Cybersecurity Analyst

**Cybersecurity Analyst**
**Location**: Calgary Head Office
**Job status**: Full Time Permanent
**Department**:Information Services

Is this position safety sensitive: No

At Gibson, we believe our competitive advantage lies in the strength and talents of our employees. That means connecting our employees to rewarding careers, building a high-performance culture where collaboration and creativity are rewarded, and providing real growth opportunities for employees to take on new challenges.

**The Role**
The Information Services Cybersecurity Analyst will be responsible for supporting the development and implementation of a comprehensive cybersecurity program for the enterprise. This includes conducting security assessments, managing cybersecurity-related regulatory compliance activities, developing and maintaining security policies and procedures, and coordinating security awareness initiatives such as phishing campaigns and training. The analyst will also support security projects including penetration testing, security architecture reviews, and the adoption of emerging technologies like AI tools and data protection solutions.

**What You Will Do**

The Information Services Cybersecurity Analyst will:

- Conduct security assessments including risk evaluations and regulatory compliance reviews to support the cybersecurity program.
- Develop, update, and enforce cybersecurity policies, standards, and procedures aligned with industry best practices.
- Lead and coordinate cybersecurity awareness efforts such as phishing simulations, quarterly training, and role-based education.
- Support third-party penetration testing engagements and track remediation progress.
- Participate in security architecture reviews to provide recommendations for secure design and implementation.
- Assist with the deployment and governance of emerging technologies, including AI tools (e.g., Microsoft Copilot, ChatGPT) and data protection solutions (e.g., Microsoft Purview, DLP).
- Track vulnerabilities and remediation activities, ensuring timely resolution in collaboration with IT and operational teams.
- Communicate cybersecurity concepts and risks effectively to technical and non-technical stakeholders.
- Performs other duties as assigned, adaptable to the evolving cybersecurity landscape.

**What You'll Bring to the Role**
- 5+ years of professional experience in cybersecurity or related IT fields, with demonstrated ability to conduct risk and security assessments and support compliance activities.
- Post-secondary degree/diploma in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. Equivalent professional experience will be considered.
- CISSP certification is required.
- Solid understanding of cybersecurity frameworks such as NIST CSF and familiarity with regulatory requirements in oil and gas or critical infrastructure sectors.
- Proven experience developing, implementing, and enforcing security policies, standards, and procedures.
- Proven experience managing or supporting security awareness programs, including phishing campaigns and role-based training.
- Strong background in vulnerability management, including identification, prioritization, and remediation tracking.
- Experience supporting or managing security projects such as third-party penetration testing and security architecture reviews.
- Practical knowledge or familiarity with emerging AI tools and data protection technologies is highly desirable.
- Self-driven, detail-oriented, and able to operate independently while collaborating across teams in a dynamic environment.
- Knowledge and understanding of Operational Technology.

**Preferred Skills & Abilities**
- Experience supporting or working with Microsoft Defender, Sentinel, and Palo Alto security technologies.
- Familiarity with security solutions such as firewalls, intrusion detection systems, antivirus software, encryption, and authentication protocols.
- Strong analytical and problem-solving skills, with a proven ability to address complex security challenges and implement effective solutions.
- Excellent verbal and written communication skills, capable of translating complex cybersecurity concepts for diverse audiences and collaborating effectively across teams

**Working Conditions**
- Availability for after-hours and On-Call work as needed and willingness to provide technical support back-up when required.
- Calgary Head Office based position with occasional field travel.

**Why You’ll Love Working at Gibson**

For over 70 years, Gibson has been defined by our people — those who seize opportunities and make exceptional customer service a part of everything we do. Working at Gibson is an opportunity to be part of a place where employees feel valued, supported and motivated to do their best work. Here’s what sets us apart:

- **
A competitive Total Rewards package** that truly values your contributions.
- ** Employer contributions to your DC Pension** because we believe i