Job Portal

Currently, we are looking to hire an Enterprise Cyber Security Specialist to join our Cyber Security Risk Team in a Permanent position. Reporting to the Cyber Security Risk Lead, you will be responsible for providing highly skilled security expertise and operational support for all Emera Canadian companies (Nova Scotia Power, Emera Inc., Emera Energy, Emera New Brunswick, and Emera Newfoundland and Labrador) and all technologies (information technology, operational technology, customer technology).

As an Enterprise Cyber Security Specialist, you will proactively identify and assess threats to NSP’s network and data, monitor NSP’s network for malicious activity, investigate intrusions and other relevant events, and have a sophisticated and detailed understanding of the evolving threat landscape. You will be the lead for all aspects of your specialization and work collaboratively with all external and internal stakeholders. You are seen as a change agent in your specialization by presenting alternative solutions to complex problems including a clear rationale for recommendations and understanding of interdependencies across affected functional lines of business.

As a successful candidate, you are required to live in or be willing to relocate Nova Scotia for this role.   

In this role you will oversee the operationalization of new cyber security capabilities in your specialty as well as leverage existing tools and techniques to mature security practice, capabilities, and methodologies throughout the organization. More specifically:

• Based on insights gained from expertise, work with Cyber Security Risk Lead to provide input on the development of new cyber security capabilities, managing multiple risk assessments simultaneously, and workforce planning to accomplish small to medium projects.
• Conduct threat risk assessments, third party risk assessments and make recommendations for risk remediation, tools, artifacts and frameworks used for risk and security assessments within your specialty.
• Proactively assess the enterprise infrastructure for current and potential risks, vulnerabilities or security threats by leveraging risk assessment tools, conducting security assessments, and determining if anomalies are actual system compromises. This is to ensure all pertinent information is obtained to allow for the identification, containment, eradication, and recovery actions to occur in a time sensitive environment.
• Identify, evaluate, and recommend corrective action plans (changes to architecture, hardware, and software) that assist in the mitigation/remediation efforts of identified cyber security risks and vulnerabilities.
• Lead risk management sharing sessions with other companies, industry partners, and agencies, as well as third party risk notification to stakeholders.
• Leverage experience, critical thinking, and analytical skills to find inventive and effective solutions to security problems. Articulate complex information security concepts to non-technical employees clearly while accurately portraying risks and threats to the company.
• Assist in the development of threat/risk metrics, security processes, and operational procedures.

• Expert knowledge of risk and security management process, methods, and tools.
• Expert in designing and implementing advanced methodology, artifacts, and tools for specialized areas of focus.
• Expert knowledge/training of project management fundamentals – methods and tools, project life cycles, and the integration of organizational change management.
• Leading continuous improvement, change and problem resolution for small to medium projects or initiatives.
• Develops others in the field of Cyber Security
• Experience with following is considered an asset:
• NERC (North American Electric Reliability Corporation) CIP standards
• Industrial Control System (ICS) or OT (Operations Technology) environments
• Azure Microsoft 365 security services.

Good working knowledge of the following is considered an asset: