Cyber Security Operations Lead

Press Tab to Move to Skip to Content LinkSelect how often (in days) to receive an alert:Alberta Innovates is seeking a hands-on Cybersecurity professional who will provide day-to-day technical expertise, support and oversight for cybersecurity operations across Alberta Innovates and its subsidiaries, InnoTech Alberta and C-FER Technologies. This role is not purely supervisory. The successful candidate will be deeply involved in daily cybersecurity operations and directly contributing technical expertise while coordinating efforts across the organization.As a senior-level technical role, the Cybersecurity Operations Lead is expected to actively perform cybersecurity activities, including:Overseeing managed security service providers (MSSP)Leading and personally participating in threat detection and incident responseOptimizing and configuring security tools and operational metrics and reportEnsuring compliance with policies and risk mitigation controlsMentoring and guiding cybersecurity analysts,Driving cyber education and awareness across the organization.The IT Operations team includes IT Infrastructure and End User Computing (covering infrastructure, networks, managed services, end-user support, and cloud services), as well as the Cybersecurity team. To be successful, the Cybersecurity Operations Lead will actively engage in daily cybersecurity operations and collaborate closely with IT Operations (including solution architects, technical analysts, and managed services personnel), application analysts, business analysts and IT project managers to deliver secure IT services, applications, and technologies.This full-time permanent role will be based in our Edmonton Research & Development Park office. The successful candidate can look forward to a competitive pay package, generous employment benefits, attractive pension plan, and opportunity to work within a great team environment. There is also a potential to work hybrid, but the candidate must be based in Edmonton, Alberta.We are game changersAlberta Innovates is a provincially funded corporation with a mandate to deliver 21st-century solutions for the most compelling challenges facing Albertans. We do this by building on our province’s research and technology development strengths in the core sectors of health, environment, energy, food and fibre, and platforms such as artificial intelligence, nanotechnology, and omics. We are working with our partners to diversify Alberta’s economy, improve our environmental performance and enhance the well-being of Albertans through research and innovation.Our subsidiary, InnoTech Alberta, offers a diversified range of scientific engineering and technological research and testing capabilities, and the facilities to support technology scale-up. Our multidisciplinary team has the depth of experience to work across all sectors, from energy to health to food and fibre. InnoTech Alberta offers you access to research talent, technical expertise, and unique facilities that can help accelerate technology development that serves both the private and public sector.Here's some more information about the position:The responsibilities of this role include, but are not limited to the following:Security Operations and Incident Response:Monitor and analyze security events to identify potential threats or vulnerabilities.Lead incident response efforts, including investigation, containment, and recovery.Provide technical analysis during incident triage and deep-dive investigations.Integrate SOAR capabilities for automated responses.Collaborate with MSSP for automated detection and initial triage.Vulnerability & PatchingLead technical scanning and in-depth vulnerability analysis.Validate patch remediation effectiveness and system stability.Collaborate with MSSP for routine alerts and technical assessments.Implement and maintain security monitoring tools and technologies.Monitor and analyze security events to identify potential threats or vulnerabilities.Security Assessments (sTRA and SOAR)Lead technical security assessments and identify areas for improvement.Configure and integrate SOAR platforms for automated incident response.Collaborate with MSSP for automated responses and regular assessments.Conduct regular security assessments and penetration tests.Lead proactive threat hunting and analyze indicators of compromise (IoCs).Aggregate and analyze technical threat intelligence feeds.Collaborate with MSSP on automated detection and SOAR integration.Develop and enforce security policies, standards and procedures.Cybersecurity Leadership:Provide a clear strategic vision for the cybersecurity team, aligning it with organizational goals.Hands-on direction in day-to-day cybersecurity activities, prioritizing tasks effectively.Assist in the recruitment and development of cybersecurity professionalsSet clear expectations and goals, provide feedback, and recognize achievements while addressing performance issues promptly.Build relationships with stakeholders, facilitating collaboration and alignment with organizational objectives.Develop annual training plans to encourage a continuous learning mindset that aligns with the changing cybersecurity needs of the organization and supports staff’s personal growth and career development.Provide coaching, mentorship, and professional development opportunities to team members.Foster a collaborative and inclusive team culture that encourages innovation and continuous improvement.Conduct