Cyber Security Engineer (Fredericton, NB)
Canadian Nuclear Laboratories
Fredericton, CA
1d ago

INTRO

Canadian Nuclear Laboratories (CNL) is Canada's premier nuclear science and technology organization. CNL has been a world leader in developing peaceful and innovative applications from nuclear technology through its expertise in physics, metallurgy, chemistry, biology and engineering.

CNL's 3500 highly skilled employees deliver a range of nuclear services from research and development, design and engineering to specialized technology, waste management and decommissioning.

CNL's cyber security research team conducts leading edge research in cyber security of instrumentation and control systems in the nuclear industry and for critical infrastructure.

Digital security concerns and evolving standards and regulations are driving demand for safe and secure solutions by both business and industrial consumers.

Unlike IT systems, industrial control systems are often bound by strict regulatory requirements and rigorous change controls that introduce complexities, risks and costs that are substantially higher for any modernization or modification and therefore requires specialists in Instrumentation & Control (I&C) systems with cyber security expertise.

CNL is looking for an experienced Cyber Security Research Scientist / Engineer who has a keen interest and experience in cyber security as applied to instrumentation and control systems.

DUTIES

  • Utilize advanced methods to develop cyber security assessment and penetration testing methodologies for industrial control applications.
  • Serve as a core member of the cyber security research group, with particular emphasis on cyber security of instrumentation and control (I&C) systems.
  • Propose, develop, and lead technical projects to evaluate cyber security solutions using a combination of electrical, I&C, and computer engineering.
  • Support product development of cyber security products and services for critical infrastructure.
  • Conduct security assessments of I&C equipment using recognized standards and guidelines
  • Develop methodologies to mitigate vulnerabilities in I&C equipment and applications (e.g., penetration testing, change management, vendor management);
  • Propose new cyber security techniques and technologies and design, develop, test and validate these new capabilities with the goal of developing practical and innovative cyber security solutions for industrial control applications.
  • Responsible for guiding the work of junior scientists / engineers or technicians assigned to a common project.
  • Provide presentations to stakeholders and contribute to internal reports, presentations, and technical refereed journal publications.
  • Other duties as required.
  • QUALIFICATIONS

    Undergraduate degree in Computer Science, Engineering, or Applied Mathematics from a university of recognized standing, or membership in an engineering or scientific professional organization authorized by statute to establish qualification for membership in that organization.

    Higher education (MSc, and / or PhD) is an asset.

    Ten (10) years of relevant experience in I&C systems technology, or information security / cyber security technology is preferred.

    Specialized knowledge / expertise in a particular area of cyber security would be an asset (e.g., machine learning, secure system design, vulnerability assessments, wireless security).

    Strong technical problem solving skills, ability to make recommendations on technical issues, and prepare work plans with minimal supervision.

    Significant practical knowledge and hands-on experience with :

    I&C domain protocols and standards such as MODBUS and OPC

    Design and implementation of control system network architectures

    Programming PLCs, HMI SCADA systems such as Siemens, Allen Bradley and Triconex

    Specifying field instrumentation, PLC and SCADA hardware, and wiring design

    Recognized industry standards and guidelines

    Knowledge and / or experience with cyber security technologies a strong asset (e.g., intrusion detection systems, forensic analysis tools, next generation firewalls, application control, whitelisting, AV, encryption, automated auditing, analytics), and advanced persistence threats, zero day exploits, malware attack vectors and threat intelligence.

    Since it is recognized that applying cyber security solutions to I&C systems is experience that candidates may lack,a demonstrated interest in the area combined with an ability to learn quickly, have strong self-

    motivation and enthusiasm for the work, and an ability to pay attention to detail and have good organization skills, will be considered.

  • Ability to think abstractly and deal well with ambiguous / undefined problems and various types of clients and customers.
  • Ability to handle software and hardware problems; devise new approaches, apply existing criteria in new manners, and draw conclusions.
  • Can effectively articulate novel ideas, concepts, and proposals for new projects and ongoing work.
  • Experience and willingness to mentor junior developers and engineers.
  • CNL has an Employment Equity Program and encourages applications from women, Aboriginal Peoples, visible minorities and persons with disabilities.

    Email

    Apply
    Add to favourites
    Remove from favourites
    Apply
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Continue
    Application form