Company Description
Crosslinx Transit Solutions (CTS) is a consortium comprising EllisDon, AtkinsRéalis, Aecon, and ACS-Dragados. The consortium has been entrusted by Infrastructure Ontario and Metrolinx to deliver the Eglinton Crosstown Light Rail Transit Project, a transformative transit infrastructure initiative in Toronto. The project aims to support sustainable urban growth and enhance public transportation for residents and commuters. CTS offers a dynamic and collaborative work environment committed to innovation and excellence in transit solutions. Learn more about our opportunities on our website.
About the Role
CTSM is seeking a Cybersecurity Manager to lead the establishment, maintenance, and enforcement of our cybersecurity posture across operational technology (OT), information technology (IT), and business systems for the Eglinton Crosstown LRT. You will serve as CTSM’s technical authority and primary interface with HMKE, CTSC, Metrolinx, auditors, insurers, and internal stakeholders on all cybersecurity matters—ensuring the organization meets its contractual, regulatory, and insurance obligations.
Key Responsibilities
• Own CTSM’s cybersecurity obligations under the Project Agreement and Maintenance contracts; prepare, submit, and defend deliverables including the CSeMaP, governance documentation, backup & recovery plans, and change control procedures.
• Define and oversee the cybersecurity maintenance framework across operational systems (BCN, DWH, signaling-adjacent), Azure cloud infrastructure, APIs, and external connections.
• Manage cyber asset inventories, system access controls, authorization processes, and alignment between cybersecurity and physical access policies.
• Serve as primary cybersecurity contact for external audits (Client, insurer-led reviews) and assurance requests; prepare and present supporting evidence.
• Own, finalize, and maintain cybersecurity and IT policies, standards, procedures, and SOPs; monitor compliance and drive corrective actions.
• Provide cybersecurity governance for change control, configuration management, architectural changes, and third-party integrations.
• Support commercial teams with cybersecurity scope definition, cost justification, and variation submissions.
• Represent CTSM on cybersecurity with external stakeholders; deliver status reporting and risk escalations to senior leadership.
What You Bring
• Bachelor’s degree in Information Security, Computer Science, Engineering, or related discipline.
• Experience managing cybersecurity in regulated, infrastructure-critical, or transportation environments.
• Track record preparing cybersecurity plans, policies, and governance documentation subject to external review.
• Strong understanding of IT/OT security interfaces and operational risk management.
• Experience supporting audits, assurance reviews, and insurance-related cybersecurity inquiries.
- Preferred: CISSP, CISM, or CRISC certification; experience with NIST CSF, ISO 27001, or IEC 62443; P3 or large-scale transit project experience; Azure security architecture familiarity.
