Role Description
Reporting into the Director of Cyber Security, the role of Senior OT Cyber Security Analyst is to interface and collaborate with our Operational Excellence and Digital Buildings teams to be a champion of and support for all cyber security functions in this area of our business. This role is located in Toronto. The successful analyst takes responsibility for the relationship between cyber security and our operational technology teams and is the main point of contact for cyber incidents or activities on operational technology systems. The analyst would need to build and develop relationships with contacts across our digital buildings to be a trusted advisor and support source for these locations.
Responsibilities:
- Develop and maintain a high-quality inventory of the technology assets in our digital buildings, with an up-to-date baseline for the secure configuration and operations of all in-place devices. - vulnerabilities
- Perform the deployment, integration and initial configuration of all new security solutions required in operational technology and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise’s security documents specifically.
- Monitor all in-place security solutions for efficient and appropriate operations.
- Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- Conduct self-directed investigations into suspicious activity and work with the security team to initiate the incident response plan when needed.
- Work on and collaborate with the rest of the cyber security team members on projects defined in the security project roadmap.
- Cross training with cyber security colleagues as operational technology processes and procedures evolve.
- Contribute to the development of, and ensure that there is compliance with, QuadReal’s security policies and standards, and that all compliance regulations are met.
- Evaluate and test hardware, firmware, network and software for possible impact on system security.
- Provide tier 2 support to security incidents or events that take place on operational technology systems.
- Willing to travel to QuadReal properties as required to perform operational duties.
- Lead security awareness initiatives for our operational technology audience.
- Maintain vendor relationships with security-related service providers for operational technology systems.
Experience, Qualifications & Skills:
Formal Education & Certification
- College diploma or university degree in the field of computer science and/or 5 years equivalent work experience.
- Relevant security certification (for example):
-CompTIA Security+
-GIAC Information Security Fundamentals
-Microsoft Certified Systems Administrator: Security
-AWS Certified Security
-Associate of (ISC)2
Knowledge & Experience
- Previous experience working in an operational technology, industrial control or IoT-heavy environment.
- Technical knowledge and experience with solutions & techniques related to:
-Asset and configuration management, vulnerability detection and remediation, particularly in an operational technology environment
-Identity and access management including authentication & authorization mechanisms.
-Data Security including file-level encryption, device/disk encryption, data loss prevention, data sensitivity and compliance.
- Working technical knowledge of:
-Endpoint and device security including mobile device management.
-Threat detection and analysis including logging, SIEM tools.
-Implementing solutions via automation or orchestration.
- Strong understanding of network administration and security protocols, including experience with Palo Alto, Aruba or GPON systems
- Experience in the Built Environment. Reference systems common in Buildings like BAS, BMS, Lighting Control, Access Control, CCTV, Fire, Life and Safety
- Strong understanding of Microsoft-dominant environments including M365, Azure, Windows, InTune, Entra, Defender.
- Strong ability to lead and drive timelines, and proactively and appropriately escalate issues
- Strong analytical skills
- Strong verbal and written communication skills
.jpg
)