Cybersecurity Consultant

Arup View all jobs

  • Toronto, ON
  • Permanent
  • Full-time
  • 1 month ago
Joining ArupArup's purpose, shared values, and collaborative approach has set us apart for over 75 years, guiding how we shape a better world.We are hiring a Cybersecurity Consultant (G4) to support a portfolio of major rail, transit, and critical infrastructure programs. This role is OT/ICS-forward and will work across delivery and pursuits, helping teams assess cyber risk, translate requirements into pragmatic controls, and support implementation planning across operational environments.Consulting experience (or strong consulting-style delivery) is a strong asset.This job posting represents an active vacancy within our organization and is open for immediate recruitment.The opportunity
  • OT/ICS cybersecurity delivery
  • Support cybersecurity assessments for Operational Technology (OT) environments (e.g., SCADA, PLC/DCS, wayside systems, tunnel systems, power/traction power, facilities/industrial controls, communications networks supporting operations).
  • Contribute to OT security architecture and requirements baselining aligned to applicable standards (e.g., IEC 62443, ISO 27001, NIST guidance as applicable).
  • Perform asset and data-flow discovery support, basic threat modeling, and segmentation / zoning-conduit analysis under senior guidance.
  • Help develop security deliverables such as:
  • Cybersecurity requirements registers / traceability matrices
  • High-level security architecture diagrams (IT/OT boundaries, zones, remote access)
  • Risk registers and treatment plans
  • Security validation approaches (e.g., FAT/SAT cyber considerations, supplier assurance)
  • Policies/procedures (remote access, patching, removable media, logging/monitoring)
  • Consulting-style engagement support (plus)
  • Participate in workshops and stakeholder interviews; capture decisions and translate them into clear, client-ready outputs.
  • Contribute to presentations, memos, and reports with strong structure, visuals, and executive-ready wording.
  • Support proposals/pursuits: scope drafting, assumptions, fee build-ups, and risk/mitigation inputs.
  • Governance, assurance, and third-party/supplier assurance
  • Support vendor/security documentation reviews (OT supplier security posture, system integrator materials, design packages).
  • Help translate contractual, design, and governance obligations into actionable cyber requirements for delivery teams.
  • Assist with assurance planning and evidence collection approaches for audits/independent reviews (as required by program governance).
  • Collaboration & ways of working
  • Work closely with cyber leads, systems engineering, OT SMEs, IT teams, and physical security counterparts to ensure unified security outcomes.
  • Maintain strong documentation hygiene: version control, traceability, and clear decision logs.
At Arup, you belong to an extraordinary collective - in which we encourage individuality to thrive. Our strength comes from how we respect, share and connect our diverse experiences, perspectives and ideas.You will have the opportunity to do socially useful work that has meaning - to Arup, to your career, to our members and to the clients and communities we serve.Is this role right for you?Required
  • 2-5 years in cybersecurity, with demonstrated exposure to OT/ICS environments (rail/transit, utilities, manufacturing, energy, or similar critical infrastructure).
  • Practical knowledge of OT concepts: SCADA/ICS components, Purdue model, segmentation, remote access, industrial protocols (high level), and operational constraints (availability, safety, maintainability).
  • Experience producing structured cybersecurity deliverables (risk registers, requirements, assessments, architecture diagrams).
  • Strong written and verbal communication; able to turn ambiguity into clear, professional outputs.
  • Ability to operate in a multi-project consulting environment (prioritization, time management, stakeholder communication).
Strong assets
  • Familiarity with rail/transit programs and system delivery lifecycle (requirements, design, implementation, testing/commissioning).
  • Working knowledge of IEC 62443 (zones/conduits, foundational requirements), ISO 27001, NIST CSF/800-82, and/or relevant Canadian frameworks.
  • Exposure to OT-relevant security practices (logging/monitoring patterns, secure remote access, vulnerability management constraints).
  • Relevant certifications (one or more): GICSP, GRID, CISSP/SSCP, Security+, ISA/IEC 62443 training, Azure/AWS security fundamentals.
What success looks like (first 90-180 days)
  • Ramp up on major programs and produce high-quality deliverables with minimal rework.
  • Build repeatable templates (requirements register, risk register, workshop notes, architecture visuals) to accelerate delivery.
  • Demonstrate sound OT judgement: pragmatic, operations-aware recommendations (not IT-only thinking).
  • Support at least one security workshop end-to-end (planning, facilitation support, outputs).
