Cyber Security Specialist

Status: Regular Full Time

Working Conditions: Hybrid

Education Level: 4 years of University in an appropriate field such as computer science or Software Engineering plus 1 year of further concentrated study in cybersecurity programs

Base Location: Oshawa, ON

Shifts(s): Days

Travel: 10%

Deadline to Apply: October 2, 2025

Salary Range: $1,704.68 - $2,924.93 Per Week

Electrify your career and help build a brighter tomorrow.

Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders and change-makers. Join us as we work to electrify life in one generation and build a sustainable future powered by our electricity, our ideas, and our people. Join OPG and make history.

Whether you work in the skilled trades or are a business professional, a career at OPG is an opportunity to electrify your life on -- and off -- the job.

JOB OVERVIEW

Ontario Power Generation (OPG) is looking for a dynamic, strategic and results-driven professional to join our team in the role of Cyber Security Specialist.   

Reporting to the Manager, Cyber Security IT/OT, this position is responsible to lead and continuously improve the end-to-end vulnerability management program—including scanning, prioritization, remediation coordination, reporting, and process optimization—by leveraging tools like Qualys, Rapid 7, and Service Hub, integrating threat intelligence, and collaborating with cross-functional teams to ensure comprehensive risk mitigation and alignment with organizational objectives and compliance requirements.

KEY ACCOUNTABILITIES 

• Perform regular and on-demand vulnerability scans across applications, endpoints, and network assets using tools such as Qualys and Rapid 7, ensuring comprehensive coverage and up-to-date detection capabilities.
• Prioritize vulnerabilities based on CVSS scores, exploitability, asset criticality, and business impact, and coordinate remediation efforts with infrastructure and application teams to ensure timely risk reduction.
• Monitor and communicate emerging global cyber threats—including phishing trends and targeted attacks in the energy sector—and integrate threat intelligence feeds into vulnerability management workflows to proactively address high-risk exposures.
• Design, implement, and continuously improve automated workflows for vulnerability tracking, reporting, and remediation to enhance visibility, accountability, and operational efficiency.
• Develop and maintain dashboards and reports to provide real-time insights into vulnerability posture, remediation progress, backlog aging, and SLA compliance, and present updates to senior leadership and governance boards.
• Conduct impact assessments and risk analyses for zero-day and critical vulnerabilities, escalate unresolved or delayed remediation efforts with appropriate risk context, and align actions with business continuity requirements.
• Administer, update, and optimize vulnerability management tools and integrations (e.g., Service Hub, SIEM) to ensure accurate data flow, streamline detection and response workflows, and resolve technical issues in collaboration with vendors or internal teams.
• Maintain high-quality, normalized asset and vulnerability data across platforms, define scanning scopes and schedules for maximum visibility, and ensure a deep understanding of asset types and environments to minimize blind spots and support effective risk management.

QUALIFICATIONS

• 4 years of University in an appropriate field such as computer science or Software Engineering plus 1 year of further concentrated study in cybersecurity programs
• Over 6 years experience working in cyber security operations.
• Proven hands-on experience with vulnerability management tools such as Qualys, Rapid 7, and Service Hub, including administration, configuration, and optimization.
• Strong knowledge of vulnerability assessment methodologies, CVSS scoring, risk analysis, and remediation best practices for diverse IT environments.
• Demonstrated ability to integrate and utilize threat intelligence feeds to inform vulnerability prioritization and incident response.
• Experience designing and automating workflows for vulnerability tracking, reporting, and remediation using dashboards and reporting tools.
• Excellent collaboration and communication skills, with a track record of working effectively with cross-functional teams and presenting security metrics and risk updates to leadership.
• Solid understanding of asset management, data quality assurance, and the ability to define scanning scopes and schedules to ensure comprehensive vulnerability coverage.

The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.

OPG is committed to fostering an inclusive, equitable, and accessible environment. If you require accommodation during the selection process, please contact AODA@opg.com

What makes a career at OPG different?

With operations across Ontario and the United States, OPG is one of the most diverse power producers in North America. As the largest generator in Ontario, we meet approximately 50% of the province’s electricity needs, largely from low-carbon sources like nuclear and hydro. 

As we work to achieve our vision of Electrifying life in one generation, OPG and our family of companies are also helping advance the development of new low-carbon technologies such as Small Modular Reactors (SMRs), refurbishment projects, and electrification initiatives to help power the growing demands of a growing economy. Join OPG and make history.

Please submit your application online at https://jobs.opg.com/.  OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.

#LI-Hybrid 

The base salary range considers many factors including, but not limited to experience, education, and training, including any collective agreement requirements for union represented positions. It is not typical for the salary to be offered near the top of the range, and salary is dependent on numerous factors. For management roles, the base salary range does not represent the total compensation package. The total compensation package for regular full-time management roles includes pay-for-performance programs for annual and medium time periods. Maintaining a high-performance culture and excellence is a core expectation of every member of our leadership team and is rewarded through the established compensation framework.

OPG is committed to employment equity. As such, we encourage applicants from equity-seeking communities (Indigenous Peoples, racialized persons, persons with disabilities, and women). We strongly believe that alleviating the under-representation of equity-seeking individuals will create a stronger OPG team and allow us to better serve the needs of our diverse communities.

In order to fulfill the above-mentioned purpose, priority in hiring may be given to qualified persons who self-identify as a member of equity-seeking groups as identified in the application process. This initiative constitutes a special program under the Human Rights Code/Canadian Human Rights Act.