaspan Shipyards’ cyber security risk is effectively managed via the design and oversight of appropriate cyber security controls. This role acts as a security subject matter expert for Seaspan Shipyards and provides mentorship concerning IT risks and security assessments. They will evaluate existing security systems, both internal and third party to determine potential cybersecurity risks and provide input on security requirements for IT networks/infrastructure, business systems and 3rd party vendors and services.

The Cyber Security and Controls Specialist will assess existing controls design and execution to ensure compliance with contractual and legislated obligations.

Note: This position qualifies for an optional hybrid work schedule after 90 days of onsite work and onboarding. Employee will be subject to the terms of the Flexible Work Policy Agreement.

What you’ll do

• Leads and advises on identification of cyber risks, communication, and development of best practices, and implementation of mitigating controls.
• Performs security assessments for Canadian Government contracts, conducting third party vendor assessments including controls verification, gap assessments and reporting and remediation.
• Works closely with IT and Contract security staff to develop security plans for Canadian Government contract projects.
• Develops and implements vulnerability management processes in coordination with IT and application teams.
• Participates actively in the security program initiatives by helping to develop, implement and document required controls for both IT and OT systems as well as monitoring and reporting on their continuous security and risk management effectiveness.
• Performs information security risk assessments for projects and initiatives for assigned lines of business within the enterprise.
• This role also specifically be responsible for identifying and implementing improvements to the current change management process for production systems.

What you’ll bring

• 5+ years of relevant experience is IT Security role plus a solid background or working knowledge of IT Infrastructure operations.
• Must be eligible for a Canadian Government Level 2 (Secret) security clearance.
• Bachelor’s degree in Computer Science, Engineering or Information Systems Management or equivalent experience.
• One or more Cyber Security certifications preferred (CISSP, CRISC, CISA, etc.).
• Experience in achieving and maintaining Government of Canada authorization to process sensitive data.
• Strong background in Cyber Security Governance, Risk, and Compliance (GRC) advisory service delivery, cyber security program best practices, developing security documents.
• Strong understanding of Cyber Security Frameworks such as NIST CSF, Risk management and ISO 27001.
• Implementation experience with change management systems and processes.
• Experience in designing and executing Cyber Security processes, including Information Protection, Configuration / Vulnerability Management, System Auditing / Logging, and Identity and Access Management.
• Experience in management of Vulnerability Assessments and IT Security Audits.
• As a natural and dedicated teammate, cultivates a friendly, team-oriented workplace where employees work safely and productively together.
• An expert communicator with strength in collaboration and relationship building, maintains a healthy, open and trusting workplace, with integrity and accountability.
• An avid learner committed to keeping up to date with the newest technologies and industry innovations.
• A self-starter that takes initiative to contribute to the overall performance and success of the practice.
• Nice to have knowledge of both on-premise systems and cloud services security best practices.
• Nice to have experience in OT Security control implementation.

Why you’ll love working here

• This is a full-time permanent position because we have long term projects that need long term strategic thinking support.
• This position qualifies for an optional hybrid work schedule.
• In addition to an annual bonus and pension plan matching, this role provides you a very competitive salary in line with the successful candidate’s experience.
• We also provide a best-in-class health and wellness benefits package for this position, including such things as full health care (e.g. unlimited physiotherapy), dental, vision, life insurance, medical leave coverage, maternity and parental leave coverage, childcare benefit partnership, wellness/fitness reimbursement for memberships or registration fees, and an Employee Family Assistance Program (EFAP).

About us:

Seaspan Shipyards: Seaspan Shipyards is one of North America’s most modern shipyards and unique in its ability to provide a complete range of services including new construction, conversion, refit, repair and life-cycle maintenance work for Canada’s Coast Guard and Navy as well as commercial vessels including cruise-ships and deep-sea vessels. Seaspan Shipyards operations include Vancouver Shipyards, Vancouver Drydock and Victoria Shipyards.

To learn more, visit our website: www.seaspan.com

Seaspan is committed to Employment Equity, supports diversity in the workplace, and encourages applications from all qualified individuals including, women, members of visible minorities, Indigenous persons, and persons with disabilities. Furthermore, we are committed to providing an inclusive and accessible environment. If you require reasonable accommodation during the recruitment process, please let us know, and we will work with you to support your request.