Specialist, Cyber Security

Description

Highlights of the job

We are hiring up to two (2) full-time, permanent Specialist, Cyber Security positions working out of Edmonton, AB.

The Specialist, Cyber Securityis accountable for performing advisory services and operational support of processes and safeguards that manage risk to Information and Technology.

This includes consulting with internal clients to define, implement, monitor and respond to safeguards and security events and providing oversight for key security processes.

The Specialist, Cyber Security is accountable to the Manager, Security Operations.

This position is eligible for EPCOR’s Remote Work Program.

What you’d be responsible for

• Analyzing and managing potential IS security incidents.
• Monitoring security safeguards, events, and policy compliance in the Cloud and on premise, making timely corrective action to resolve issues, and escalating complex concerns to the Operations Security Manager.
• Performing risk assessments, and preparing recommendations to mitigate the risks.
• Providing subject matter expertise in Cloud and on premise security controls, principals, and best practices.
• Identifying abnormalities and performing threat-hunting on potential IS Security Incidents.
• Maintaining availability levels of security applications; ensuring on-time, on-budget delivery of security initiatives;

meeting service level expectations for event response and currency of the security application suite.

• Consulting with clients and reviewing processes to improve security safeguards and controls.
• Developing and implementing playbooks, security standards, processes, and procedures.
• Maintaining situational awareness regarding threats to EPCOR Utilities Inc. Information and Technology, and keeping up to date with trends in Cybersecurity.
• Managing and conducting Employee Cybersecurity Awareness Training Program.

What’s required to be successful

• A University Degree or Technical Diploma in the fields of Computing Science or Computer Systems Technology, or equivalent combination of experience and training in a related field is required.
• 5+ years of directly related experience.
• Currently possessing or pursuing an accredited Information Security Certification such as the ISC² CISSP or SSCP; ISACA’s CISM or CISA;

or the SANS GIAC; or equivalent.

• Understanding of Security Management frameworks (ISO 27001 and 27002, NIST and Cobit) and related regulatory requirements (Bill 198 and AESO CIP).
• Understanding of MITRE ATT&CK Framework, Cyber Kill Chain analysis, and / or other useful threat analysis models.
• Understanding of computing infrastructure, communications, information, operational processes, and safeguards.
• Understanding of Linux and Windows operating systems and Networking protocols and technologies.
• Strong understanding of vulnerability management methodologies.
• Experience working with IS Operations Security Tools. (e.g. Security Information Event Management and Intrusion Prevention Systems.)
• Experience with and in-depth security knowledge of a hybrid Cloud environment.
• Experience with building detection and correlation rules to enhance monitoring and alerting.
• Experience with scripting (Python, bash, PowerShell, ruby) and Security Orchestration and Automation to increase efficiencies.
• Experience in performing penetration testing for on premise and cloud systems to identify and detect possible weaknesses and risks and provide analysis and recommendation for remediation and mitigation.
• Ability to recognize security risks and impacts; prepare risk assessments, information security reviews and penetration tests (Cloud and on premise systems) and develop security infrastructure design, cost, and risk appropriate security safeguard recommendations.
• Ability to identify and research emerging threats, TTP, and provide countermeasures and actionable threat intelligence.
• Ability to handle incidents and remediation support.
• Power BI knowledge is considered an asset.

Other important facts about this job

Jurisdiction : PROF

Hours of work : 40 hours per week

Application deadline : July 13, 2023