Contract: Security Analyst (Cybersecurity) / Canada

The client, a large Oil & Gas midstream company, is currently seeking a Security Analyst (Cybersecurity), based out of Calgary AB. This is a long term one year contract with potential for extension, lasting until December 31, 2022.

Description:

Our Cybersecurity Office (CSO) Governance, Risk and Compliance (GRC) team is evolving to meet the needs of our growing business and we are expanding our presence in Calgary, Alberta to support the Information Services department. We are seeking an energetic Cybersecurity Compliance Specialist who is looking to build their knowledge and experience in the areas of cybersecurity. You will be accountable for enabling compliance to TC Energy policies & standards, performing compliance assessments, and preparing compliance reporting.

In collaboration with other security team members, and other IS and business teams, the specialist will support the complete lifecycle of cybersecurity compliance assessments for corporate and ICS environments. Further, the specialist will identify current/emerging security risks based on the output of the assessments.

What you’ll do:

• Perform assessments and report on cybersecurity compliance across TC Energy
• Conduct internal Cybersecurity audits
• Participate in Cybersecurity Compliance attestations
• Drive automation of security controls with a focus on continuous monitoring
• Develop scripts to automate manual tasks and processes within the Cybersecurity Office
• Develop PowerBI and ServiceNow dashboards leveraging available data sources
• Develop ServiceNow GRC Compliance features, such as integration with Governance and Risk areas and management of Non-Conformances
• Support Cybersecurity Improvement Program project teams • Conduct Cybersecurity Vulnerability Management scanning with Rapid7 InsightVM
• Support operational activities for cloud security using AWS Security Hub
• Conduct research to maintain and expand knowledge on the latest cybersecurity controls and standards, as well as the threat and vulnerability landscape
• Collaborate with CSO GRC Manager, CSO GRC Compliance Lead, Cybersecurity Office team members, IS teams, business units and other stakeholders on areas related to cybersecurity governance, risk and compliance
• Other tasks as required

Minimum Qualifications:

• Bachelor’s degree in Computer Science, Information Security, Computer Engineering or a technical diploma in a related discipline is a requirement •
• A minimum of four or more (5+) years of Cybersecurity or related IT analytical experience is a requirement
• Demonstrated understanding of business processes, risk management, cybersecurity controls and related standards
• Familiar with TCP/IP, WAN/LAN concepts, operating systems, and firewall security policies

Preferred Qualifications:

• University degree in a related discipline
• 5 Years’ experience
• Experience and understanding of cyber regulatory standards and requirements
• Demonstrated ability creating and updating security controls for compliance requirements
• Experience with scripting languages using Powershell and batch files
• Experience managing a Governance, Risk and Compliance (GRC) tool • ICS/SCADA experience would be an asset
• Knowledge of business intelligence tools (Power BI, Tableau) for creating dashboards for reporting
• Ability to present ideas and results to technical and non-technical audiences in both verbal and written communications
• Highly self-motivated and directed
• Well-developed organizational and multi-tasking skills are important for success in this role