IT Advisor

**A workplace powered by you**

At BC Hydro, we’re working towards creating a cleaner and more sustainable future for all British Columbians and need
people like you to help us. A career at BC Hydro is meaningful and provides you the opportunity to be part of a talented,
inclusive, and diverse team. We offer a healthy work-life balance, competitive wages, a comprehensive benefits package,
and training opportunities to support you in your career growth. We're proud to be ranked as one of B.C.'s Top Employers
and one of Canada's Best Diversity Employers.

**IT Advisor (Threat Intelligence Analyst)**

Number of positions: 1 Job Location: Dunsmuir 08

Employment type: Permanent Region: Lower Mainland

Hours of work: Full-time (37.5 hrs/wk) Flexible Work Role: Hybrid

Annual salary: $ 107,000.00 - 135,300.00

**What you'll do**
- As a member of the Threat & Vulnerability Management team, you will play a critical role in safeguarding the organization’s
digital infrastructure. While your primary focus will be on threat intelligence, the nature of our team requires a strong
understanding of vulnerability management as well. You will be responsible for identifying, analyzing, and disseminating
high-severity threat intelligence—particularly zero-day vulnerabilities under active exploitation and activity linked to high
- priority threat actors—to drive timely remediation efforts and inform the implementation or enhancement of security controls.

This is a dynamic, cross-functional role that requires collaboration with asset owners, technical teams, and leadership to
ensure a proactive and risk-informed cybersecurity posture.

Key Responsibilities

Threat Intelligence:

- Monitor and analyze threat intelligence sources to stay ahead of emerging threats.
- Disseminate critical and high-severity threat alerts, with a focus on zero-day vulnerabilities and activity from high-impact

threat actors.
- Track and assess threat actor campaigns and TTPs using structured frameworks to inform defensive strategies.
- term risk reduction planning.
- Maintain and evolve the organization’s threat profile, including threat actor tracking and sector-specific threat landscape

assessments.
- Collaborate with SOC, incident response, and vulnerability management teams to ensure threat intelligence is actionable

and operationalized.
- Provide context and enrichment to threat intelligence to sharpen its relevance to the organization.
- Support the development and maintenance of threat intelligence dashboards and reporting for both technical and

executive audiences.
- Contribute to the continuous improvement of intelligence validation, dissemination, and escalation processes.

Vulnerability Management:

- Identify and assess vulnerabilities across enterprise systems in both IT and OT environments.
- Oversee vulnerability scanning and ensure findings are shared with responsible teams.
- Prioritize remediation by correlating threat intelligence with internal vulnerability data.
- Collaborate with technical support teams for patching, while ensuring asset owners remain accountable.
- Track remediation efforts and support risk-based prioritization.
- Contribute to threat-informed patching strategies based on real-world exploitation trends.
- Enhance and maintain regular vulnerability management reports and dashboards for leadership, highlighting trends,

remediation status, and risk posture.
- Establish, document, and continuously improve vulnerability management processes, standards, and policies aligned with

industry best practices (e.g., NIST, NERC CIP, CIS).
- Evaluate vulnerabilities associated with third-party vendors and cloud services to manage external risks.

**What you bring**
- Minimum of 5 years of experience in cybersecurity, with a focus on threat intelligence analysis or related disciplines.
- Strong written and verbal communication skills, with the ability to clearly convey complex information to both technical and

non-technical audiences.
- Solid understanding of cyber threat intelligence frameworks and methodologies.
- Familiarity with the full spectrum of threat intelligence—tactical, operational, and strategic—and how each supports

different layers of defense and decision-making.
- Experience with vulnerability assessment, scanning, and management tools and processes.
- Experience using a threat intelligence platform to manage, enrich, and operationalize threat data.
- Experience creating and delivering hunt packages to support proactive threat detection and threat-informed defense.
- Experience with Operational Technology (OT), Industrial Control Systems (ICS), or operational processes, including

technologies such as SCADA, PLCs, or DCS in industrial or critical infrastructure environments.
- Proven ability to collaborate effectively across IT, security, and business unit teams in a cross-functional environment.
- Strong problem-solving and critical thinking skills, with a proactive and analytical mindset.
- Technical