Job Description

British Columbia Rapid Transit Company Ltd. (BCRTC) maintains and operates two of Metro Vancouver's three SkyTrain lines. SkyTrain is the first and one of the longest, fully-automated, driverless, rapid transit systems in the world. It boasts an average on-time service performance rating of 95 per cent and moves on average 250,000 passengers per weekday.

Both the SkyTrain lines operate out of BCRTC's Operations and Maintenance Centre in Burnaby, where more than 900 dedicated staff work in the areas of administration, engineering, elevator and escalator maintenance, field operations, vehicle maintenance, and wayside (station and guideway) maintenance.

The Expo and Millennium SkyTrain Lines connect downtown Vancouver with the cities of Burnaby, New Westminster, Coquitlam, Port Moody, and Surrey. With future expansion of the both Expo and Millennium lines upcoming, and the start of an infrastructure renewal in full swing, now is an exciting time to be part of our team. Come and explore what makes us one of BC's Top Employers!

Responsibilities

PRIMARY PURPOSE

Provides systems security expertise to prevent and mitigate security breaches by identifying vulnerabilities in the SkyTrain operational network, systems and assets. Applies standard risk management tools and best practices to enhance Cyber security principles and technical Operational Technology / Information Technology (OT/IT) expertise. Responsible for organizing and conducting tests on the existing security architecture.

KEY ACCOUNTABILITIES

Provides subject matter expertise and technical support related to system security and technology in supporting of systems assets and BCRTC systems capital projects.

Leads and directs external Contractors and Technologists on Cyber Risk assessments, investigations and audits. Prioritizes the work schedule and assigns tasks to System technologists to modify configurations as required, based on impact and risk to Operations network.

Research attempted breaches, vulnerabilities and potential threats to BCRTC operational environments. Works with BCRTC stakeholders and other departments to create action plans, tracking for mitigations/remediation and updates to risk register.

Leads in providing system security product evaluations, scoring and departmental suggestions based on industry best practice standards and practices. Develops new layers of protection and updates the security systems, as required.

Makes recommendations for enhancing cyber security posture and technologies by researching, evaluating and recommending new security products, technologies, services and practices to the reporting manager. Maintains up-to-date knowledge of security threats, counter measures, security tools, and network technologies.

Maintains process for provisioning users for operational systems, by way of confirming request, following provisioning process, and validating user permissions required. This includes granting access to operational systems and removing access of employees to systems to ensure security and confidentiality. Performs user access audits.

Drafts and recommends changes to the management on policies and procedures to ensure they're upto date with the latest cyber security standards and departmental goals. Creates relevant documentation and workflows on Cyber security and provides guidance to System Technologists.

Prepares detailed reports, dashboards and analytics on the findings, highlights risks and recommends solutions. Creates presentations, dashboards, reports and documentation on cyber security status of BCRTC for management, utilizing BCRTC security tools.

Collaborates with the external stakeholders vendors, contractors and consultants in performing research, testing, evaluation, and deployment of security procedures, as assigned. Defines scope, deliverables and monitors vendor performance, as assigned.

Works in close coordination with the internal and external stakeholders and other groups related to Security related matters, such as incident response management.

Partners with contractors and vendors on approved work to create schedules, priorities, action plans, and provide status updates to management.

Qualifications

EDUCATION AND EXPERIENCE

Typical competencies for this position would be acquired through completion of a College Diploma in cyber Security or Master's degree in cyber security with several Certifications destinations. Plus five (5) years of experience in system security and operational architectural design, including implementation methodologies, threat modeling, security control design analysis and crating security requirements and controls. SSCP or CISSP certification required.

OTHER REQUIREMENTS

Deep understanding of OT/IT cyber security standards - NIST CSF, CIS controls, IEC 62443, NIST 800-53.

Understanding and experience in the operation of tools applied to Cyber Security Standard Controls (Nessus, Rapid 7, OT vulnerability tools - Nozomi, Clarity, Ivanta Security Tools, Nipper (endpoint protection systems)).

Understanding and experience in the mitigation of CVE's (Common Vulnerabilities and Exposures) in both IT and OT from US-CERT and other real-time feeds).

Understanding and experience in the application of the MITRE framework.

Solid understanding of industrial field components such as PLC/RTU/HMI etc.

Experience with Microsoft. Linux and Hypervisor and Database Hardening.

Experience with networking technologies including Layer 7 Firewall, Aruba switching, WireShark and industrial communication protocols including modbus, Canbus, backnet and TCP/IP.

Ability to produce technical reports, standards, procedures, specifications, method statements, risk assessments, FMECA, schematic and or technical drawings.

Working knowledge of railway operations and maintenance practices, including configuration control would be an asset.

Understanding of the operational OT components of a fully automated rail transportation system is preferred.

Advanced analytical thinking and problem-solving skills, to resolve critical and high impact issues.

Solid time and project management skills to balance and coordinate effort across multiple, concurrent activities.

Solid communication and interpersonal skills to build and maintain relationships with multiple internal and external stakeholders, with the ability to achieve consensus between groups.

Strong planning, organization, and time management skills.

Other Information

Recruitment Process: An applicant will be required to demonstrate their suitability for this position by meeting the minimum level of qualifications and experience in order to be invited into the selection process. A standard interview format will be used including general, scenario and behavioural descriptive interview questions.

COVID-19 Safety Vaccination Policy

To support public health, and protect the health and safety of our employees, customers, and their families, British Columbia Rapid Transit Company employees will be required to be fully vaccinated against COVID-19 and will need to provide proof of full vaccination status in compliance with the employer's COVID-19 Safety Vaccination Policy.

Accommodations may be applicable under the BC Human Rights Code. Should an applicant be unable to provide proof of full vaccination and should an accommodation be requested, additional information will be required to determine whether the individual is entitled to be accommodated.

Work Schedule

40 hours per week.

Rate of Pay

Salary starting from $83,479 per annum.

The Total Compensation Package includes Extended Health, Dental, Transit Pass and enrollment in the Public Service Pension Plan. Focus on your development through tuition reimbursement, training, and mentorship programs. Enjoy a variety of health and wellness programs, including access to gym facilities. Speak to us to know more about what we offer.

How to Apply

Please go to http://www.translink.ca/careers to apply for this position and view instructions on the process.

INSTRUCTIONS: Please save your (1) cover letter, and your (2) resume as one pdf document prior to uploading your application on-line.

Posting Date:May 18th, 2022
Closing Date:June 20th, 2022

Please note that only those short listed will be contacted.

Having trouble applying? Please view the System Requirements & FAQ's by going to http://www.translink.ca/careers.

Equal Employment Opportunity

We are an equal opportunity employer committed to creating and supporting a diverse and inclusive workforce that is free of all forms of discrimination. We are committed to providing reasonable accommodations and will work with you to meet your needs. If you are a person with a disability and require assistance during the application process, please reach out! We celebrate our inclusive work environment and welcome members of all backgrounds, skills and perspectives.

Accommodations are available on request for candidates taking part in all aspects of the selection process. For a confidential inquiry, simply email us at jobs@bcrtc.bc.ca.