Lead, Threat Detection and Response

Closing Date: February 28, 2025Position Status: VacantTeck is a leading Canadian resource company focused on responsibly providing the metals essential for global development and the energy transition while caring for the people, communities and land that we love.Teck's two regional business units, North America and Latin America, oversee Teck's assets through all phases of safe, sustainable development, operation and closure. The business units are supported by enterprise-wide functions that set strategic direction, establish standards and provide governance, as well as supporting the business through shared services, centers of excellence and business partnering.Reporting to the Manager, Cyber Threat Defence, the Lead, Threat Detection and Response is responsible for the end-to-end detection and response to security threats. This outstanding individual will lead a team of security experts, develop advanced detection and response strategies, and collaborate with various partners to improve our security posture! The focus will be on automating detection rules, threat seek missions, and incident response processes to ensure rapid and efficient handling of security incidents. This is a meaningful role in securing Teck and encouraging a culture of proactive security.Develop your career with one of Canada's Top 100 Employers and join our team!

Responsibilities

• Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
• Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st line of defense
• Develop and implement automated detection rules and processes in SIEM and other security tools
• Write and maintain detection scripts and rule sets in code (e.g., using Python, YARA, Sigma)
• Build and maintain automated incident response playbooks and workflows using SOAR platforms
• Integrate detection and incident response tools with other security platforms to enable seamless, automated threat identification and response
• Conduct regular testing and validation of automated detection and response processes
• Collaborate with the threat intelligence team to ensure detection and response rules are informed by the latest threat intelligence
• Apply machine learning and artificial intelligence to improve detection and response capabilities
• Provide leadership, mentorship, and support to the team on day-to-day operations and critical initiatives

Qualifications

• 10+ years of experience in cybersecurity, with a focus on threat detection and incident response
• Proven track record in managing and automating security operations and leading security teams
• Experience in designing and implementing automated detection and response strategies
• Experience in leading third-party security service providers
• Certified Information Systems Security Professional (CISSP) and Certified Information Security Manager (CISM) or equivalent
• Additional relevant certifications (e.g., CEH, GIAC, GCIH) are a plus
• Demonstrated Teck values by being responsible and courageous, respectful and inclusive, and humble and driven
• An awareness of and ability to increase maturity by building on context, handle risk by assessing trade-offs, standardize process, and to keep Teck safe by anticipating needs
• Solid understanding of security operations, including threat intelligence, threat detection, incident response, and offensive security
• Proficiency in multiple security incident and event management (SIEM) platforms
• Expertise in security orchestration and automated response (SOAR) platforms
• Strong coding and scripting skills in Python, PowerShell, or similar languages
• Experience with detection rule languages and frameworks (e.g., YARA, Sigma)
• Knowledge of security automation tools and platforms (e.g., SOAR, XDR)
• Understanding of APIs and integration techniques for security tools
• Demonstrated personal accountability, transparency and an overall growth mentality

Why Join Us?At Teck, we offer more than just a job – we provide a pathway to personal and professional enrichment. With captivating projects set against stunning backdrops, a culture of inclusivity and collaboration, and boundless opportunities to learn and grow, joining us means embracing a fulfilling and dynamic career adventure. Teck employees receive access to our total rewards program and comprehensive benefits package that promote physical, mental, financial, and emotional well-being. This includes but is not limited to:   • Annual Performance Bonus • Profit Share Plan • Health Spending Account • Personal Spending Account • Extended Health Care • Dental and Vision Care • Employer Paid Pension Plan • Life Insurance and Disability Coverage • Paid Sick Leave, Vacation and Holidays • Virtual Telemedicine and additional support for overall well-being • Employee and Family Assistance Program (EFAP)