THREAT & VULNERABILITY MANAGEMENT LEAD

WINNIPEG, MB

• Competitive salary and benefits package.
• Defined-benefit pension plan.
• Nine-day work cycle which normally results in every other Monday off, providing for a balanced approach to work, family life and community.
• Flex-time and partially remote work schedule (providing the option to work remotely 3 days per 2 week period), depending on nature of work, operational requirements and work location.

• Deliver corporate-wide (IT&OT) vulnerability management services: Develop, deliver, and support plans and tools in alignment with Enterprise Cyber Security Program prioritization and risk remediation requirements to identify (scan), track, assess, and assign work to MH technology asset owners (IT & OT) to address vulnerabilities (e.g. patching and configuration changes). Develop and maintain key related metrics. Identify and implement opportunities to leverage technology to streamline vulnerability identification, tracking, scanning, assessment, and work assignment. 
• Deliver corporate-wide (IT&OT) threat intelligence services: Develop, deliver, and support plans and tools in alignment with Enterprise Cyber Security Program and risk remediation requirements to identify, track, assess, assign, and address threat intelligence (by coordinating response to ‘quick wins' and/or transferring coordination of broader initiatives to address threat intelligence to Enterprise Cyber Security Program Department). Develop and maintain key related metrics. Lead threat intelligence source evaluation and selection.
• Ensure MH maintains situational awareness of cyber threat landscape. Identify and implement opportunities to leverage technology to streamline process. 
• Deliver corporate wide (IT&OT) unapproved software and restricted site service: Develop, deliver, and support plans and tools in alignment with Enterprise Cyber Security Program and risk remediation requirements to identify, track, assess, assign, coordinate response to, and address attempted use of unapproved software and restricted sites. Develop and maintain key related metrics. Identify and implement opportunities to leverage technology to streamline process. 
• Lead the threat and vulnerability management team: including work prioritization, delegation, service continuity and backup coverage planning, development and training, and performance management. Provide coaching and mentoring to staff. Ensure work processes documentation, tracking, and continuous improvement.   
• Support cyber security operations: Provide technical expertise to support incident response and recovery, internal/external communications during events, and threat intelligence and vulnerability intake, triaging, action initiation, and tracking. In the event of a significant cyber security incident, you may be called to support response activities at any time during a 24-hour period to assure Manitoba Hydro system security and reliability.  
• Keep abreast of cybersecurity developments outside of MH: Develop and maintain good working relationships with industry contacts for the purpose of information exchange and to keep abreast of technology innovation and directions. 
• This position may be required to be on standby.

• A four-year degree in Computer Science or Engineering or related discipline from a university of recognized standing plus a minimum of five years related information technology (IT) or industrial control system (ICS) Support experience;
  OR 
• A two-year diploma in Electrical, Electronic, Computer Technology, related discipline from an institute of recognized standing plus a minimum of seven years related IT or ICS Support experience. 
• Certifications such as Cyber Security specific (CISSP, CISM, CRISC, OSCP, CEH, CGIH, GPE, SANS, ISAACA CSX Cybersecurity Practitioner (CSX-P), (ICS)2 Entry -Level Cybersecurity certification, technology specific (SIEM, XDR, etc.), etc.), network related (CCNA, etc.), cloud platform related (M365, Azure, etc.), operating system related (Linux, Windows, Unix, Apple IOS), management related (PMP, emergency management, etc.), software/application security, etc. would be an asset.
• Experience with SIEM and SOAR tools, asset inventory management systems, vulnerability scanning and management tools, threat intelligence sources and delivery mechanisms, attack surface management tools both in Information technology (IT) and industrial control systems (ICS) environments. 
• Demonstrated understanding of cyber security concepts, controls, frameworks and standards including NIST and NERC CIP. 
• Demonstrated ability to build and work effectively in team environments and to lead teams. Demonstrated ability to build and maintain harmonious working relationships with staff across the enterprise at all levels.
• Demonstrated creativity in resolving complex information technology issues, implementing new processes and products and redesigning work processes.
• Demonstrated ability to communicate effectively verbally and in writing. Demonstrated ability to deliver reports, recommendations, and presentations.
• Must complete Manitoba Hydro Standards of Conduct training.
• Must possess a valid Province of Manitoba Driver's Licence.
• NERC CIP Training is required, must be completed prior to transfer date, and renewed annually.
• Obtain and maintain a current Personnel Risk Assessment and a "Clear" security rating in accordance with Manitoba Hydro policy P513.
• Reside within the Winnipeg headquarters zone or within a 20-minute travelling distance from the assembly point during the periods of standby. 
• Must maintain or be eligible for SECRET clearance from the Government of Canada.