regular performance evaluations and provide constructive feedback to team membersNetwork and Endpoint Security:Deploy and manage endpoint protection solutions (antivirus, endpoint detection and response, etc.).Lead managed services vendors to implement and enforce endpoint security policies, including device encryption and access controls.Collaborate with MSSP for automated reviews and updates to firewall rules.Conduct regular endpoint vulnerability scans and remediation efforts.Monitor network traffic and respond to endpoint security alerts and incidents for signs of unauthorized access or malicious activity.Collaborate with IT support teams to address endpoint security issues.Stay up to date on endpoint security trends and technologies.Collaborate with solution architects and network operations teams to ensure appropriate security architecture is implemented (ex. Zero Trust).Conduct regular network vulnerability assessments and patch management.Evaluate technical firewall configurations based on threat intelligence.Support SOAR integration for adaptive rule adjustments.Respond to network security incidents in a timely manner.Collaborate with network operations teams to ensure security best practices are followed.Stay informed about emerging threats and vulnerabilities in network security.Identity and Access Management:Develop and maintain IAM policies and procedures.Manage user access rights and permissions across systems and applications.Ensure compliance with relevant regulations and standards.Conduct risk assessments and develop risk mitigation strategies.Maintain a risk register to track identified risks and mitigation efforts.Provide guidance on security policy interpretation and implementation.Conduct regular access reviews and audits to ensure compliance.Security Architecture and Strategy :Design and implement secure architecture for systems and applications.Evaluate and select security technologies and solutions.Develop and maintain the organization's cybersecurity strategy and roadmap.Establish governance processes to ensure alignment with business objectives.Lead cybersecurity governance committees and working groups.Conduct security reviews and assessments of new technologies and projects.Stay current on security architecture trends and emerging technologies.Develop and implement cybersecurity Policies, Standards and Procedures.Security Awareness, Training, and Disaster Recovery:Develop and deliver security awareness programs for employees.Create training materials and resources on cybersecurity best practices.Conduct phishing simulations and other security awareness exercises.Provide guidance and support to employees on security-related inquiries.Support disaster recovery efforts to ensure business continuity in case of security incidents or disasters.Maintain and update the organization's disaster recovery plans and procedures.Collaborate with Human Resources and other relevant stakeholders to integrate security into onboarding processes.Education and qualifications we are looking for:Diploma or Degree from a reputable post-secondary institution in computer science, computer systems technology, Information technology, related discipline or equivalent work experiencePreferably with the following certifications:Cybersecurity certification like Certified Information Systems Security Professional (CISSP); Certified Ethical Hacker (CEH); or CompTIA Security+CISM (Certified Information Security Manager)GIAC Cyber Security CertificationsCertification in ITIL and/or COBIT Frameworks8+ years of combined experience in cyber security, information systems, IT Infrastructure, Network Operations, or IT architecture.5+ years of progressive experience in a cybersecurity role in an IT enterprise setting, preferably with previous experience in IT leadership position.Expert level experience with XDR/MDR Tools (Sentinel One, Microsoft Defender, etc.)Experience with cloud-based services, technologies, and platforms.Broad knowledge of IT architecture systems, tools and methods.Experience working in a professional Microsoft environment (Windows, M365, Azure, etc.).Why Alberta Innovates?We offer our employees opportunities to work on projects that will expand their skill sets while witnessing the visible impacts of their efforts. We value the development of our employees and create opportunities for working in capacities that allow new skills to be learned. We know that the wellness of our team is the most important part of our business, so we offer a strong benefits package and generous vacation and paid time off programs to promote work-life balance.At Alberta Innovates, we respect diversity and embrace an inclusive culture. We value uniqueness and different perspectives as they play a critical role in our success. To achieve this, individuals are selected based on qualifications, merit, and abilities and we encourage applications from all backgrounds to apply.The final candidate will be required to provide credible references and undergo a security clearance. Because we intend to fill this role as soon as possible, this competition closes as soon a suitable candidate is found. Qualified and interested candidates are therefore encouraged to apply immediately.ALBERTA INNOVATES IS COMMITTED TO THE PRINCIPLE OF EQUITY IN EMPLOYMENT AND ENCOURAGES APPLICATIONS FROM ALL QUALIFIED INDIVIDUALS. WE WISH TO THANK ALL APPLICANTS FOR THEIR INTEREST. HOWEVER, ONLY THOSE INVITED FOR AN INTERVIEW WILL BE CONTACTED. #J-18808-Ljbffr