IT Security Project Manager

Status: Contract (Up to 36 Months)

Working Conditions: Hybrid

Education Level: 4-Year University Degree in Engineering, Computer Science, Business Administration with a specialization in Project Management, or a related discipline.

Base Location: Oshawa, ON

Shift: Days

Travel: 10%

Deadline to Apply: May 25, 2026

Salary Range: $2,751.92 - $3,227.88 Per Week

Electrify your career and help build a brighter tomorrow.

Every generation has a challenge that defines them. At OPG, we are calling on all innovators, disruptors, thought leaders and change-makers. Join us as we work to electrify life in one generation and build a sustainable future powered by our electricity, our ideas, and our people. Join OPG and make history.

Whether you work in the skilled trades or are a business professional, a career at OPG is an opportunity to electrify your life on -- and off -- the job.

JOB OVERVIEW

Ontario Power Generation (OPG) is looking for a dynamic, strategic and results-driven professional to join our team in the role of IT Security Project Manager.

Reporting to the Senior Manager Projects, this position is responsible to Lead and govern end-to-end delivery of enterprise security programs across regulated environments, cloud/SaaS, IAM, third-party risk, and emerging domains (OT/post-quantum/AI governance), aligning Compliance/Legal/Security/IT stakeholders to execute audit-ready roadmaps, manage risks and dependencies, and deliver measurable outcomes on time.

KEY ACCOUNTABILITIES 

• Lead end-to-end delivery of security initiatives in regulated/critical infrastructure contexts (e.g., NERC CIP, SOX), ensuring scope, controls, evidence, and timelines align to audit and regulatory expectations.
• Establish and run program governance with Compliance, Legal, Security, IT, and business leaders—driving clear decision-making, dependency management, and consistent executive communication.
• Manage delivery across cloud platforms and SaaS environments by translating security strategy into executable roadmaps, milestones, and release plans, ensuring outcomes are measurable and adopted.
• Own the delivery lifecycle for IAM initiatives (e.g., access governance, authentication/authorization improvements, lifecycle management), coordinating resources and vendors while ensuring solutions meet policy and risk requirements (without acting as the hands-on engineer).
• Coordinate planning and delivery support for initiatives in specialized domains (e.g., OT/industrial security or post-quantum cryptography readiness), ensuring stakeholders, timelines, and risks are actively managed.
• Support AI security and governance initiatives by coordinating risk management activities for LLM use cases, aligning control requirements, and driving execution of secure AI deployment frameworks across teams.
• Apply strong program/project management discipline (PMP-level) and security governance practices (CISSP/CISM/CISA-aligned) to maintain clear plans, RAID logs, reporting, and audit-ready documentation across delivery efforts.

QUALIFICATIONS

• 4-Year University Degree in Engineering, Computer Science, Business Administration with a specialization in Project Management, or a related discipline.
• Minimum 8 years of experience leading delivery of enterprise security programs and initiatives in regulated and/or critical infrastructure environments (e.g., NERC CIP, SOX), with demonstrated accountability for audit-ready scope, control alignment, evidence collection, and milestone execution
• Experience delivering security programs in regulated and/or critical infrastructure environments (e.g., NERC CIP, SOX), including audit readiness, control alignment, and evidence management.
• Proven ability to establish and run cross-functional governance with Compliance, Legal, Security, IT, and business stakeholders, including executive communication and risk escalation.
• Experience managing security delivery across cloud platforms and SaaS environments, translating strategy into roadmaps, milestones, and measurable adoption.
• Experience leading IAM and Third-Party Risk Management (TPRM) initiatives, including coordinating internal teams/vendors and driving remediation through completion.
• Certifications such as PMP, CISSP, CISM, or CISA (or equivalent practical experience), plus familiarity with emerging domains such as OT/industrial security, post-quantum cryptography planning, and/or AI security and governance (e.g., LLM risk management).

The successful candidate will exhibit uncompromising integrity and commitment to upholding corporate values, and the OPG Code of Business Conduct.

OPG is committed to fostering an inclusive, equitable, and accessible environment. If you require accommodation during the selection process, please contact AODA@opg.com

What makes a career at OPG different?

With operations across Ontario, OPG is one of the most diverse power producers in North America. As the largest generator in Ontario, we meet approximately 50% of the province’s electricity needs, largely from low-carbon sources like nuclear and hydro. 

As we work to achieve our vision of Electrifying life in one generation, OPG and our family of companies are also helping advance the development of new low-carbon technologies such as Small Modular Reactors (SMRs), refurbishment projects, and electrification initiatives to help power the growing demands of a growing economy. Join OPG and make history.

Please submit your application online at https://jobs.opg.com/.  OPG thanks all those who apply; however, only candidates considered for an interview will be contacted.

#LI-Hybrid 

Please note: All job postings at OPG are to fill existing vacancies within our organization. 

OPG may use artificial intelligence (AI) tools as part of the applicant screening process. However, applications will also be reviewed by a member of our Recruitment team to ensure a fair and thorough assessment.

The base salary range considers many factors including, but not limited to experience, education, and training, including any collective agreement requirements for union represented positions. It is not typical for the salary to be offered near the top of the range, and salary is dependent on numerous factors. For management roles, the base salary range does not represent the total compensation package. The total compensation package for regular full-time management roles includes pay-for-performance programs for annual and medium time periods. Maintaining a high-performance culture and excellence is a core expectation of every member of our leadership team and is rewarded through the established compensation framework.

OPG is committed to employment equity. As such, we encourage applicants from equity-seeking communities (Indigenous Peoples, racialized persons, persons with disabilities, and women). We strongly believe that alleviating the under-representation of equity-seeking individuals will create a stronger OPG team and allow us to better serve the needs of our diverse communities.

In order to fulfill the above-mentioned purpose, priority in hiring may be given to qualified persons who self-identify as a member of equity-seeking groups as identified in the application process. This initiative constitutes a special program under the Human Rights Code/Canadian Human Rights Act.