Senior Cybersecurity Analyst

The Alberta Electric System Operator (AESO) is responsible for the safe, reliable, and economic planning and operation of the Alberta Interconnected Electric System.

We provide open and non-discriminatory access to Alberta's interconnected power grid and also facilitate Alberta's competitive wholesale electricity market.

The AESO strives to foster an inclusive, diverse and equitable workplace where people feel respected and welcomed for who they are, together we deliver high performance and innovative results.

Job Description

We are looking for a Senior Cybersecurity Analyst to join our growing team. You will focus on the tactical and operational aspects of cybersecurity to ensure cybersecurity risks are mitigated and industry best practices are implemented and executed.

You will also develop security requirements and facilitate architectural development to support the Security & Governance Strategy.

Teamwork, collaboration, leadership, and mentorship are essential to succeed as you will be expected to assist with the development and maturity of the team and security program.

This full-time opportunity offers a competitive salary, and a variable pay program. We also have paid vacation and flex time, health and dental benefits, mental health support, a defined contribution pension plan, and learning and development opportunities as part of your overall compensation package.

We support a hybrid work environment, where the team is in the office on Tuesdays, Wednesdays, and Thursdays. Mondays and Fridays are flexible for where you work best.

Signs you will enjoy working in this team :

You thrive in a fast-paced and dynamic environment and are looking for an opportunity to embark on transformative industry change

You enjoy working in a team of bright professionals and participating in lively debates

You embrace change and flexibility, being able to pivot and adapt with ease

You like working in a diverse atmosphere - our team celebrates our colleagues' varied backgrounds, experiences, and perspectives

You have a curious mind and strong desire to continuously learn and take on new challenges

You have superior client service focus with strong experience engaging with stakeholders at both executive and business department levels

You are an excellent oral and written communicator, effectively translating highly technical information

You demonstrate an eye for detail and high organizational skills to meet tight deadlines within a complex and demanding organization

Accountabilities include :

Collaborate on day-to-day Cybersecurity Operations tasks including administration, configuration and management of security tools for the AESO (SIEM, Vulnerability Management, IDS / IPS etc.)

Lead security incident investigations and assist in the management and maturity of the Cyber Security Incident Response Plan (CSIRP)

Understand and interpret security-related laws and regulations (e.g., ARS CIP, NERC CIP), and voluntarily adopted standards (e.g., CSOX, ISO 27002)

Contribute to and produce evidence for ARS CIP

Coordinate analysis of security advisories and assess for impact to AESO

Conduct Security Impact Assessments, vulnerability assessments, and security reviews to provide security recommendations for IT projects in accordance with the Service Delivery Life Cycle (SDLC)

Provide technical expertise and recommendations (configuration, management, security risk, governance, technology implementation, etc.

while advising and consulting within the business on IT Projects

Consult and provide security subject matter expertise for AESO personnel and third parties

Participate in the development of content and delivery of the security awareness and training program

Respond to security audit action items that include providing supporting documentation to auditors, evaluating audit results for relevance / accuracy, and working with IT Infrastructure & Operations teams to develop and implement plan to remediate audit findings

Analyze enterprise business context (industry and market trends, threats, detect critical deficiencies, compliance frameworks, and business strategy) to derive the security architecture future state

Consult on application or infrastructure development projects to harmonize systems or infrastructure with the security architecture and identify when it is necessary to modify the security architecture to accommodate immediate or future project needs

Facilitate the research, evaluation and selection of hardware and software technology and product standards, as well as the design of standard configurations

Identify the organizational impact and financial impact of the enterprise security architecture.

Develop technical and architectural migration plans and recommend solutions to address the gaps between the current and future state, in alignment with IT budgets and capital projects.

Assist with designing the governance activities associated with ensuring compliance with the enterprise security architecture.

You have :

Completed CISSP / CISM or similar certification, or are working towards completion.

Post-secondary Certificate or Diploma in Information Technology, or equivalent.

GCIH, GMON, CISA, CRISC, or other security-related certifications would be an asset.

A minimum of 15 years' experience in an IT discipline, with a minimum of 10 years of cyber security experience.

Proficient with SIEM, network, endpoint, and other security-related tools.

Application deadline : October 19, 2023

If you are contacted for a pre-screening and / or interview, please advise of any accommodation measures required to enable you to fully participate.

Information received relating to accommodation measures will be addressed confidentially.

LI-Hybrid

The Alberta Electric System Operator is unable to accept unsolicited agency resumes.

The Alberta Electric System Operator, and its members, officers, employees and agents (collectively, the "AESO") is committed to protecting personal information provided to it.

By submitting your personal information to the AESO for the purpose of pursuing employment with the AESO, you hereby consent to the collection, use and disclosure of your personal information by the AESO, in accordance with the provisions of theFreedom of Information and Protection of Privacy Act of Alberta, as amended from time to time.