A workplace powered by you
At BC Hydro, we’re working towards creating a cleaner and more sustainable future for all British Columbians and need
people like you to help us. A career at BC Hydro is meaningful and provides you the opportunity to be part of a talented,
inclusive, and diverse team. We offer a healthy work-life balance, competitive wages, a comprehensive benefits package,
and training opportunities to support you in your career growth. We're proud to be ranked as one of B.C.'s Top Employers
and one of Canada's Best Diversity Employers.
We invite you to join us as we build an even cleaner B.C. We welcome applications from all qualified job seekers. If you’re a
person with a disability, please let us know by emailing RecruitmentHelp@bchydro.com, as adjustments can be made to
help support you in your application process.
IT Advisor (Cybersecurity Audit and OT Risk)
Number of positions: 1 Job Location: Dunsmuir 08
Employment type: Permanent Region: Lower Mainland
Hours of work: Full-time (37.5 hrs/wk) Flexible Work Role: Hybrid
Annual salary: $ 107,000.00 - 135,300.00
Position Highlights
Reporting to the Technology Cybersecurity Manager, the IT Advisor role requires a strong understanding of cybersecurity
principles, risk management, and compliance standards. It also involves coordinating with various stakeholders to ensure
the organization's information systems are secure and compliant with relevant regulations.
What you'll do
- Perform security and compliance impact assessments for technology or corporate initiatives, including documenting
threats, identifying risks, and recommending controls.
- Maintain knowledge of current cyber threats and conduct security analyses of internal and external measures to identify
risks, weaknesses, and vulnerabilities.
- Ensure that risk assessments, vulnerability assessments and threat analyses are conducted periodically and consistently
to identify cybersecurity risk to the organization’s information.
- Provide direction and education to business areas and maintain expertise. In addition, help develop and maintain
knowledge of BC Hydro’s program’s methodologies, policies, and published practices.
- Conduct vulnerability assessment reviews and perform vulnerability scans as required.
- Lead and coordinate the 3rd party vendor risk assessment by evaluating their security posture and ensuring compliance
with security and regulatory standards through SOC 2 Type 2 or similar reports and attestation forms.
- Monitor existing risk to ensure that changes are identified and managed appropriately.
- Analyze to assess the security controls when reviewing Privacy Impact Assessments (PIAs).
- Improve regulatory compliance by consulting with appropriate regulatory SMEs when required.
- Participate as Technology security SME on projects or initiatives to improve BC Hydro’s cybersecurity posture, especially
focused on the cybersecurity risk management, etc.
- Participate or coordinate response to various internal and external cybersecurity audits when required.
What you bring
- A university degree or equivalent combination of education and experience, with a minimum of 7 years in IT/OT
technology, cybersecurity, risk management, or audit-related work.
- Experience in system, application, and network security, risk management, IT security monitoring, and knowledge of
industry standards (ISO 270001/2, NIST, COBIT5) and NERC CIP standards is preferred.