Specialist Information Security (Governance)

Date

November 5, 2025

Location

Mississauga, ON – Hybrid

Requisition ID

20668

Status

Regular

Business Unit

Information and Technology Services

Why join us?

The IESO is committed to ensuring Ontario’s electricity system meets the province’s needs today and into the future.

We are charged with purpose

, delivering reliable, affordable, and sustainable electricity for homes, businesses, and communities across the province.

We are energized to grow

, embracing opportunities to shape the future of a dynamic and evolving energy sector while advancing our careers.

We are powered by teamwork

, supported by diverse and passionate colleagues who foster respect, celebrate successes, and thrive on shared achievements. At the IESO, it’s not just what we do—it’s who we are!

Who We Are

Our central role includes managing the provincial power grid in real-time, overseeing and evolving Ontario’s electricity market, engaging with government, municipalities and Indigenous communities, and planning for Ontario’s future electricity needs. Our employees play a key role in driving grid innovation, protecting the system from threats, advancing the province’s energy conservation programs, and forecasting and procuring the electricity resources we’ll need in the decades to come.

This role is a part of…

- The Information Security team plays an important role in protecting the IESO systems from cyber threats by proactively monitoring systems and also raising cyber security awareness to the users of IESO systems. The Information Security team has a mandate to continue to strengthen the information security controls in alignment with our regulatory requirements and cyber security frameworks.

- Information & Technology Services - Unionized

What Makes This Role Exciting

The energy sector is rapidly evolving, offering exciting new opportunities for those who want to make a difference.

- The Specialist, Information Security will coordinate, plan and/or organize the development and delivery of Information Security services to business units in order to maintain the integrity of vital computer applications and information systems across IESO and to support executives and managers in fulfilling their due diligence responsibilities regarding Information Technology Security.

What You’ll Do

In this role, you’ll make a meaningful impact by contributing to the IESO team and supporting the electricity needs of the province through:

- Contribute to the development of Information Security Policy, Program and procedures for business units consistent with corporate security objectives and generally accepted and leading-edge Information Security practices and professional security standards; working collaboratively with IT Process Development Leaders and Information Security Leadership team.

- Support in the development and delivery of Identity and Access Management roadmap, IAM program governance including advice and consultation to key business stakeholders, to further support corporate security controls.

- Design and deliver simulated phishing campaigns and cyber security training support utilizing an online tool and ensuring configuration of the tool continues to deliver on the cyber security program and required metrics are generated for helpful insights.

- Collect performance metrics for information security and create presentations to show trends over time, focussing on areas of improvement and degrade of security controls.

- Contribute to the development of cyber security awareness training materials, general Cyber Security education including in-person presentations to staff.

- Support internal and external audit activities through information collection and participation in interviews; and collection, dis-semination and retention of audit evidence.

- Report results of Information Security assessments with conclusions, recommendations for improvement, planned management actions, follow-up status to Information Security Leadership Team.

- Participate and coordinate in the fulfilment of regulatory compliance requirements, from the collection of evidence from various stakeholders to ensuring retention and communication of audit evidence to support audits.

- As required, will lead/support projects, continuous improvement initiatives, perform assigned work, resolve problems and assess performance.

- Work with business units to determine data classification and ownership/custodianship.

In a typical day, you will

- Ensure there are adequate security tools available for performing system reviews.

- Keep abreast of developments in the areas of legal, regulatory, corporate requirements, technological developments and best practices in the Information Technology and Corporate Security field.

- Require high level of trust and integrity in the access/handling of confidentiality issues and information.

- Review and assess all requests for Exception and/or Exemption to policy.

- Perform other duties/tasks/projects as required or assigned.

Role Requirements

Our team consists of experts from diverse backgrounds, each bringing their unique perspectives and skills.

Education

To succeed in this role, you’ll need:

- Requires a sound knowledge of computer science, information technology systems and MS Office productivity tools.

- Excellent written and oral communication skills, to work collaboratively with peers and cross functional teams, end-users, review/input on procedures, standards and/or methods; and design/deliver training materials.

- This knowledge is considered to be normally acquired either through the successful completion of a university degree in the area of Computer Science or related discipline or equivalent.

Experience

- Requires experience coordinating/analyzing enterprise security systems on a diverse set of computing platforms, operating systems and applications, especially Windows NT and UNIX.

- Experience with systems implementation, identity and access managment program and processes, cyber security risks and controls.

- Previous experience as part of a large multi-disciplined project, and with systems vendors, which requires having sound project management skills.

- A period of over 5 years, up to and including 10 years is considered necessary to gain this experience.

How We Support You

From a comprehensive total rewards program to dynamic learning and development opportunities—including job rotations to broaden your expertise—we empower you to define and shape your own success. When you join the IESO, here’s what you can expect:

- Best-in-class benefits and long-term support in the form of a defined benefit pension plan.

- A commitment to flexibility as we currently support a hybrid model where applicable, that supports a blend of remote and in-office work based on business needs. Participating employees typically work in-office a minimum of four days and work remotely up to six days over a two-week period with a goal of maximizing in-office time through the use of established team days.

- Work in a dynamic and evolving sector that offers exciting opportunities and the chance to explore new career paths.

- Leadership that values meaningful discussions, welcomes feedback, and prioritizes career development.

- A strong, inclusive culture and a collaborative team environment with a shared passion for impactful work.

- Compensation packages that are regularly reviewed to remain competitive and to best accommodate the diverse needs of our employees.

For future reference, please save a copy of the job posting as it will no longer be available once the posting closes.

Thank you for your interest in a career at the IESO. Only candidates selected for an interview will be contacted. Please note that the successful candidate must be legally eligible to work in Canada and will be subject to applicable background checks.

IESO will not conduct interviews or offer positions via online, text, chat or social media platforms. We will not gather personal information directly from candidates or potential candidates. Selected candidates will work with our Talent Acquisition team to ensure their application is processed.

The IESO will be transitioning to a 3-day in-office work week effective January 2026. Over the course of 2026, the IESO will advance plans to acquire additional office space to accommodate more in-office time. While the timeline for moving to a full 5-day in-office model has not yet been established, we are committed to keeping employees and candidates informed as plans progress and give them as much advance notice as possible to prepare for any changes.

We believe in opportunities for everyone.

At the IESO, we know that achieving great results depends on embracing diversity by attracting, developing, and retaining people from a wide variety of backgrounds. We do this by ensuring our recruitment and advancement policies are fair and equitable, and by creating an accessible and inclusive environment—one that values every team member’s unique skills and experiences and ensures they have the support they need to achieve their potential. If you require accommodation during the recruitment process, please let us know.

We’re proud to say we’ve been recognized as a supportive, inclusive employer.