**The Opportunity:** **WSP** is currently seeking an **Industrial OT Cybersecurity Professional** to join our Cybersecurity team. This job function reports into the ICS / OT Cybersecurity Practice Director and is a delivery-focused role for WSP projects and professional mandates. This role aligns with WSP’s “Future Ready” vision to become the industry leader in digital engineering services. WSP’s ICS / OT Cybersecurity Practice is formed of Engineers, Specialists, and Consultants who plan, design and implement strategies, frameworks and solutions to ensure the security of (CNI) critical national infrastructures. Our mission is to deliver digital infrastructures that are resilient and can be maintained as such throughout their life cycle. This is an opportunity to work with leading experts within the ICS/OT Cybersecurity Industry, build a cross-functional network of professionals, work in a high-performing, flexible, fun and inclusive environment. **Why choose WSP?** + We value and are committed to upholding a culture of **inclusion** and **belonging** + Our **Flexible** Work Policy – we recognize the importance of balance in our lives and encourage you to prioritize the balance in yours. We will support you on and off the job so you can be fully present in both your work and home lives. + A **Canadian** success story - we're **proud** to wear the red and white of this beautiful country and show the world what Canada has to offer. + **Enhance** the world around you - from the environment to the highways, to the buildings and the terrain, WSP is the fabric of Canada. + **Outstanding** career opportunities - we're growing and pushing ourselves every day to be greater than yesterday - we're open to **your** ideas and trying **new** things. + A phenomenal **collaborative** culture and a workforce filled with genuinely **good** **people** who are doing humbly important work. Come find out for yourself what it's like to be a part of our journey. We offer attractive pay, flexible work options, a great corporate culture, comprehensive and employee-focused benefits including virtual healthcare and a wellness platform as well as great savings programs, and a clear vision for the future. \# **WeAreWSP** **What you can expect to do here:** + Provide cybersecurity expertise for Industrial Control Systems (ICS) and Operational Technology (OT) environments. + Input to the planning of all the cyber security activities needed for major infrastructure projects and / or focused client mandates, spanning the following aspects: requirements management, early feasibility studies, risk assessment, design, implementation, testing and commissioning, into operations & maintenance. + Execution of WSP’s Cybersecurity project plans, to ensure the cyber resilience of the digital infrastructure through the following workstreams: governance & planning, tools and technologies, policies and procedures, and human factors. + Perform cyber security threat, vulnerability, and risk assessments by identifying all the critical assets, network connectivity and threat vectors, to define mitigation options and residual risk. + Derive, cascade, and clarify cyber security requirements to the suppliers of digital technology and controls systems, and engage in the procurement activities to manage cyber risk in the supply chain. + Perform, and eventually lead teams to perform, the necessary analysis to provide all the required evidence to support the project requirements and verification of security controls. + Liaise with engineering design and construction teams to ensure the cyber security activities and requirements are being implemented by the project team and by the suppliers. + Review cyber security submissions from suppliers, and designers, and provide detailed technical comments. + Plan, prepare and implement a cyber security testing strategy to validate the resilience of the digital infrastructure to external and internal threats. + Manage client relationships and advise clients on recommended actions relating to active projects. + Deliver review assignments in allocated timescales to meet overall project deadlines. + Identify opportunities for new work, and occasionally contribute to the development of bid materials and proposal exercises to support winning of new work. **What you’ll bring to WSP:** **Technical qualification, experience, and skills:** + Computer Programming, Networking or Telecommunications Engineering degree, or equivalent + Relevant Cybersecurity training and certifications, for example: GICSP, GIAC, IEC 62443 suite, or a master’s degree in Cybersecurity + 5 years minimum experience in the application of one or more of the following areas: - Information Technology / Data Centre / Cloud Environment- Telecommunications / Network Technology - Automation / SCADA / Control Systems - Computer Sciences / Software Engineering + The candidate will possess in-depth experience in the Industrial Cyber Security field with most recent experience having come from any of the following areas: - Business Risk Profiling and Management in the context of Cybersecurity + - Development of Cybersecurity operating models for clients’ critical business operations - Vulnerability Scanning and Penetration Testing - Application security - Malware Reverse Engineering - Threat Intelligence - Security Architecture- Operational Technology/Industrial Control Systems Security- Telecom and Network Security- System or Network administration in a complex multi-national network + Experience in one or more of the following sectors: Transportation, Energy Infrastructure, Water/Wastewater, Manufacturing, Mining or other similar critical infrastructure Industrial Cybersecurity, or able to demonstrate equivalent exposure to control systems and network architecture and assets + Knowledge of NIST guidelines, ISA/IEC 62443 standards suite, and ISO 2700x cyber security frameworks + Fundamental understanding of IT and OT network communication protocols (e.g. TCP/IP, UDP, DNP3, Modbus, IEC 61850, OPC, OPC UA, PROFINET, etc.) **Interpersonal and soft skills:** + Excellent communication skills, both written and verbal. + Proficiency in Microsoft Office, including Excel, Word, Visio, and Outlook. + Experience of utilizing CRM platforms for client relationship management. + The ability to work effectively remotely within an extended team. + The ability to understand responsibilities and willingness to be accountable of the work delivered. + Ability to work on multiple mandates simultaneously. **What sets you apart:** + Experience in managing small technical teams and overseeing the workstreams of others at a project level. + Experience in Industrial Control System fields such as: manufacturing, transportation, energy, utilities, telecommunications and willing to go the “extra mile” to learn more about industrial digital infrastructures and their underlying cybersecurity. + Professional Engineer (PEng), or European equivalent: CEng (Chartered Engineer) certified and / or working towards these accreditations. + Experience working as a Consultant or Advisor to clients, taking into consideration budgetary and inter-disciplinary constraints, in conjunction with technical solution delivery + Hands-on experience using OT Cybersecurity Asset Discovery & Vulnerability solutions to gain actionable intelligence about clients’ environments + Experience in Project Management of Cybersecurity or Networking assignments and projects is an asset. + SoC or MSSP experience is an asset. + CompTIA Network+, CompTIA Security+, GICSP, CISSP or equivalent certifications held. + Bilingual French / English, an asset **WSP** is one of the world's leading professional services firms. Our purpose is to future proof our cities and environments. We have over 65,000 team members across the globe. In Canada, our 12,000+ people are involved in everything from environmental remediation to urban planning, from engineering iconic buildings to designing sustainable transportation networks, from finding new ways to extract essential resources to developing renewable power sources for the future. At **WSP** : + We value our people and our reputation + We are locally dedicated with international scale + We are future focused and challenge the status quo + We foster collaboration in everything we do + We have an empowering culture and hold ourselves accountable Please Note: Health and Safety is a core paramount value of WSP. Given the importance of keeping one another safe it is expected that you comply with our Health, Safety & Environment (HSE) policy at all times as well as client HSE policies when working at client locations. Offers of employment for safety-sensitive positions involving fieldwork are contingent upon candidates being able to perform key physical tasks of the job as described in the job posting and interview. This may include the ability to work in a variety of environmental conditions, such as remote or isolated areas, working alone, and in inclement weather (within safe and reasonable limits). WSP welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process. WSP is committed to the principles of employment equity. Only the candidates selected will be contacted. WSP does not accept unsolicited resumes from agencies. For more information please READ THE FULL POLICY. (https://www.wsp.com/en-CA/careers/notice-to-staffing-agencies)