cloud security engineer

Job Description

CLOUD SECURITY ENGINEER

WINNIPEG, MB

Manitoba Hydro is consistently recognized as one of Manitoba's Top Employers

Great Benefits

• Competitive salary and benefits package.
• Defined-benefit pension plan.
• Nine-day work cycle which normally results in every other Monday off, providing for a balanced approach to work, family life

and community.

• Flex-time and partially remote work schedule (providing the option to work remotely 3 days per 2 week period), depending on

nature of work, operational requirements and work location.

Manitoba Hydro is a leader among energy companies in North America, recognized for providing highly reliable service and

exceptional customer satisfaction. Join our team of Manitoba's best as we continue to build a company that supports innovation,

commitment, and customer service, while actively supporting a diverse, equitable and inclusive workplace.

Under the general direction of the Cyber Security Director (CISO) and reporting to the Enterprise Cyber Security Program

Department Manager and as a recognized expert on cloud security, ensure the security of MH cloud services and integration with on

premise environments through leading Enterprise Cyber Security Program's (ECSP) cloud priorities, cloud security strategy and

design architecture, cloud security assessments, and cloud security risk management.

Responsibilities:

• Lead the Enterprise Cyber Security Program's (ECSP) cloud priorities: Lead the development of policies, standards,

accountability structures, centralized services to support the implementation of Enterprise Cyber Security Program cloud

related priorities. Design mitigation plans and in collaboration with IT/OT areas create technical responses/guidelines to

support implementation of cloud security-related plans. Guide implementation of changes to meet the needs of a changing

environment (AI-cloud systems, major cloud-based projects such as SAP, AMI) including developing implementation plans for

new cloud technology or monitoring requirements.

• Lead cloud security strategy and design architecture: Create Manitoba Hydro's cloud security strategy and design

architecture including reference architecture and multi-cloud security. Design the cloud security control requirements and

multi-cloud security requirements to support the specialist in deploying the actual cloud security control. Be accountable for

accurate records and reporting. Support the design, project management and approach to cloud security tools. Select

appropriate cloud security tools (potentially more than one vendor) and manage contracts including performance,

negotiations, implementation schedule/planning (project management), participate in change management committees and

design and implement change management for IT and enterprise/corporation depending on impact. Manage schedule for

renewal and updates. Guide design, implementation and contract components including cyber schedule, RFP schedule

drafting and approving, provide guidance on tender evaluation, design appropriate integration with monitoring tools and set

reminders and follow through on conducting audits according to contacts and Manitoba Hydro's needs. Design cloud criteria to

be added to project management scope for projects.

• Lead cloud related security assessments: Provide expert level input to and support the execution of assessment activities

including maturity assessments, scenario assessments, penetration tests, threat risk assessments, enterprise technology

security assessments and other assessments as a means of determining current state and identifying opportunities for

improvement and enhancement. Develop cloud security assessment requirements, guidelines, practices, questionnaires and

potentially manage contract for security assessments of cloud systems. Design audit criteria, review cloud contracts to ensure

audit practices are followed, schedule audits, coordinate with contractors, engage in RFP for audit assessment and control

testing/pen testing, manage contracts including RFP review, payments, and project management of contracts.

• Lead cloud related cyber risk management: Lead the identification, assessment, tracking, and action initiation for

enterprise-wide cloud security related risks.

• Lead cloud related updates for Governing committees: Prepare and deliver cloud related ECSP metrics and status

updates.

• Keep abreast of cloud cybersecurity developments: Develop and maintain good working relationships with industry

MANITOBA HYDRO IS COMMITTED TO DIVERSITY AND EMPLOYMENT EQUITY

Reference Code: CO

contacts for the purpose of information exchange and to keep abreast of technology innovation and directions including

participation on committees. Develop and maintain good working relationships with contacts within D&T, Industrial Control

System teams, and interested parties throughout Manitoba Hydro including subsidiaries. Provide expert support for major

cloud-based systems such as SAP, AMI, etc.

• Support cyber security operations where required: Be point of contact for external cloud contract during and post incident

for forensic and contract support (including breach of contract, etc). Support cyber event incident response and recovery as

part of the Incident Response Team. In the event of a significant cyber security incident, you may be called to support

response activities at any time during a 24-hour period to assure Manitoba Hydro system security and reliability.

Qualifications:

• Graduate in Engineering from a university of recognized standing, plus a minimum of seven years related experience,

including two years related experience in network design related to Cyber Security, Operational Technology, or Information

Technology Infrastructure.

• Professional member in good standing with Engineers Geoscientists Manitoba (or willingness and ability to attain within a

specified amount of time).

• Has or be willing to obtain certification within 12 months: ISAACA CSX Cybersecurity Practitioner (CSX-P) or (ICS)2 Entry
• Level Cybersecurity certification; and maintain that certification in good standing. Professional certifications such as CCNA,

CISSP, CISM, CRISC, OSCP, CEH, CGIH, GPE, SANS, etc would be an asset.

• Technical system design and support experience with Information Technology and infrastructure components (firewalls,

routers, switches, NAT, etc).

• Possess an understanding of Cyber security concepts, controls, frameworks and standards including NIST and ISO.

Knowledge of ICS Cyber Security Risk Management and NERC Critical Information Protection (CIP) Standards, Programs

and Procedures, CIP infrastructure components and CIP cyber assets. Familiarity with compliance standards, evidence

requirements and understanding audits and assessments.

• Strong written and verbal communication skills with a demonstrated ability to communicate effectively, deliver reports,

recommendations, and presentations, and the ability to build and maintain harmonious working relationships with staff across

the enterprise at all levels.

Excellent organizational and interpersonal skills, including facilitation, and negotiation.

• Demonstrated creativity in resolving complex information technology issues, implementing new processes and products and

redesigning work processes.

• Demonstrated initiative, and ability to prioritize, and achieve results in a timely manner.
• Possess good analytical skills, be self-motivating, and possess mature judgment with the ability to make and implement sound

decisions.

• Possess a valid Province of Manitoba Driver's Licence.
• Must obtain and maintain a current Personnel Risk Assessment and a "Clear" security rating in accordance with Manitoba

Hydro policy P513.

• Must complete Manitoba Hydro Standards of Conduct training.
• Critical Infrastructure Protection (CIP) Training is required and must be completed prior to transfer date and renewed annually.

Salary Range

Starting salary will be commensurate with qualifications and experience. The range for the classification is $51.34-$70.34 Hourly,

$98,380.88-$134,784.78 Annually.

Apply Now

Visit to learn more about this position and to apply online.

The deadline for applications is NOVEMBER 18, 2025.

We thank you for your interest and will contact you if you are selected for an interview.

This document is available in accessible formats upon request. Please let us know if you require any accommodations

during the recruitment process.

IND1