Please note that all applicants must apply directly via the job portal. If this role is not quite what you are looking for but you are interested in other opportunities for a future with purpose, please sign up to our Talent Community where you will be kept up to date with roles suitable for you to shape a better world.What we offer youAt Arup, we care about each member's success, so we can grow together.Guided by our values, we provide an attractive total reward package that recognizes the contribution of each of our members to our shared success. As well as competitive, fair and equitable pay, we offer a career in which all of our members can belong, grow and thrive - through benefits that support health and wellbeing, a wide range of learning opportunities and many possibilities to have an impact through the work they do.We are owned in trust on behalf of our members, giving us the freedom, with personal responsibility, to set our own direction and choose work that aligns with our purpose and adds to Arup's legacy. Our members collaborate on ambitious projects to deliver remarkable outcomes for our clients and communities. Profit Share is a key part of our reward, enabling members to share in the results of our collective efforts.Benefits at Work - At Arup, we have a comprehensive and valuable benefits program that works for our employees and their families. These are 100% paid for by Arup except for optional life insurance. These benefits provide health and welfare security for you as well as paid time off for rest and renewal. Our Global Profit Share Plan (paid bi-annually) provides an opportunity for you to share in the success of the Firm. As a valued employee of Arup, you can also choose to participate in our GRRSP 5% company match to help you save for your future.Flexible Working - We believe that flexible arrangements create a more inclusive way of working that supports our diversity and the wellbeing of our people. Options for alternative schedules and the ability to work outside of the office for a portion of your workweek are available.Toronto Hiring Range - Hiring Range - The good faith base salary hiring range for this job if performed in Toronto is 95,000 to 105,000 per year/hour/month. This range is commensurate with experience, educational background, and skill level. Benefits are not included in the base salary. Please note hiring ranges for candidates performing work outside of Toronto will differ.Different people, shared valuesArup is an equal opportunity employer that actively promotes and nurtures a diverse and inclusive workforce. We welcome applications from individuals of all backgrounds, regardless of age (within legal limits), gender identity or expression, marital status, disability, neurotype or mental health, race or ethnicity, faith or belief, sexual orientation, socioeconomic background, and whether you're pregnant or on family leave. We are an open environment that embraces diverse experiences, perspectives, and ideas - this drives our excellence.Guided by our values and alignment with the UN Sustainable Development Goals, we create and contribute to equitable spaces and systems, while cultivating a sense of belonging for all. Our internal employee networks support our inclusive culture: from race, ethnicity and cross-cultural working to gender equity and LGBTQ+ and disability inclusion - we aim to create a space for you to express yourself and make a positive difference. Discover more about life at Arup at www.arup.com/careers/your-life-at-arup.Our Toronto office is located on ceded and unceded lands of many nations including the Mississaugas of the Credit, the Anishinabewaki, and the Haudenosaunee (hoe-dee-no-SHOW-nee). We acknowledge this land and its people to build a shared understanding of how our collective past brings us to where we are today. Through our ever-developing commitments, we strive to strengthen our relationships with this land, its people, and its treaties to shape a better, more inclusive world.Our Application ProcessWe will be reviewing our candidates for this position on a rolling basis. Once you have applied you will be evaluated and potentially moved on to the next round, at which point a member of the talent resourcing team will reach out to you directly.Arup is an equal opportunity employer and will consider applications from all qualified individuals. Every job applicant will be treated equally, fairly and with respect regarding race, color, ancestry, sex, gender identity or expression, sexual orientation, pregnancy, civil status, age (except as provided by law), creed/religion, political convictions, language, ethnic or national origin, disability/handicap, pardoned record of offences, social condition (marital or family status, receipt of social assistance), and any other ground protected by the applicable human rights legislation.Stay safe online. Recruitment fraud is on the rise, and Arup's name, logo, and branding have been used in fraudulent job advertisements. Arup will never ask for bank information as part of our recruitment process.#LI-AJ1

Arup