A workplace powered by you
At BC Hydro, we’re working towards creating a cleaner and more sustainable future for all British Columbians and need
people like you to help us. A career at BC Hydro is meaningful and provides you the opportunity to be part of a talented,
inclusive, and diverse team. We offer a healthy work-life balance, competitive wages, a comprehensive benefits package,
and training opportunities to support you in your career growth. We're proud to be ranked as one of B.C.'s Top Employers
and one of Canada's Best Diversity Employers.
We invite you to join us as we build an even cleaner B.C. We welcome applications from all qualified job seekers. If you’re a
person with a disability, please let us know by emailing RecruitmentHelp@bchydro.com, as adjustments can be made to
help support you in your application process.
IT Advisor - Cybersecurity Risk and Compliance
Number of positions: 1 Job Location: Dunsmuir 08
Employment type: Permanent Region: Lower Mainland
Hours of work: Full-time (37.5 hrs/wk) Flexible Work Role: Hybrid
Annual salary: $ 107,000.00 - 135,300.00
What you'll do
- Reporting to the Technology Cybersecurity Risk and IT Compliance Manager, the IT Advisor leads and provides oversight
for cybersecurity compliance sustainment activities (e.g. NERC CIP) within the Technology KBU.
- Lead the development, review and improvements of Technology cybersecurity compliance processes (e.g. NERC CIP)
and procedures to align with corporate-level policies, programs, and processes.
- Lead the team and develop action plans to improve internal compliance processes to reduce non-compliance risks via
continuous improvement.
- Work closely with Reliability Compliance team, Compliance Program Office, and various internal and external parties to
perform compliance incident investigations and mitigation plan development.
- Participate as Technology Compliance SME on projects or initiatives to evaluate/implement new cybersecurity compliance
standards (e.g. NERC CIP).
- Participate or coordinate response to various internal and external cybersecurity audits when required.
- Identify the cybersecurity compliance and risk impacts for Technology projects or other corporate initiatives with potential
impacts and risk mitigations. Provide security control guidance to the implementation teams to ensure both compliance and
security requirements are followed.
- Lead supply chain cybersecurity risk assessment process and support mitigation actions.
What you bring
- University degree or experience in relevant discipline or equivalent combination of education and experience.
- Cybersecurity certification (e.g. CISSP, GSEC, GCIA, GCWN, CISA, CISM, CCNA, GPEN) would be considered an asset.
- Implementation experience with NIST CSF, NIST Risk Management framework and cybersecurity controls would be
considered as asset.
- Experience of managing a team including contractors and employees would be considered as asset.
- Experience in Industrial Control Systems (ICS) including SCADA and other Operational Technology (OT) used in the
Energy sector would be considered an asset.
What we offer
- A comprehensive benefits package
- A minimum of 15 paid vacation days
