ONxpress Transportation Partners (OTP) was chosen by Metrolinx and Infrastructure Ontario (IO) to enter the Development Phase of the On-Corridor Works project – the largest project in Metrolinx’s GO Expansion. Unprecedented in its scale and complexity, this multi-billion dollar capital program will transform the GO regional rail network with electrification, more frequent service, shorter journey times and a more modernized system for the Greater Toronto and Hamilton Area. ONxpress Operations Inc. (OOI) has been engaged by OTP to manage and oversee the efficient and effective operations and maintenance of the GO Trains and Union Pearson Express.
Accountability
Reporting to the Cybersecurity Architecture & Engineering Lead, the Senior Cybersecurity Advisor ensures that the stakeholder security requirements necessary to protect the organization’s mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes.
• Act as a Subject Matter Expert (SME) for Identity and Access Management, policies/practices and authentication protocols, integration and how they are applied in daily function or during project lifecycle.
• Produce technical solution documents, design/architecture diagrams, security design documentation as required to support new, proposed or existing IAM solutions.
• Investigate, perform root cause analysis and resolve system problems during standard work hours and/or assigned on call hours.
• Provide technical leadership to Level 1 and Level 2 support and development teams in relation to the catalogue of IAM services and solutions provided.
• Develops a comprehensive understanding of ONxpress technology and information systems.
• Ensures that stakeholder security requirements to protect the ONxpress mission and business processes are adequately addressed in all aspects of enterprise architecture including reference models, segment and solution architectures, and the resulting systems supporting those missions and business processes. while partnering with stakeholders across the enterprise to deliver work program objectives.
• Applies cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Provides policy guidance to Cybersecurity management, staff, and end users.
• Develops or participates in the development of standards for providing, requesting, and/or obtaining support from external and internal stakeholders to synchronize Cybersecurity services.
• Leads organizational outreach and promotion of Cybersecurity awareness campaigns, including partnering with public sector and industry partners.
• Builds, strengthens, and sustains key relationships with stakeholders across the enterprise including Information Technology, Enterprise Risk & Resiliency, and regional leadership.
• Defines and documents efficient and transparent security architecture guidelines, principles, and standards regarding proper use and deployment of business applications, data and technology.
• Works closely with the Enterprise Architecture Team, Cybersecurity teams, system owners, contracting authority and provide security design and architecture recommendations.
• Develops and maintain security solution architectures and designs, including but not limited to products and services, e.g. Network and Endpoint Protection, Identity and Access Management, Cloud Security, ICS security, Incident Response and Recovery, Public Key Infrastructure (PKI).
• Keeps up-to-date on changes in security threats, technology and security architecture.
• Conducts Cybersecurity threat risk assessments and recommends appropriate controls and countermeasures in alignment with organizational standards and policies.
• Partners with business and Information Technology (IT) stakeholders to plan for future needs.
• Proposes and implement innovative solutions to complex and non-routine security challenges.
• Performs other duties as assigned, in accordance with Branch and Department objectives.
Education & Qualifications
Successful completion of a university degree or college diploma in Engineering, Computer Science or a related field.
Certifications or Designations
• One or more of Cybersecurity certifications including CISSP, CISM, CRISC, ISSAP, SABSA.
• Nice to have Microsoft Cybersecurity Architect Expert (SC100), Identity and Access Administrator (SC300), Information Protection Administrator (SC400)
Experience
• Working knowledge and understanding of identity lifecycle management and governance/auditing
• Strong knowledge on IAM solutions based on Microsoft Entra ID
• Strong knowledge on SAML, OAuth2, OpenID Connect, JWT, LDAP, MFA, Rest API, API Gateway integration
• Strong knowledge on the IAM web access management, authentication, authorization, single sign-on, application/SaaS integration, security compliance policy implementation.
• Infrastructure as code (IaC) experience, preferably with Terraform, GitHub, and CI/CD pipeline
• Good knowledge of core cloud services such as VMs, Containers, App Services, Virtual Networks, NSGs, Application Gateways, Load balancers and Storage accounts.
• Minimum 5 years of professional experience in a Cybersecurity advisory role.
• Practical experience in security engineering or consulting to anticipate and address complex security problems.
• Working knowledge of developing and maintaining security architecture principles, strategy and practices, roadmaps, standards and technical applications to engineer reliable solutions and measures for the business.
• Working knowledge of applying and incorporating information technologies into proposed solutions, translating operational requirements into protection needs (i.e., security control objectives), designing countermeasures to identified security risks, and designing multi-level security/cross domain solutions.
• Knowledge of and experience with operational technology – ICS Systems, SCADA, and industrial internet of things (IIoT).
• Knowledge of and experience in the IT industry – standards creation in Network/Telecom, Security, Server/SAN backup, Database/Middleware or Applications/Reporting
• Familiarity with security architecture frameworks (e.g. SABSA) as well as National Institute of Standards and Technology (NIST) Cybersecurity framework, Information Security Forum (ISF) Standard of good practice (SoGP) and Information Security Management System (ISO) standards.
Competencies
• A deep understanding of how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
• Ability to identify cybersecurity and privacy issues that stem from connections with internal and external customers and partner organizations.
• Proficiency in executing and managing a variety of tasks, problems and programs.
• Ability to work in a fast paced, dynamic and flexible hybrid office environment.
• Ability to assess enterprise risk with proper recommendation in remediation.
• Ability to persuade, convince, influence behavior.
• Ability to lead and work in a multi-team environment and drive completion of deliverables.
• Information seeking – ability to acquire, analyze, document and communicate information relevant to the achievement of valued goals.
• Strategic business thinking - ability to apply technical knowledge and experience to making management decisions for maximizing business objectives.
• Team leadership – ability to take a role of strategic advisor, guide and mentor of the team.
• Knowledge of and demonstrated ability in corporate core competencies including customer service, communication, team-work, initiative/self-management, accountability, flexibility and adaptability.
Why Work with Us?
• We offer a competitive compensation package including competitive salary, incentive pay and health benefits.
• We have an open and approachable culture that enables you to bring your best ideas forward.
• We offer flexible working arrangements to support your need to balance life at work and at home.
Privacy Notice: ONxpress Operations Inc. ("OOI"), safeguards the privacy of candidates and users of this career portal. We collect, use, and disclose personal information of job candidates solely for recruitment purposes, including, but not limited to, assessing qualifications, conducting background checks, communicating with applicants, and complying with legal obligations. Your information may be shared within OOI, and third-party recruiters within Canada and potentially in other jurisdictions to facilitate the recruitment process. We retain your data only as long as necessary and protect it according to our policies. For more information on how OOI collects, uses and discloses your personal information please review our Privacy Policy here.
Accommodation: At OOI, we celebrate diversity and strive to create an inclusive environment where everyone feels valued and respected. We encourage individuals from all backgrounds to apply, including women, visible minorities, Indigenous peoples, persons with disabilities, and individuals of any sexual orientation or gender identity. If you require accommodation at any stage of the application process, please reach out to us at careers@onxpress.com. OOI will consult with all applicants seeking accommodation during the recruitment process to ensure accommodation is provided in accordance with applicable legislation and is tailored to meet each applicant’s specific needs.