Job Description

:Job Title- Senior Incident Response and Investigations SpecialistLocation- Calgary & EdmontonThe Cybersecurity Operations team provides security services focused on incident response and containment, investigation, and digital forensics. This is a key personnel and technical leadership position reporting to the Manager, Cybersecurity Operations. The position provides deep technical expertise and a proven track record of successfully leading incident response activities, conducting thorough investigations, and providing digital forensics technical leadership for the Cybersecurity Operations team. This position will require interactions with other cybersecurity and IT team members, operational technology (OT) subject matter experts, as well as employees across all ATCO business units, to ensure the cybersecurity operations incident response and investigation function at ATCO is effectively delivered.Together with a Managed Security Service Provider (MSSP), this role will be responsible for supporting cybersecurity operations, incident response and containment, and taking the lead on critical cybersecurity functions.Always there. Anywhere. That\'s us! A team committed to delivering inspired solutions for a better world. We care for our communities and each other, and we are committed to showing up for those who need us. We value and encourage diversity, and we have the courage to do the right thing, even when it\'s hard.We\'re looking for someone who cares about their work and strives for more each day. Someone who challenges the status quo, embraces change, and thrives in a collaborative work environment. If you are someone who approaches work with passion, curiosity, and the courage to innovate, then this role is for you.What Else You Get To Do:

• Lead and coordinate incident response activities, including detection, analysis, containment, eradication, and recovery procedures.
• Ensure adequate resources are in place to support incident response, containment, recovery, and investigation activities.
• Conduct in-depth investigations into cybersecurity incidents and anomalies to determine the root cause, risk, and impact to ATCO.
• Provide written and verbal updates to Cybersecurity Operations leadership, including security event notifications, investigation updates, and post-event investigation reports.
• Support cross functional teams regarding security and compliance program activities, governance, and direction.
• Proactively monitor for and identify issues related to cybersecurity operations and communicate their impacts and risks.
• Collaborate with cross-functional teams, including IT and enterprise-wide business units to ensure comprehensive response and resolution to security incidents.
• Actively participating in and supporting ATCO\'s Cybersecurity Intelligence Program.
• Supporting compliance with North American Electric Reliability Critical Infrastructure Protection (NERC CIP) and Alberta Reliability Standards Critical Infrastructure Protection (ARS CIP) standards, as required.
• Supporting Cybersecurity activities such as: audits and self-assessments, compliance self-assessment, and ARS CIP compliance audits.
• Supporting cybersecurity aspects of regulatory filings, including preparation of business cases, and responding to information requests.
• Participate in cybersecurity forums for the development of best practices, identification of issues, execution of industry initiatives and information sharing.
• Conduct advanced digital forensic investigations to identify the source, scope, and impact of cybersecurity incidents.
• Utilize cybersecurity tools and techniques to collect, preserve, analyze, and interpret digital evidence across diverse platforms and environments.

Who You Are:

• Bachelor\'s degree in Computer Science, Information Systems Technology, or Information Systems Security
• Cybersecurity Certifications such as C|SA, E|CIH, CISSP, CISM, GCFA, GCFE, GNFA, GCIH, GX-FA.
• Minimum of 5-7 years of experience in cybersecurity operations with a focus on incident response and digital forensics.
• Ability to pragmatically communicate cybersecurity risks in business terms to cybersecurity leadership, cross functional teams, and business units, and develop appropriate action plans.
• Proven expertise in leading and managing complex incident response and forensic investigations in enterprise environments.
• Deep understanding of digital forensic methodologies, tools, and best practices, including disk imaging, memory analysis, and network forensics.
• Strong proficiency with incident response frameworks and standards, such as NIST and MITRE ATT&CK.
• IT audit and compliance understanding
• Strong technical leadership, organizational, interpersonal, written, and verbal communication skills
• Technical understanding of cybersecurity incident response, recovery, investigation, and forensics processes.
• Experience working with third-party service providers.
• Exceptional problem-solving skills, attention to detail, and the ability to thrive in a fast-paced, dynamic environment.
• Self-starter who enjoys working in a team environment, requires minimum supervision, fosters collaborative working groups, and can cope effectively in a fast-paced environment with changing priorities.

What We Offer:

• A culture based on caring, integrity, agility, collaboration, and striving for excellence.
• Competitive compensation.
• Flex benefits.
• Tuition assistance program.
• Training and mentorship programs.
• Charitable donation matching.

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.
Canadian Utilities is part of ATCO Ltd. ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com.
At ATCO, we support a diverse and inclusive environment that values the contributions and perspectives of everyone on the ATCO team. We believe the ATCO team is the foundation of our business and our most valuable asset across our global operations. Without each team members\' unique skills, strengths, and knowledge, we simply wouldn\'t be able to achieve our fundamental vision of delivering life\'s essential services to our customers around the world.
ATCO is an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status.

ATCO