Title Cybersecurity and Compliance Investigator

Cybersecurity and Compliance Investigator

INDEPENDENT ELECTRICITY SYSTEM OPERATOR (IESO)

Requisition ID: 20511 Location: Oakville - Hybrid Status: Regular Business Unit: Market Assessment & Compliance

Annual Pay Range: For standard 35-hour work week

Step 1

Step 2

Step 3

Step 4

Step 5

Step 6

Step 7

Step 8

Step 9

Step 10

$111,072

$119,028

$126,932

$133,276

$139,672

$144,404

$149,188

$152,360

$155,532

$158,704

The successful candidate will be placed at the appropriate step within the salary grade/band, based on relevant years of experience and other applicable considerations.

Why join us?

You’ve got great skills. And you want to use them in an organization where you know what you do every day matters. We get that.
We also know that ensuring Ontarians have access to affordable and reliable power doesn’t happen by accident. So we give you the tools, flexibility and support you need to achieve your goals, and development opportunities to help you grow. You’ll thrive in a collaborative, team-based environment that values your unique skills and experiences – and recognizes that when you do better, we become even better too.

Who we are

The Independent Electricity System Operator (IESO) works at the centre of the province’s power system, ensuring Ontarians have access to reliable and cost-effective electricity when and where they need it. We operate the province’s electricity grid 24/7, design, run and oversee the wholesale electricity markets, and plan and prepare to meet Ontario’s electricity needs – now and into the future.

The Opportunity

Reporting to the Supervisor-Reliability Standards Investigations and Audits, the Cybersecurity and Compliance Investigator performs the core investigative and compliance audit functions which serve to support the enforcement of compliance with reliability standards by Ontario market participants and the IESO. These reliability standards include criteria, rules and standards established by the IESO, the North American Reliability Corporation (“NERC”), and the Northeast Power Coordinating Council (“NPCC”), and include the NERC’s Critical Infrastructure Protection (“CIP”) standards, focused on cyber security.

Occasional travel will be required.

What you’ll be doing

Reliability Standards Compliance Audits

• Participates in and, if required, coordinates compliance audits of market participants in relation to NERC CIP and other reliability standards in accordance with an annual Compliance Monitoring Plan to be stakeholdered and issued to those participants who are deemed accountable for compliance with these standards.
• Participates in and, if required, coordinates the mandated grid monitoring, complaint intake, whistleblower referrals and other detection methods, for the purpose of identifying possible breaches of NERC CIP and other reliability standards.

Reliability Standards Compliance Investigations

• Participates and, if required, coordinates investigations of possible breaches of NERC CIP and other reliability standards, including information-gathering steps allowed for under the applicable legislation and/or market rules and the making of recommendations as to breaches of these standards.
• Participates and, if required, coordinates the information gathering and analysis which support the recommendation of sanctions for determined breaches of NERC CIP and other reliability standards, including financial penalties and the approval and monitoring of reliability mitigation plans.
• Liaises, where applicable, with other government agencies, IESO business units and Legal Services pursuant to various MOUs and protocols.
• Formulates findings and prepares recommendations to support VP of MACD’s consideration of enforcement rulings, determinations and orders.
• Adheres to all market rules and administrative law principles governing such investigations of breaches of the rules to provide assurance in respect of IESO and MACD reputational and litigation risk in the event of downstream dispute and litigation of MACD enforcement rulings.

Enforcement Disputes

• In coordination with MACD managers and supervisors, and IESO Legal Services, as required, executes the procedures, steps and decisions in the IESO’s dispute resolution process, as it pertains to disputes arising specifically from MACD enforcement determinations and orders related to reliability standards.
• This includes working with other staff and contractors to participate in good faith negotiations, mediation, arbitration, and/or appeal hearings before the Ontario Energy Board or the provincial courts, including the presentation of evidence and other information related to MACD investigations which have led to such enforcement determinations.

International Obligations and Coordination

• Executes MACD’s processes in accordance with any international or regulatory obligations or understandings with these or other authorities, at a minimum including cooperation agreements with FERC, NERC, NPCC, the Ontario Energy Board, the Canada Energy Regulator and the MESG.

Reliability Standards Investigation Framework

• Participates in and, if required, coordinates staff and contractor teams in the development of, maintenance of and adherence to a framework governing all of the above processes, including policies, handbooks, guides, procedures, processes, templates, tools and manuals.

Market Leadership

• Supports the Supervisor- Reliability Standards Investigations and Audits in providing advice to the government, regulator, and/or other stakeholders on cyber security and reliability-related considerations, as required.

Other

• Ensures that the confidentiality of data from/about market participants is safeguarded;
• Performs other duties as assigned.

What you'll need

• A period of 6-8 years of professional work experience
• University Degree in Engineering, Computer Science, Business or related degree that provides the foundation to understand the cyber security-related standards and practices applicable to power system generators, transmitters, and operators.
• Excellent command of the English language to ensure clear verbal and written communication in the areas of compliance auding, rule enforcement and interpretation, and to provide a high quality of customer service.
• Excellent analytical and reasoning skills to succeed in performing the core investigative and compliance audit functions.
• Experience in auditing compliance with the NERC CIP standards, NIST standards and/or other North American cyber security standards governing the operation of the electricity grid will be an asset.
• Experience in the implementation of cyber security standards and practices in the electrical and/or other utility environment.
• Experience in developing and managing projects and detailed business processes; in strategically evolving a new business; and identifying and implementing efficiency and effectiveness improvements.

What’s in it for you

• A comprehensive total rewards program, including best-in-class benefits and a flexible workplace
• A challenging, fast-paced and collaborative team environment, where your perspectives and experiences matter
• Leaders who support your growth and success through regular feedback and coaching
• The opportunity to work with some of the brightest minds in the industry
  

For future reference, please ensure to save a copy of the job description as it will no longer be available once the posting closes.

At the IESO, we know that achieving great results depends on embracing diversity by attracting, developing and retaining people from a wide variety of backgrounds. We do this by ensuring our recruitment and advancement policies are fair and equitable, and by creating an accessible and inclusive environment – one that values every team member’s unique skills and experiences and ensures they have the support they need to achieve their potential. If you require accommodation during the recruitment process, please let us know.

We thank you for your interest in a career at the IESO, but we will only contact those candidates selected for an interview.

Note: The successful candidate must be eligible to work in Canada and will be subject to a background check.

The IESO currently has a 3-day in-office work week for applicable roles. Over the course of 2026, the IESO will advance plans to acquire additional office space to accommodate more in-office time. While the timeline for moving to a full 5-day in-office model has not yet been established, we are committed to keeping employees and candidates informed as plans progress and give them as much advance notice as possible to prepare for any changes.

Join our talent community

Sign up for the talent community; stay in touch, find out about new opportunities – and discover how you can make a difference. Discover how we use our expertise and commitment to deliver reliable and affordable electricity to Ontario’s businesses and communities, and how we’re innovating to secure a stronger energy future for all Ontarians. Visit and be sure to follow us on .

Find out , and what we offer.