Cybersecurity Operations Analyst

Sterling Crane Canada

As a part of the global industrial organization Marmon Holdings—which is backed by Berkshire Hathaway—you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best.

We are seeking a hands-on Cybersecurity Operations Analyst to strengthen our day-to-day cybersecurity operations. This role focuses on Identity and Access Management (IAM), monitoring security systems, addressing threats proactively, and responding to security incidents across our operations in Canada, the US, and Australia.

**Location**:Edmonton, AB - Hybrid Role (Flexible onsite schedule).

**Working Hours**:8:00 AM - 5:00 PM MST, Monday to Friday (40 hours/week).

**Key Responsibilities**

Identity & Access Management (IAM)
- Enforce the least privilege and Zero Trust models for access control, including the implementation and monitoring of MFA.
- Conduct regular access reviews and ensure proper documentation and audit readiness.

Security Operations & Incident Response
- Oversee day-to-day security operations, including system monitoring, detection, triage, and response to security incidents.
- Maintain and improve incident response playbooks and ensure proper documentation of incidents and lessons learned.
- Coordinate with third-party SOC partners and vendors to address identified risks effectively.

Governance & Compliance Support
- Assist in maintaining supporting procedures, processes, standards, and guidelines aligned with Sterling Crane’s IT Policy Framework.
- Prepare access-related and operational evidence for security audits and compliance assessments (e.g., FTC, PCI).
- Support ongoing regulatory compliance efforts and provide documentation as needed for audits.

Documentation & Control Management
- Develop and maintain security documentation, including incident response playbooks, IAM procedures, and access control guidelines.
- Maintain audit-ready evidence for compliance activities (e.g., access review logs, incident reports, and control documents).
- Support the Sr. Manager in creating and updating policies, standards, and procedures as required.

Security Tools & Process Management
- Assist with vulnerability assessments, tracking remediation efforts, and collaborating with IT teams to resolve findings.
- Stay informed about emerging threats, vulnerabilities, and tools to help strengthen defenses.

Awareness & Collaboration
- Provide input for security awareness training campaigns and phishing simulations.
- Build collaborative relationships across IT and business units to integrate security practices into daily operations.
- Contribute to tracking and reporting on key security metrics (e.g., incident resolution time, access review completion rates) to support continuous improvement of security operations.

**Qualifications**
- Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
- Security certifications such as SSCP, CISSP, CISA, or other relevant designations are preferred.
- 5-7 years of IT experience with 2-3 years in hands-on security operations (IAM, incident response, vulnerability management).
- Experience managing IAM solutions (e.g., Okta, Azure AD, Microsoft Identity platforms).
- Working knowledge of Zero Trust security models, IAM, MFA, and network segmentation.
- Ability to balance multiple priorities in a fast-paced environment and meet critical deadlines.
- Strong analytical, problem-solving, and communication skills, with the ability to translate technical information for non-technical stakeholders.
- An equivalent combination of education and experience may be considered.

**Technical Expertise and Skills**:

- Demonstrate passion, interest, and understanding of trends and best practices in cyber security and related technologies.
- Demonstrable IT skills, including working with enterprise technology environments and modern platforms such as cloud service providers and security software such as: Artic Wolf, Blackpoint, Proofpoint, Abnormal Security, Qualys, SentinelOne, BitSight, and KnownB4.
- Proficiency in Zero Trust security models, IAM, MFA, and network segmentation.
- Excellent communication skills, including the ability to communicate effectively with external stakeholders and internal stakeholders at varying levels within the organization and to translate technical concepts for non-technical audiences.
- Strong attention to detail, with excellent organizational, time management, analytical, problem-solving, and critical thinking skills.
- The ability to multitask, take initiative, demonstrate flexibility to adapt to changing situations and priorities, and meet critical deadlines.

**IMPORTANT**:
**CLOSING DATE**:August 25th, 2025.

**Why Join Us?**

This position offers a unique opportunity to directly contrib