Security Specialist

At Parkland, our purpose is to Power Journeys & Energize Communities. We are a prominent independent supplier and marketer of fuel and petroleum products and a leading convenience store operator. As One Parkland team, we proudly serve diverse retail, commercial and wholesale customers across Canada, the United States, the Caribbean region, and South America. We power a growing family of locally known brands including M&M Food Market, Fas Gas Plus, Pioneer, RaceTrac, Superpumper, Ultramar, Chevron, Esso, and ON the RUN.

We recognize that diversity gives us an edge and inclusion propels us forward. We’re also a passionate team of down-to-earth achievers, committed to getting our customers, colleagues and communities further, faster. As such, we welcome talented individuals that have a variety of perspectives, backgrounds, and industry experience who will contribute to the success of our One Parkland team.

**Position Title: Security Specialist**

**Team and Location: IT Security - Calgary, AB**

**Starting Minimum Salary from: AB - $ **85,000 /year**

**Position Summary**:
Provide critical intelligence advisories on strategic and operational cyber threats. Use expert skills to analyze and contextualize cyber threats techniques, tactics, and procedures. Analyze technical information and Indicators of Compromise (IOC) to develop actionable intelligence. Conduct all-source strategic research to identify, track, and predict cyber capabilities, intentions, and activities characterizing new, or emerging threats. Perform threat hunting analysis which include detecting, disrupting, and eradicating, of cyber threats within Parkland’s infrastructure. Collaborate with Infrastructure Security Operations and 3rd party SOC team on cyber security matters.

**Key Responsibilities**:

- Provide technical security inputs to the design and implementation of cyber security tools.
- Using available tools, perform threat hunting analysis within Parkland infrastructure to identify and remediate immediate/potential threats.
- Hypothesize, document and validate potential attack vectors to current Parkland Infrastructure.
- Organize and execute periodic 3rd party penetration testing across Parkland IT infrastructure.
- Execute internal development of penetration testing tools within Parkland.
- Use analytical results of research to develop complex threat models and assess the probability of the potential harm of attacks.
- Produce detailed intelligence related reports and presentations.
- Improve and maintain capabilities for detecting exploits, malicious payloads and other potential attack vectors using existing data sources.
- Identify opportunities for increasing the visibility of threats, specifically exploits, using new data sources.
- Maintain a detailed understanding of the inner functioning of relevant exploits through reverse engineering.
- Participate and provide technical cyber security inputs to the design and implementation of cyber security tools in alignment with the cyber security roadmap.
- Provide technical inputs to the development of the cyber security roadmap.
- Participate in review of new technology/initiative proposed by other internal business groups to ensure alignment with applicable Information Security policies and standards.
- Ability to brief complex technical analysis results to different audiences.
- Participate in cyber security incident investigations.
- Collaborate with Infrastructure Security Operations and 3rd party SOC on cyber security related matters.
- Provide support on cyber security inquiries.
- Perform assigned tasks from Supervisor.

**Qualifications and Skills**:

- Bachelor’s degree in computer science, Information Security or other related discipline and a minimum of 5 years’ experience in information security, cybersecurity and/or Security Operations
- Understanding of NIST Framework, OWASP & industry best practices
- Respond to security incidents as part of Incident Response and provide post-event in-depth analysis.
- Strong knowledge of and ability to support Endpoint Security tools
- Ability to analyze the vulnerabilities, identify gaps and recommend the remediation steps as per industry best practices and applicable security standards
- Good understanding on the network protocols, ports and ability to analyze network traffic
- Manage the daily security requests and tickets from business customers.
- Advocate and communicate in support of security culture and awareness initiatives.
- Engage in security projects and ensure the implementation of the technologies meets the security standards and requirements
- Evaluate existing security measures and recommend the implementation of improvements
- Strong problem-solving skills with the ability to assess issues within multiple technologies and be able to identify a solution that best fits business requirements
- Capability to manage multiple priorities across a number of assignments and prioritize effectively.

**We Offer**:

-