Responsable de la sécurité de l’information - Business Information Security Officer - Montréal

Offer ID:

85651

Job:

Digital and IT / Cybersecurity

Contract type:

Permanent

Country:

Canada

Equans is looking for a Business Information Security Officer in Montreal!

The Equans group is a world leader in the energy and services industry. The Group operates in 20 countries, with 90,000 employees working on 5 continents. Equans is a Bouygues group company.

Equans designs, installs, and delivers customized solutions to improve its customers’ equipment, systems and technical processes and optimize their use in the context of their energy, industrial and digital transitions. Equans is a Bouygues group company.

Active in Canada and the United States for more than 30 years, Equans Services is the partner of businesses, industries and institutions that want to move towards more connected buildings, manage their facilities efficiently and reduce their carbon footprint.

We design, implement, and maintain custom solutions to improve our customers’ facilities, systems, and infrastructures.

Our core offerings are focused on the following areas:

• Integrated Asset and facilities management;

• Operation and maintenance of buildings and equipment (including district heating and cooling);

• Energy efficiency solutions and execution of decarbonization roadmaps;

• Building automation and systems;

• Solutions for transportation and mobility.

To learn more, visit www.equansservices.com/en

Summary

The Business Information Security Officer (BISO) for Operational Technology (OT) and Customer-Facing solutions serves as the primary security liaison between the cyber security organization and business units responsible for OT environments and externally delivered solutions. This role owns the security program for these domains, driving secure onboarding of systems and partners, maintaining documentation standards, participating in design and architecture reviews and leading security assessments for both OT networks and customer-facing solutions.

This is a highly cross functional role requiring deep technical security knowledge, strong stakeholder communication skills and an understanding of industrial control systems (ICS), and enterprise solution delivery. The BISO acts as a security strategist ensuring that security is embedded into processes from initial designs through ongoing operations post-delivery.

Description

Onboarding & Vendor/System integration

• Leading the security onboarding process for new OT Systems and customer facing solutions, ensuring all assets are assessed, documented and approved before production deployment;
• Define and enforce security requirements, including network segmentation standards, access control models, and identity management policies for OT and customer solution environments;
• Coordinate with procurement, legal and IT teams to ensure that third party vendors meet security baseline requirements through contract review and vendor risk assessments.

Documentation & Standards Management

• Own the security documentation library for OT and customer-facing solution domains including network diagrams, network flows, security control matrices, security plans and backup solutions;
• Develop and maintain security standards and procedures specific to OT environments;
• Ensure documentation remains current through periodic review cycles and is aligned with applicable compliance frameworks;
• Collaborate with engineering, operations and product teams to capture security architecture decisions and maintain accurate as-built documentation.

Design Review & Architecture Participation

• Participate in architecture design review as a security SME;
• Review proposed OT system architectures, network designs and customer solution designs for security gaps – providing documented findings and remediation recommendations.

Security Review & Risk Assessment

• Lead security reviews for OT network changes, new customer-facing solutions and significant modifications to existing deployments, producing risk assessment reports with prioritized findings;
• Coordinate penetration testing and vulnerability assessments activities scoped to OT and customer solution environments; track findings through remediation;
• Assess and communicate residual risk to business stakeholders and CISO, facilitating informed risk acceptance decisions when appropriate;
• Serve as the security point of contact for customer security questionnaires, audits and third-party security assessments related to delivered solutions.

Requirements

• Autorisation de travailler au Canada;
• Capacité à réussir les vérifications d’antécédents et les contrôles de sécurité requis;
• Minimum of 7+ years in information security with at least 3 years focused on OT/ICS security or customer-facing solution security in a solutions provider, or managed services context;
• Demonstrated experience conducting security design reviews, architecture assessments, and risk analysis for complex networked environments;
• Working knowledge of OT/ICS security standards and frameworks;
• Familiarity with enterprise IT security frameworks;
• Experience managing security documentation programs;
• Strong understanding of network security principles; segmentation, DMZ design, firewall policy, remote access, identity and access management;
• Excellent verbal and written communication skills; ability to present security risk to both technical and non-technical audiences;
• Level of spoken and written French: Beginner;
• Level of spoken and written English: Proficient;
• Frequency of English usage: Daily.

Asset

• CISSP, CISM, GICSP or equivalent;
• Direct experience with DCS, PLCs, historians or industrial IOT networks;
• Experience working alongside regulated industries such as energy/utilities or manufacturing;
• Background in solutions delivery or managed security services;
• Experience with security tooling relevant to OT and enterprise environments;
• Familiarity with secure remote access solution implementations and designs.

What Equans offers you

• Group insurance coverage starting on your first day

• A bonus program

• A retirement plan

• Thirteen (13) public holidays

• Work–life balance

• Opportunities to grow within the company

• The chance to be part of a large international group

• We believe in the importance of diversity and inclusion

Equal employment opportunity

Equans Services adheres to the principles of employment equity and values diversity and inclusion. We therefore encourage applications from all individuals, including women, Indigenous peoples, persons with disabilities, and individuals of all backgrounds and identities. We are committed to providing a respectful, accessible, and equitable work environment where everyone can thrive and contribute to our collective success.

Comment

Does this challenge interest you? We would like to get to know you and we thank everyone who applies.

Pay range is

Place:

Workplace : 1100, boul. René-Lévesque Ouest H3B 4N4 Montréal Canada