Security Operations Specialist

Electrical Safety Authority (ESA) has a clear mandate from the Ontario government. Everything we do aims to improve electrical safety for the public.

To do this, we anticipate, understand and prevent electrical-related harms.

To learn more about Electrical Safety Authority and how we are keeping Ontario safe, please visit esasafe.com

KEY RESPONSIBILITIES

Supports the monitoring and proactive and reactive protection of the IT environment

for security and infrastructure risks and directs the resolution of security incidents

through the security incident life cycle according to best practices and leverage

automation and scripting where possible. Supports the enterprise SIEM (Security

Information and Event Management) and ensures timely remedy of security breaches,

incidents and vulnerabilities.

Design, configure, maintain and administer the company’s security, network,

infrastructure systems, physical and virtual servers, role-based permissions, account

administration, data protection and governance, with the support of the designated

vendors. Manage project teams set up to integrate these systems into the company’s

information systems. Assist other IT professionals in project set up to develop and

implement information systems.

Resolve issues related to security, network and infrastructure. In consultation with

supervisor and others, plan and deploy appropriate patches, fixes, enhancements and

updates, leveraging automation and scripting where possible. Prepare test plan and

communications including documenting processes.

Supports the development of Security Strategy and Security Policies using a risk-based

methodology, processes and standards that ensure transparency of activity, segregation

of duties and appropriate access. Includes management, and hands on configuration

and maintenance of security and infrastructure tools and systems to maintain an

appropriate security risk profile.

Identifies and actively mitigates security vulnerabilities in ESA’s systems, networks, and

applications in order to enhance the overall ESA’s security posture. Includes assisting

project staff with security related matters and interfacing with various ESA and external

stakeholders to ensure adequate level of security policy setting in ESA technology

platforms and new technology deployments.

Provides strategic and architectural advice in the areas of security and infrastructure to

move ESA towards significant operational improvements as defined by the IT strategy.

Acts as a technical lead on projects requiring technical security and infrastructure

knowledge.

Supports the development, and management of ongoing IT service management

framework, working closely with ESA’s business and IT teams to develop the ESA IT

process service management framework that is aligned with current and future business

needs and ESA's strategic plan.

o Supports major incidents from report to resolution including communication

updates and coordinating technical bridges. Participates in weekly Change

Advisory Board (CAB) meetings. Supports Monthly Enhancement Process with

business. Supports the lifecycle of problem ticket management. Maintain asset

inventory via CMDB. Develops knowledge base articles and keep up to date

documentation. Creates patch management plans. Provide scheduled reports

where appropriate.

Identifies security training needs. Escalates issues to Supervisor as necessary. Provides

training to users and teammates.

Manage and maintain important vendor relationships for areas of expertise. Act as an

initial escalation point for IT security and infrastructure related vendors for all

departments.

Performs other duties as required.

QUALIFICATIONS

Requires knowledge of IT security, information technology, computer hardware, and

applications software.

Requires an excellent knowledge of English to document procedures and processes and good

communications skills to discuss business problems and recommend information technology

solutions.

• ITIL, IT security and infrastructure certifications are desired.
• Hands-on experience with IT service management and related processes is required.
• This knowledge is considered to be normally acquired either through the successful completion

of a four-year university degree in information technology or by having the equivalent level of

education.

EXPERIENCE :

Requires experience in implementing and operating a full range of enterprise IT

security and infrastructure solutions (i.e SIEM, PAM, IAM, AV, Web Filter, Mail Filters,

SASE, EDR, Azure, Active Directory, SCOM, Cisco Network components and others).

Requires business experience sufficient to discuss business problems and recommend

application solutions.

Requires excellent business writing skills to document recommendations and

proposals. Requires experience to identify training requirements and to plan and

coordinate training activities.

Requires the ability for both strategic and tactical thinking. Experience must include

background in a customer-based setting which requires elements of coaching or

training, presentation, organizational and communication skills.

Person must be able to not only plan and manage the work but also be hands on with

all systems to make necessary changes on their own.

A period of over 4 years and up to and including 6 years is considered necessary to

gain this experience.

Why Join ESA?

ESA is one of Ontario's leading employers. By joining our team, you will enter a safety and development-focused environment.

We will build on your strengths, appreciate your diversity, provide opportunities for your development and challenge you to be your best.

To learn more about Electrical Safety Authority and how we are keeping Ontario safe, please visit esasafe.com.

Please be advised that in relation to all job postings on this webpage, accommodation for persons with disabilities is available throughout the recruitment process upon request in accordance with requirements under the Human Rights Code and the Accessibility for Ontarians with Disabilities Act please send your request to [email protected].