How Agropur invests in YOU

• Recognition of years of service in calculating vacation time
• Flexible group insurance plan, including telemedicine service
• Employee assistance program
• Opportunity to invest in you (Career Path, Mentoring program, etc.)
• Pension plan including employer contributions

What's involved in this role :

• Plan the development and implementation of an IT security roadmap, communication, and support initiative within an overall cybersecurity strategy.
• Collaborate with CISO to ensure synergy between respective IT and OT planning.

Budget and Priorities

• Operate and define budget allocation processes and priorities according to the initiatives defined in the cybersecurity program, while proposing continuous improvement around the processes.
• Collaborate with the CISO to define the budgets allocated for the OT security initiative according to the road map.

Requirements

• Establish and collect requirements for the various elements related to the OT guide of the cybersecurity program and strategy, as well as implement continuous improvement initiatives.
• Identify and approve cybersecurity requirements for engineering/automation projects to ensure they are aligned with overall strategy.

Communications

• Manage formal communication with plants and OT teams regarding cybersecurity strategy mandate notifications and road map updates.
• Communicate appropriate information regarding support to operations for adherence to the cybersecurity program.

Main Duties

• Advise the organization and plants on the best strategy for securing Operational Technologies and ICS assets, based on Cyber threats and risks.
• Maintain a knowledge base on CTI (cyber threat intelligence) in the OT/ICS field, and make organizations aware of new threats and risks, and propose associated protective measures.
• Develop and expand CTI security governance documents and references, including security policies, procedures, standards and guidelines.
• Advise on and implement security controls to mitigate risks to critical systems and resources.
• Propose and implement Cybersecurity controls for ICS/OT and reinforce the security architecture to ensure the resilience of systems, equipment, and networks against Cyber-attacks.
• Develop recommendations and support organizations in the definition of vulnerability management programs for Operational Technologies and Industrial Control Systems, as well as the development of associated detection, reporting and remediation procedures.
• Conduct ICS/OT security audits and gap analyses, communicate the results effectively to the various managerial and technical audiences, and propose effective solutions to mitigate the risks identified.
• Support organizations in achieving and maintaining compliance of ICS/OT environments with current regulations, norms and standards, and develop and strengthen ICS/OT incident detection and response procedures.
• Contribute to the maintenance and expansion of the Cyber Risk department's knowledge base through active monitoring of the latest technologies and standards, as well as current threats and vulnerabilities.

• Supervisory Responsibilities
• Responsible for employee relations including work direction of employees, hiring, training, performance reviews, administering policies and procedures, disciplinary action, and compensation recommendations.
• Direct implementation of departmental objectives, goals and policies.
• Carry out supervisory responsibilities in accordance with the organization's policies, procedures and guidelines.
• Understand and adhere to Good Manufacturing Practices.
• Safety Protocol
• Stop any observed unsafe acts and obey facility safety rules and procedures.
• Correct or report any observed safety hazards.
• Support safety policies and programs.

What you need to join our team

• Bachelor's degree in engineering and information technology training in cybersecurity;
• You have 10 years' minimum experience in information technology related to operations;
• You have 5 to 7 years' experience in cybersecurity, risk management and implementation of security programs for Industrial Control Systems and Operational Technologies;
• You have in-depth knowledge of Distributed Control Systems (DCS), Supervisory Control and Data Acquisitions (SCADA) and Programmable Logic Controllers (PLC), and of related security best practices;
• You are familiar with NIST ICS Framework standards;
• You hold certifications such as CISSP, Lead SCADA Security Manager (an asset);
• You have good interpersonal skills and experience in developing relationships with stakeholders;
• You have supported complex, high-quality projects, including effective management of programs, projects, finances and people;
• Rigorous, with good interpersonal, writing and speaking skills,

Agropur welcomes people from all backgrounds and walks of life. We are proud to be an employer with a diverse community and are committed to providing a respectful and inclusive experience for all employees and applicants. We will therefore work with candidates who request accommodation. Please note that an adequate knowledge of French is required for positions in Quebec.