Senior Advisor, Cybersecurity

Position:          Senior Cybersecurity Advisor  

Location:          Edmonton or Calgary 

Why Work Here?

Employees at ATCO are offered endless variety. We are entrepreneurial with a large degree of autonomy and freedom, experiencing new situations and learning opportunities every day. Internal advancement is commonplace, and we are always supported in our career journey. We believe in creating a workplace where you can thrive professionally while contributing to something greater, serving our communities and shaping the future of energy.

About the Role:

The Senior Cybersecurity Advisor is responsible for supporting the day-to-day operations of the Operational Cybersecurity team by providing subject matter expertise and delivering security services across the enterprise. This role requires strong communication skills to effectively converse with security, IT, operational technical professionals, and middle-level managers. The advisor must understand cybersecurity risk practices, establish trusted relationships with technical and management teams, and communicate cybersecurity threats and vulnerabilities to provide secure solutions that meet business needs. Additionally, the advisor leads the development and maturity of cybersecurity processes, including change management, vendor management, patch management, vulnerability management, and cyber threat intelligence. With a solid understanding of security technologies and their application within IT and OT environments, the advisor participates in high-priority projects and operational initiatives to identify cybersecurity risks and apply appropriate security controls. work closely with cross-functional teams to develop security solutions that enhance ATCO's security posture, assist with threat information responses, provide expertise on industry compliance needs, and support audit requests. As a subject matter expert, the advisor delivers cybersecurity governance, compliance, oversight, and monitoring services, while managing multiple competing priorities to ensure timely progression of work products.

What You Get to Do:

Operational Oversight

• Identify and resolve security issues, provide operational requirements, and support cybersecurity work management. 
• Maintain and develop cybersecurity processes and documentation, manage day-to-day vulnerability activities, and offer security configuration guidance. 
• Support cyber incident investigations, ensure remediation actions, and communicate threat assessments. 
• Conduct system failure analysis, coordinate with intelligence organizations, and assess security controls. 
• Research potential vulnerabilities, evaluate new technologies, ensure security in mobile development, review security systems, and work with vendors. 
• Play a crucial role in vulnerability management by maintaining and supporting daily vulnerability activities, providing related reporting, and offering input on recommendations from vulnerability prioritization assessments. 
• Collaborate with business units and internal teams to ensure effective logging, monitoring, and alerting security events.

Cybersecurity Assurance

• Assess cybersecurity risks in initiatives and collaborates with cross-functional teams to implement security controls. 
• Consult with internal customers and business units to translate functional requirements into technical solutions, develop business cases and security requirements, and ensure project deliverables align with ATCO's cybersecurity standards. 
• Identify deficiencies in cybersecurity controls, provide quality assurance for project deliverables, and develop methods to gather and communicate feedback from operating areas. 
• Foster and communicate necessary process changes, convey security concepts to stakeholders, and participate in ATCO’s Change Advisory Board as a security expert to review and approve change requests.

Security Controls and Compliance Governance

• Support for regulatory submissions and CIP annual self-certifications and audits. 
• Oversee ATCO Electric operating groups in managing ARS CIP Standard documentation and business planning and support various audits. 
• Participate in developing and reviewing security standards, specifications, guidelines, and use cases. 
• Ensure CIP and security requirements align with standards, policies, regulations, and designs. 
• Communicate cybersecurity program goals and processes to stakeholders, support the development and maintenance of program content, and act as a security expert in product and technology selections.

What You Bring:

• Post-secondary diploma or degree in computer science, information systems technology, computer technology, or information systems security. Equivalencies may be considered.
• 7 – 10 years’ experience in Cybersecurity securing IT/OT systems, within the utility/IT industry or with industrial control systems.
• Experience with vulnerability management process & lifecycle tools.
• Possess security certifications such as CISA, CISM, CISSP, or other related certifications.
• Knowledge of cybersecurity frameworks such as ISO, NIST, COBIT & NERC CIP Standards and Alberta ARS CIP Standards.
• Experience of Implementing ITIL practices, Change Management. 
• Experience in creation and maintenance of security policy, standards and specification development and providing subject matter expertise on the application of security measures to satisfy standards and controls. 
• Experience with security in the cloud, and enterprise level authentication, monitoring, access control systems, firewalls, IDS/IPS, VPN, NDR, EDR.
• Superior communication, organization, and interpersonal skills and demonstrate effectiveness in an internal customer-facing role.

What We Offer:

• A culture based on caring, integrity, agility, collaboration, and striving for excellence
• Competitive compensation
• Flex benefits
• Tuition assistance program
• Training and mentorship programs
• Charitable donation matching

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.   

ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com. ATCO is proud to be an equal opportunity employer. Visit our website for more information.

In the spirit of reconciliation, we acknowledge the traditional territories and homelands on which many of our ATCO operations and facilities are located. We honour and respect the diverse history, languages, ceremonies, and culture of the Indigenous Peoples who call these areas home.