Information Security Advisor

If you are committed to public service, enjoy collaborating with others, share our values and have a desire to learn and grow, join The City of Calgary.

City employees deliver the services, run the programs and operate the facilities which make a difference in our community.

We support work-life balance, promote physical and psychological safety, and offer competitive wages, pensions, and benefits.

Together we make Calgary a great place to make a living, a great place to make a life.

The City is committed to fostering a respectful, inclusive and equitable workplace which is representative of the community we serve.

We welcome those who have demonstrated a commitment to upholding the values of equity, diversity, inclusion, anti-racism and reconciliation.

Applications are encouraged from members of groups that are historically disadvantaged and underrepresented. Accommodations are available during the hiring process, upon request.

As an Information Security Advisor, you will be responsible for supporting the strategic and tactical initiatives of the Information Security Compliance & Advisory team.

You will work as part of a team to provide security services. Your responsibilities include vulnerability assessments, penetration testing, discovery of potential exploitation and other technology risk assessment activities.

Primary duties include :

Perform vulnerability assessments and penetration tests on a variety of technologies including applications and networks.

Technologies may reside in cloud-based or on-premise environments, encompass infrastructure components, and have a variety of exposures including internal and external.

• Prepare and present detailed reports on findings and make recommendations for remediation.
• Administer and maintain security testing tools and equipment.
• Participate in risk assessments on technology projects, initiatives, and infrastructure.
• Participate in post incident reviews by validating remediation efforts.
• Provide information security expertise and advice to Information Technology (IT), Operations Technology (OT), other business units and associated projects.

Qualifications

• A completed 2 year Technology Diploma and at least 8 years of Information Security or related experience, OR;
• A degree in Information Technology, Computer Science or related discipline and at least 4 years of Information Security or related experience.
• Equivalent combinations of experience and education may be considered.
• Experience in exploit development, security vulnerabilities, risks, threats, and various control mechanisms to mitigate business risks is required.
• Experience performing penetration testing and threat reviews of enterprise applications, cloud-based services, network environments, Industrial Control Systems and / or Internet of Things is required.
• Extensive knowledge of malicious code operation, Common Vulnerability Scoring System (CVSS), MITRE attack framework, penetration testing tools, and methodologies is required.
• One or more recognized security certifications (for example CISSP, GPEN, GXPN, GWAPT, OSCP, OSCE, CEH) is preferred.
• Experience in Linux and Windows, networking, and scripting languages will be considered an asset.
• Experience in technical writing with a focus on penetration test findings and creation of presentations for a variety of audiences will also be considered an asset.
• Previous experience working in a municipal government and a broad knowledge of the types of services provided by a large municipality will be beneficial.
• Well-developed communication, organization and planning skills, effective prioritization and the ability to work well in a team setting.

Pre-employment Requirements

• A security clearance will be conducted.
• Successful applicants must provide proof of qualifications.

Union : Exempt

Business Unit : Corporate Security

Position Type : 2 Temporary (up to 24 months)

Location : 133 6 Avenue SE

Compensation : Level E $80,640 - 121,760 per annum

Days of Work : This position works a 5 day

work week with one day off in a 3 week cycle.

Hours of work : Standard 35 hour work week

Audience : Internal / External

Apply By : October 23, 2023

Job ID # : 308379