Cybersecurity Operations Analyst

Sterling Crane Canada

As a part of the global industrial organization Marmon Holdings—which is backed by Berkshire Hathaway—you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best.

At Marmon Crane Services we proudly operate a network of four industry-leading mobile crane service companies across Canada, the United States and Australia. From jobs in oil and gas, energy, mineral mining and civil infrastructure, our mission is to lift the weight off our customers’ shoulders safely. This shared purpose is realized through the dedication of approximately 1600 employees internationally. Within our collective team, you’ll be empowered to lift your career to new heights every day.

As a part of the global industrial organization Marmon Holdings, which is backed by Berkshire Hathaway - you'll be doing things that matter, leading at every level, and winning a better way. We're committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone's empowered to be their best. We're excited for you to join us at Marmon Crane Services

We are seeking a hands-on **Cybersecurity Operations Analyst** to strengthen our day-to-day cybersecurity operations. This role focuses on Identity and Access Management (IAM), monitoring security systems, addressing threats proactively, and responding to security incidents across our operations in Canada, the US, and Australia.

**Location**:Edmonton, AB - Hybrid Role (Flexible onsite schedule).

**Working Hours**:8:00 AM - 5:00 PM MST, Monday to Friday.

**Key Responsibilities**

Identity & Access Management (IAM)
- Enforce the least privilege and Zero Trust models for access control, including the implementation and monitoring of MFA.
- Conduct regular access reviews and ensure proper documentation and audit readiness.

Security Operations & Incident Response
- Oversee day-to-day security operations, including system monitoring, detection, triage, and response to security incidents.
- Maintain and improve incident response playbooks and ensure proper documentation of incidents and lessons learned.
- Coordinate with third-party SOC partners and vendors to address identified risks effectively.

Governance & Compliance Support
- Assist in maintaining supporting procedures, processes, standards, and guidelines aligned with Sterling Crane’s IT Policy Framework.
- Prepare access-related and operational evidence for security audits and compliance assessments (e.g., FTC, PCI).
- Support ongoing regulatory compliance efforts and provide documentation as needed for audits.

Documentation & Control Management
- Develop and maintain security documentation, including incident response playbooks, IAM procedures, and access control guidelines.
- Maintain audit-ready evidence for compliance activities (e.g., access review logs, incident reports, and control documents).
- Support the Sr. Manager in creating and updating policies, standards, and procedures as required.

Security Tools & Process Management
- Assist with vulnerability assessments, tracking remediation efforts, and collaborating with IT teams to resolve findings.
- Stay informed about emerging threats, vulnerabilities, and tools to help strengthen defenses.

Awareness & Collaboration
- Provide input for security awareness training campaigns and phishing simulations.
- Build collaborative relationships across IT and business units to integrate security practices into daily operations.
- Contribute to tracking and reporting on key security metrics (e.g., incident resolution time, access review completion rates) to support continuous improvement of security operations.

**Qualifications**
- Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
- Security certifications such as SSCP, CISSP, CISA, or other relevant designations are preferred.
- 5-7 years of IT experience with 2-3 years in hands-on security operations (IAM, incident response, vulnerability management).
- Experience managing IAM solutions (e.g., Okta, Azure AD, Microsoft Identity platforms).
- Working knowledge of Zero Trust security models, IAM, MFA, and network segmentation.
- Ability to balance multiple priorities in a fast-paced environment and meet critical deadlines.
- Strong analytical, problem-solving, and communication skills, with the ability to translate technical information for non-technical stakeholders.
- An equivalent combination of education and experience may be considered.

**Technical Expertise and Skills**:

- Demonstrate passion, interest, and understanding of trends and best practices in cyber security and related technologies.
- Demonstrable IT skills, including working with enterprise technology env