Sr. Cybersecurity Specialist
at Thales Canada Inc., Defence and Security

Job Description

Location: Halifax, Canada

In fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.

Fredericton, N.B. (CAN), Onsite

Thales requires a Cybersecurity Specialist with proven experience working with Enterprise, Industrial, Critical Infrastructure (CI), and Operational Technology (OT) environment. As a Cyber Security Specialist, you will possess a good understanding of industrial control systems (ICS) fundamentals. You will also have hands-on experience in assessing, troubleshooting, and securing control systems, working with various vendors, and be knowledgeable with communication protocols such as TCP/IP, MODBUS, ICCP, DNP3, RTU, OPC, HMI, PLC, distributed control system (DCS) and supervisory control & data acquisition (SCADA). You also must be able to evaluate the network architecture, distinguish the Enterprise (IT) and OT environment and identify cyber risks at each Purdue level.

In addition, the Cybersecurity Operations Centre (CSOC) team will rely on your contribution to perform an in-depth analysis of digital artifacts, identify malicious operations, and evaluate the real impact to solve in a quick and efficient manner. Previous work experience in ICS/OT and Cybersecurity consulting is vital for this role.

The Cybersecurity specialist is responsible for providing business-driven, cost-effective advice on the management of risk and security vulnerabilities for Enterprise (IT) and Operational Technology (OT) customers. You will support the development of Cybersecurity practices including but not limited to:

Cyber Consulting

• Deliver IT and OT assets discovery including logical and physical site assessments.
• Recommends implementation of new OT controls across provide more cost-effective risk mitigation.
• Deliver Cyber Risk assessment for IT or OT environment including security architecture and design review.
• Support the architecture design and recommend enhancement of Cybersecurity capabilities in OT environment.
• Member of the Cyber Design Authorities (CDA) for projects.
• Deliver reports with pragmatic solutions and provide actionable recommendations.
• Lead technical workshops to support the risk assessments activities.

Cyber Security Operation (CSOC)

• Provide guidance in designing, implementing, enhancement, and maintaining the CSOC platform (SIEM, log management systems, correlation engine, EDR, and SOAR).
• Provide technical guidance to CSOC team technical analysis.
• Point of escalation for CSOC analysts in support of cybersecurity investigations.
• Support threat-hunting activities, looking for anomalies. Ingest, analyze, and contextualize data and turn that into intelligence for threat assessment and risk management.
• Train, coach, and mentor the CSOC team.

Cyber Range and Training

• Contribute to developing training materials and content.
• Research and contribute to building new threat scenarios and attack patterns.
• Support new integrations of various technologies into the Cyber Range infrastructure.
• Conduct live Cyber training exercise and simulations.
• Document findings and share post-exercise feedback to participants.

• Bachelor's degree in engineering, computer science, cybersecurity or related IT fields or job experience equivalent with a minimum of eight (8) years of experience
• Over 5 years of related experience working in ICS and Operation Technology (OT) environment.
• Over 5 years of related experience on a Computer Incident Response Team (CIRT) or a Security Operations Center (SOC)
• Candidate must have a proven experience supporting System/Network Architecture, Cybersecurity consulting and fundamentals with Industrial Control Systems (ICS), Operational Technology (OT).
• Vendor specific training and certifications: IBM QRadar, Splunk, Palo Alto, FireEye, Cisco, Microsoft, Amazon (AWS)
• Knowledgeable with NIST Cybersecurity Framework (CSF), ISA/IEC 62443, NIST800-82, MITRE ATT&CK and d3fend

If you're excited about working with Thales, but not meeting the requirements for this position, we encourage you to join our Talent Community!

Special Position Requirements

Schedule: 40 hrs. per week. Available for on-call or emergency.

Physical Environment: Cybersecurity Operation Center, Cyber Range, Cyber Labs.

Travel: Yes, NDEC facility and customer sites as needed.

Customer Location Based or Site Visits: within North America.

What We offer

Thales provides an extensive benefits program for all full-time employees working 24 or more hours per week and their eligible dependents, including the following: 

•Company paid Extended Health, Dental, HSA, Life, AD&D, Short-term Disability, Cancer Care Program, travel insurance, Employee Assistance Plan and Well-Being program.

• Retirement Savings Plans (RRSP, DCPP, TFSA) with a company contribution and a match to a DCPP, with no vesting period.

•Company paid holidays, vacation days, and paid sick leave. 

•Voluntary Life, AD&D, Critical Illness, Long-Term Disability.

•Employee Discounts on home, auto, and gym membership.

Why Join Us?

Say HI and learn more about working at Thales click here.

#LI-Hybrid

#LI-PD1

Thales is an equal opportunity employer which values diversity and inclusivity in the workplace. Thales is committed to providing accommodations in all parts of the interview process. Applicants selected for an interview who require accommodation are asked to advise accordingly upon the invitation for an interview. We will work with you to meet your needs. All accommodation information provided will be treated as confidential and used only for the purpose of providing an accessible candidate experience.

This position requires direct or indirect access to hardware, software or technical information controlled under the Canadian Export Control List, the Canadian Controlled Goods Program, the Canadian Industrial Security Program, the US International Traffic in Arms Regulations (ITAR) and/or the US Export Administration Regulations (EAR). All applicants must be eligible or able to obtain authorization for such access including eligibility to the Canadian Controlled Goods Program and able to obtain a Canadian NATO Secret clearance.