Sr Cyber GRC Analyst

Calgary, AB, CA, T2P 1G1

Pembina Pipeline Corporation

View company page

Work Arrangement: Hybrid 

Department: Cybersecurity GRC and Identity Area 


Pembina Pipeline Corporation is a dynamic energy transportation and midstream provider, serving customers for more than 65 years. Chances are, we do more than you think. We own pipelines that transport hydrocarbon liquids and natural gas products produced primarily in Western Canada. We also own gathering and processing facilities and an oil and natural gas liquids infrastructure and logistics business. Our operations along the hydrocarbon value chain allow us to offer a full state of midstream and marketing services to our customers in the energy industry. 


We are an organization that cares not only about results, but how those results are achieved. Our organization is grounded in the values of Safe, Trustworthy, Respectful, Collaborative and Entrepreneurial. Cultivating a positive employee experience and promoting a diverse and inclusive environment where our employees feel engaged, recognized and empowered is foundational to our ambition of being an employer of choice. Learn more about our values and strategy


We value the safety of our communities, customers, contractors and employees, and believe that all incidents are preventable. Compliance with all policies, procedures and regulations is a requirement, and our Life Saving Rules are basic rules that everyone should know and live by. Working for Pembina means working safely. 



Pembina Pipeline Corporation's Information Services Unit is seeking a Senior Cyber GRC Analyst who will be responsible for overseeing the governance, risk management, and compliance activities within the cyber security division. This role requires a deep understanding of cyber security principles, risk assessment methodologies, and regulatory compliance requirements specific to the North American energy sector.


The Information Services Unit of Pembina's mandate is to perpetually enhance the data, security, and integrity of our network, safeguarding it from breaches, disruptions, and the destruction of sensitive information. We rely on the ingenuity of our skilled team, who are ceaselessly seeking innovative methods to refine our processes and existing technologies. Our objective is to work in synergy with our clients and colleagues to implement cutting-edge technologies that not only improve our operational efficiency and reduce costs, but also contribute to environmental solutions addressing climate change challenges. We are cultivating a diverse team of open-minded, adaptable, and innovative individuals to stay abreast of the rapidly evolving technological landscape.

Responsibilities may include but not limited to:

  • Develop and maintain the company's cyber security policies, standards, and procedures to ensure compliance with regulatory requirements and industry best practices;
  • Conduct comprehensive risk assessments and audits to identify potential security threats and vulnerabilities, and recommend mitigation strategies;
  • Collaborate with cross-functional teams to ensure that cyber security risks are effectively managed and that security controls are integrated into business processes;
  • Provide expert guidance on cyber security matters to senior management and other stakeholders;
  • Support incident response activities, including investigation and reporting of security breaches and other cyber incidents;
  • Stay abreast of emerging cyber security trends, threats, and technologies to continuously improve the company's security posture; and
  • Facilitate training and awareness programs to promote a culture of cyber security across the organization.


  • Bachelor's degree in Information Technology, Cyber Security, or a related field;
  • Professional certifications such as CISSP, CISM, CRISC, or equivalent;
  • Minimum of 5 years of experience in cyber security, with a focus on GRC;
  • Strong knowledge of cyber security frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., CER, TSA);
  • Excellent analytical, problem-solving, and decision-making skills;
  • Effective communication and interpersonal skills, with the ability to present complex information clearly and concisely; and
  • Proven ability to work independently and as part of a team in a fast-paced environment.


The successful candidate must be legally able to work in the country of the position. Final candidate will be required to undergo Pre-Employment Background Checks including a Criminal Record Check. 


This position will be posted until end of day: 05/29/2024 


Our expectations are high, and our rewards reflect this: We treat our people well - whether it's through our total rewards package, community engagement or volunteer opportunities, all in an environment that is equitable, safe, respectful, inclusive and accessible. 


We recognize that diverse perspectives and experiences fuel innovation and enrich our workplace culture. We firmly believe that every individual's unique background, identity and contributions contribute to our collective success. We encourage applications from individuals of all backgrounds and experiences. If you're contacted to set up an interview and you require accessibility accommodations, please let your Talent Acquisition Advisor know at that time. 


We are a proud recipient of Canada's Top 100 Employers (2018-2022), Alberta's Top Employers (2014-2024) and an Employer Partner of the Canadian Centre for Diversity and Inclusion. We are also a strong supporter of Skills Canada. 


No agency calls please. 

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Audits CISM CISSP Compliance CRISC Governance Incident response ISO 27001 NIST Risk assessment Risk management Strategy Vulnerabilities

Region: North America
Country: Canada
Job stats:  2  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.