Manager, Cyber Operations

Vancouver (VHO)

Applications have closed

Teck Resources

Teck is Canada's largest diversified mining company and is committed to responsible development. It has major business units focused on copper, metallurgical coal, zinc, gold and energy. Shares are listed on the TSX under the symbols TECK.A and...

View company page

The Manager, Cyber Operations is responsible for the prevention of Cyber security incidents through real-time monitoring, detection, and analysis of potential intrusions. This includes using troubleshooting tools to analyze and respond to cyber threats, writing scripts to aid in quick analysis and response, and responding to security events. The position operates and tunes security tools, provides requirements for new security capabilities and creates use cases for monitoring. In addition, this position is responsible for the delivery of the performance obligations of external service providers in accordance with the contract and ensuring fulfillment of service level agreements (SLA).

The Cyber Security operations team will rely on your contribution to perform in-depth analysis of evidence, identify malicious operations and evaluate the real impact in order to solve issues in a quick and efficient manner.

This is a key role when it comes to responding to security incidents, onboarding new identities and environments, maintaining the security infrastructure and continuous improvement. We are looking for a motivated and structured leader with a strong focus on cyber protection and effectiveness. Make your mark in cybersecurity and join our team!

Responsibilities

  • Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
  • Coordination and service delivery for internal and external customers
  • Ensure appropriate governance is maintained across all areas of the Service (team lead, incident management, service delivery, change management, continual improvement, customer satisfaction and, operations availability and maintenance provision)
  • Lead onboarding requests to ensure a successful transition to operations for security monitoring services
  • Lead all aspects of onboarding new identities and environments, communicating with collaborators, the operation of the protect service and its continuous improvement
  • Supervise overall performance of the services delivery team, identifying areas of improvement, efficiency, expansion or enhancement
  • Ensure the cyber operations services (people and technologies) continues to operate
  • Coordinate with regional and product cyber operations teams for innovative improvements to our global cyber operations business
  • Support business and product owners as the subject matter expert (SME) for cyber operations services
  • Lead and support the North America team on cyber operations services
  • Lead the tactical weekly meeting, monthly customer management meeting, and support the quarterly executive meetings
  • Capture business and product team requirements and recommend pragmatic solutions
  • Provide technical guidance to cyber operations team technical analysis
  • Be the point of escalation for cyber operations analysts in support of cybersecurity investigations
  • Lead the Incident Response coordination and provide guidance and oversight on incident resolution and containment techniques. Carry out first responder actions, triaging and containing breaches
  • Lead threat-hunting activities, looking for anomalies
  • Ingest, analyze and contextualize data and turn that into intelligence for threat assessment and risk management
  • Contribute to the creation, updating and distribution of incident response best practices to include response capabilities and recommendations to senior leadership when dealing with incidents that affect diverse platforms or business units
  • Create quality control of reports, deliverables and playbooks in order provide clear guidelines for staff on operational procedures during incidents/critical issues
  • Ensure security and compliance of cyber operations infrastructure
  • Lead and support continuous improvement, tune SIEM, SOAR use cases, and assist in maintaining the cyber operations platform
  • Lead technical workshops, and presentations of findings
  • Lead the design, implementation, improvement, and maintenance of the cyber operations platform (SIEM, log management systems, correlation engine, EDR, and SOAR)
  • Provide guidance and expertise supporting one or various Cloud infrastructure (Azure, AWS, GCP)
  • Stay up-to-date with the latest Cybersecurity trends, news and threat landscapes, IoT, Big Data, Cloud Security, and Digital Transformation
  • Train, coach and mentor the cybersecurity team 

Qualifications

  • Bachelor degree in engineering, computer science, cybersecurity or related IT fields or job experience equivalent
  • Minimum of eight years of relevant experience
  • Proven experience leading SOC teams and environments
  • Over five years of related experience on a Computer Incident Response Team (CIRT), Computer Emergency Response Team (CERT), Computer Security Incident Response Center (CSIRC) or a Security Operations Center (SOC)
  • Solid background in System/Network Architecture, and Cybersecurity consulting
  • Experience in building and assessing a secure infrastructure, Security Operation Centre, and Cloud infrastructure is an asset
  • Currently holding one or more Cybersecurity industry recognized certifications: ISACA, ISC2, GIAC SANS, CompTIA, Offensive-Security
  • Proficient with NIST Cybersecurity Framework (CSF), Cyber Kill Chain, MITRE ATT&CK and d3fend
  • Proven experience in building SOC infrastructure, SIEM technologies, processes, playbooks, correlation rules, and incident reports
  • Experience in Cloud infrastructure and Cloud security monitoring
  • Experience in DevOps technologies like, containers, kubernetes, CI/CD pipeline
  • Experience as a SOC technical lead or SOC manager
  • Experience in designing secure architecture and workflows
  • Experience working in a SOC environment (Internal or MSSP), supervising enterprise environments, and Operation Technology (OT)
  • Experience working on a critical operations team
  • Solid understanding of numerous of operating systems, from the latest to legacy Windows, UNIX. Embedded OS, platforms is a plus
  • Solid understanding of security incident management, malware management and vulnerability management processes
  • Security monitoring experience with one or more SIEM technologies
  • Experience building, integrating, and maintaining SOAR platform
  • Knowledge of networking: TCP/IP, WAN, LAN, VLAN, MPLS, VPN, firewalls, switches, proxy
  • Knowledge of system infrastructure: Unix/Linux OS, LDAP, DNS, DHCP, SMTP, NTP, associated anti-virus/EDR
  • Motivated to continuously improve skills through training and mentoring
  • Strong written communication and presentation skills
  • Adaptable and able to work independently
  • Problem solver, negotiator and consensus builder 
About Teck
 
At Teck, we value diversity. Our teams work collaboratively and respect each person’s unique perspective and contribution.

Qualified applicants interested in joining dynamic team are encouraged to submit a resume and cover letter electronically.

We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.

Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal and zinc, as well as investments in energy assets.
 
Teck has been named one of Canada’s Top 100 Employers for the six consecutive years. Teck has also been named to the Forbes list of the World’s Best Employers for the past two years and is one of Canada's Top Employers for Young People.
 
Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.

Learn more about Teck at www.teck.com or follow @TeckResources

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: AWS Azure Big Data CERT CI/CD Cloud Compliance CompTIA Computer Science Cyber Kill Chain DevOps DNS EDR Firewalls GCP GIAC Governance Incident response ISACA Kubernetes LDAP Linux Malware MITRE ATT&CK Monitoring NIST Risk management SANS SIEM SMTP SOAR SOC TCP/IP UNIX VPN Vulnerability management Windows

Perks/benefits: Startup environment Team events

Region: North America
Countries: Canada United States
Job stats:  6  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.