Senior Analyst, OT Cyber Security

Domtar

  • Montréal, QC
  • Permanent
  • Temps-plein
  • Il y a 2 mois
Domtar is a leading producer of pulp, paper, packaging, tissue and wood products. Through our focus on safety and sustainability, as well as our commitment to operational excellence and our network of facilities across Canada and the United States, Domtar delivers high-quality and cost-effective products to customers around the world.Our workforce is comprised of 14,000 talented and hardworking individuals. We are proud to offer competitive compensation, a supportive working environment, rewarding career paths and plenty of opportunities for learning and growth.The location in Montreal, (Quebec, Canada), is seeking talent to fill the position of Senior Analyst, OT Cyber Security. This job is full-time permanent.Overview: The OT Cyber Security Analyst is responsible for safeguarding Operational Technology (OT) environments by identifying, assessing, and mitigating cybersecurity risks. This role works closely with the Cyber Security Operations team and the Operational Technology team to ensure that industrial control systems (ICS), SCADA systems, and other OT assets are secured against emerging threats. The analyst will provide cybersecurity guidance, implement security controls, and support compliance initiatives while ensuring minimal disruption to operational processes.The analyst will play a key role in integrating cybersecurity best practices into industrial control systems (ICS), SCADA, and other OT infrastructure.Your Challenges:
  • Act as a cybersecurity advisor to the Operational Technology Team, ensuring security principles are integrated into industrial processes while maintaining operational efficiency.
  • Monitor OT networks for security threats, respond to incidents, and conduct forensic investigations when necessary.
  • Conduct security risk assessments on OT environments and ensure compliance with industry regulations and standards such as NIST, IEC 62443, and CISA guidelines.
  • Deploy and manage security tools such as firewalls, intrusion detection systems (IDS), endpoint protection, and network segmentation solutions.
  • Identify vulnerabilities in OT systems, work with the OT Team to remediate risks, and implement compensating controls where necessary.
  • Provide cybersecurity coaching & guidance of best practices to OT personnel to enhance overall security posture.
  • Collaborate with both IT and OT teams to develop and improve incident response plans specific to OT environments.
  • Assist in developing OT cybersecurity policies, procedures, and playbooks to standardize security practices.
  • Work with vendors, third-party service providers, and regulatory bodies to enhance security measures for industrial environments.
Your Skills:
  • Experience working in manufacturing, utilities, or critical infrastructure environments.
  • Knowledge of incident response processes and forensic analysis in industrial settings
  • Familiarity with cloud security principles related to OT environments.
  • Understanding of cybersecurity implications of Industry 4.0 and IIoT (Industrial Internet of Things).
  • Experience with industrial control systems (ICS), SCADA, and distributed control systems (DCS).
  • Knowledge of OT network security, segmentation strategies, and protocols (Modbus, DNP3, OPC, PROFINET, etc.).
  • Understanding of secure remote access solutions and identity and access management (IAM) for OT environments.
  • Experience conducting vulnerability assessments and penetration testing in OT environments.
Your Profile:
  • Bachelor's degree in Cyber Security, Information Technology, Engineering, or a related field. Equivalent work experience will be considered.
  • 3+ years of experience in cybersecurity, with a focus on OT/ICS security preferred.
  • Strong knowledge of industrial control systems (ICS), SCADA, PLCs, and other OT technologies.
  • Familiarity with OT-specific security frameworks such as IEC 62443 and NIST CSF.
  • Experience with network security, firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection.
  • Hands-on experience with network segmentation and Zero Trust security models for OT environments.
  • Strong understanding of cyber threat intelligence, vulnerability & patch management, and incident response.
  • Bilingual English/French*.
  • Excellent communication and collaboration skills, with the ability to bridge the gap between cybersecurity and OT teams.
  • Industry certifications such as GICSP, CISSP, CISM, or CEH are a plus.
What we are offering
  • Competitive salary and annual bonus
  • At least three weeks of vacation and three floating holidays a year from the first day of work, depending on your experience
  • Full range of group insurance from the first day of work
  • Telemedicine services
  • Defined-contribution pension plan with generous employer participation from the first day of work
  • Employee and family assistance program
  • Education assistance program
  • Hybrid workplace: in-person and remote work
  • Work environment based on respect, inclusion and diversity
  • Office accessible by public transit
(*) English bilingual: If listed, this qualification is required since this function requires regular verbal and/or written interaction with customers, partners and/or our American subsidiaries.Domtar is firmly committed to placing greater emphasis on the principles of equity, diversity and inclusion to empower all employees to reach their full potential. We form a dynamic team whose diverse backgrounds and wealth of perspectives are one of the keys to our success. We offer an inclusive, rewarding and safe work environment with opportunities that will help grow your skills.To learn more about our company, consult the Domtar and follow us on , and .#LI-Hybrid#corpo21780
[[titleNOC]]
Information Technology

Domtar