Cyber Security Advisor

If you are committed to public service, enjoy collaborating with others, share our values and have a desire to learn and grow, join The City of Calgary. City employees deliver the services, run the programs and operate the facilities which make a difference in our community. We support work-life balance, promote physical and psychological safety, and offer competitive wages, pensions, and benefits. Together we make Calgary a great place to make a living, a great place to make a life.
The City is committed to fostering a respectful, inclusive and equitable workplace which is representative of the community we serve. We welcome those who have demonstrated a commitment to upholding the values of equity, diversity, inclusion, anti-racism and reconciliation. Applications are encouraged from members of groups that are historically disadvantaged and underrepresented. Accommodations are available during the hiring process, upon request.

As a Cyber Security Advisor, you will support the strategic and tactical objectives of the Cyber Security Incident Response Team. Following NIST 800-61r2 and the Incident Command System (ICS) framework, you will assist in containment, mitigation, recovery, and full lifecycle documentation of cyber incidents after they have been identified and escalated. You will analyze root causes and provide recommendations to mitigate risks and prevent recurrence across corporate systems and data. The role requires close collaboration with business areas, IT, and legal, along with strong documentation and report writing skills to support investigations, compliance, and continuous improvement. Primary duties include:

- Provide leadership during information incident handling and analysis.
- Develop and maintain incident response standards, playbooks, processes and procedures as well as other documentation to assist in security investigations, exercises, and tests.
- Facilitate Executive and Technical Tabletop exercises with partnering Business Units building awareness.
- Perform forensic activities, eDiscovery and data collection activities in support of investigations.
- Provide guidance and training to data owners on managing access to information under their stewardship, ensuring appropriate security controls are applied to safeguard sensitive data.
- Lead in the collection and analysis of relevant data associated with Freedom of Information and Protection of Privacy (FOIP), legal discovery requests and sanctioned Corporate Security Investigations.
- Maintain awareness of current cyber security tools, threats, and techniques to advise Business Units appropriately.
- Assist in Incident Response metrics, performance, and reports.

**Qualifications**
- A completed 2 year Technology Diploma and at least 8 years of Information Security experience, OR
- A degree in Information Technology, Computer Science or related discipline and at least 4 years of Information Security or related experience.
- Equivalent combinations of experience and education may be considered.
- A recognized Security certification such as a Certified Information Systems Security Professional (CISSP) is preferred.
- Knowledge of security operations and incident response, including the ability to identify, investigate and respond to security incidents.
- An understanding of electronic data investigation, forensic tools, methodologies and best practices.
- Security incident response experience including forensic and root cause analysis, as well as experience performing security/threat reviews of network environments will be considered an asset.
- Knowledge of common cybersecurity frameworks such as NIST Cybersecurity Framework and the ability to use these to guide security efforts will be an asset.
- Familiarity with Roles Based Access (for example: Varonis) will be an asset.
- Knowledge of relevant laws, regulations and industry standards and the ability to ensure compliance will be an asset.
- Previous project management experience will also be considered an asset.
- You have well-developed communication skills, good organization and planning skills, are highly motivated with the ability to self-start, prioritize, multitask and work in a team setting.

**Pre-employment Requirements**
- A security clearance will be conducted.
- Successful applicants must provide proof of qualifications.

**Note**:Please note all exempt positions at The City are undergoing a compensation review. This means the union jurisdiction and/or salary range listed here may change. Tell me more.Union: Exempt
Business Unit: Corporate Security

Position Type: 1 Permanent
Location: 323 7 Avenue SE

Compensation: Level E $85,135 - 128,548 per annum
Days of Work: This position works a 5 day
- work week earning 1 day off in a 3 week cycle.
- Hours of work: Standard 35 hour work week

Audience: Internal/External
-

Job ID #: 311969