Cyber Security Analyst

Meet Vermilion

We responsibly produce essential energy to support local and global needs while delivering long-term value to our people, shareholders, customers, partners and communities. Our people are fundamental to our success.  As a global organization, Excellence, Trust, Respect and Responsibility are at the core of our vision and central to how we do business. Together, these core values create the foundation for our strong and collaborative culture.  

We prioritize health and safety, the environment, and profitability, in that order. Nothing is more important to us than the safety of the public and those who work with us, and the protection of our natural surroundings.

The Opportunity

Are you an experienced information technology security professional? Do you have a passion for driving continuous improvements and enhancing security posture to reduce the risk of cyber security threats? We are #hiring a Senior Cyber Security Analyst for our Calgary head office. If you are proficient with Palo Alto networks, firewalls, forensic tools and procedures, and threat intelligence frameworks, we want to hear from you!  

This is a critical role responsible for leading incident response for escalated, major, and complex incidents. Reporting to the Director, Information Technology & Information Services, this role requires expertise in analyzing complex security incidents, managing escalations from third party MxDR Analysts, performing digital forensics on compromised systems, conducting threat hunts and implementing advanced security measures. You will ensure that security events are effectively detected, investigated, and mitigated. You will join a team that values its people and provides work with purpose.

What you will do

• Continuously monitor security alerts and events from various sources, including SIEM, intrusion detection / prevention systems, firewalls, endpoint protection, and other security tools

• Analyze and assess potential threats, vulnerabilities, and risks to our global information systems; document notable threats and facilitate IOC sharing within the IT Infrastructure team

• Investigate and respond to security incidents, including escalations from security partners

• Proactively search for signs of malicious activity or potential threats within the network; perform threat hunting activities during incidents and for published IOC’s or threat notices

• Perform digital forensics on compromised systems, analyzing artifacts, logs, and data remnants to determine the nature and impact of potential security breaches

• Develop and fine-tune detection rules and signatures to improve the accuracy and effectiveness of security monitoring tools

• Maintain security platforms, ensuring they are tuned and configured correctly; review and perform false positive tuning and implement IOC blocking on security platforms

• Document and report on security incidents and prepare meaningful management level security metric reports, including establishing trend metrics that contribute to continuous improvements to our defense posture

• Apply your in-depth knowledge, skills, and practices to correlate events and communicate findings to stakeholders

• Monitor industry, governmental, and vendor notices of potential vulnerability / zero data events and evaluate each for applicability and severity to Vermilion

• Promote and develop cloud security best practices as new technologies are deployed

• Actively remain updated with the latest security trends, advancements, vulnerability tracking and attacker tactics and procedures, including regulatory security requirements across our global operations 

What you will bring

• A Bachelor’s degree in Cyber Security, Information Technology, a related discipline, or equivalent work experience

• 10 years’ of experience in Information Technology Security

• Strong experience with and knowledge of the Microsoft suite of security tools, including Sentinel

• Proficiency with Palo Alto Networks firewalls and associated technology

• Proficiency with forensic tools and procedures, and threat intelligence frameworks and tools

• Solid understanding of networking, operating systems, and security principles

• Experience with incident detection, escalation and response

• Energy operational technology (OT), ICS and SCADA cyber security experience is an asset

• The following certifications would be considered an asset: CISSP, Certified Ethical Hacker, Certified Hacking Forensic Investigator, Certified Computer Forensics Examiner or GIAC Certified Forensic Examiner, Microsoft security certifications such as Cybersecurity Architect and Azure Security Engineer, GIAC Security Expert, GIAC Certified Incident Handler, GIAC Cyber Threat Intelligence 

Other Key Details

• The successful candidate will be required to undergo a criminal record check

What we offer

• Hybrid work environment supporting work-life balance

• Industry-competitive time off including vacation, flex days and office closures such as Friday afternoons during the summer

• Casual yet professional office environment with a relaxed dress code

• Opportunities to connect with others, including weekly company-provided breakfast

• Competitive short-term and long-term incentive programs aimed to recognize and reward

• Top-tier benefits program, including a generous flexible health spending account and savings plan program

• Onsite childcare available (fee-based)

• Company-sponsored volunteer opportunities and volunteer grants

Why you’ll love working with us

• We care for each other, the environment and the company, and aim to enrich the communities in which we live and work

• We are recognized by Great Place to Work Institute® as a Best Workplace® in many of our locations around the globe

• We embrace new solutions across the business, allow space for creativity, and invest in innovation and technology

• We operate with honesty, transparency and fairness, and can be counted on to do what we say we will

• We invest in our employees, providing meaningful work and opportunities for training and professional development

• We are recognized as a leader in sustainability by independent ESG rating agencies

• We are focused on the future: responsibly producing the oil and natural gas that is essential to energy security while exploring alternative energy options

Vermilion is committed to diversity and inclusion, and aims to create a healthy, accessible and rewarding work environment that highlights our employees’ unique contributions to our company’s success. As an equal opportunity employer, we welcome all applications to help us build a diverse workforce that reflects the communities in which we live and work.   

Outstanding People. Outstanding Opportunities.

#LI-Hybrid