CYBERSECURITY ANALYST

Location: Calgary Head Office
Job status: Full Time Permanent
Department:Information Services
Is this position safety sensitive: No
At Gibson, we believe our competitive advantage lies in the strength and talents of our employees. That means connecting our employees to rewarding careers, building a high-performance culture where collaboration and creativity are rewarded, and providing real growth opportunities for employees to take on new challenges.

PREFERRED SKILLS & ABILITIES

• Experience supporting or working with Microsoft Defender, Sentinel, and Palo Alto security technologies.
• Familiarity with security solutions such as firewalls, intrusion detection systems, antivirus software, encryption, and authentication protocols.
• Strong analytical and problem-solving skills, with a proven ability to address complex security challenges and implement effective solutions.
• Excellent verbal and written communication skills, capable of translating complex cybersecurity concepts for diverse audiences and collaborating effectively across teams

THE ROLE

The Information Services Cybersecurity Analyst will be responsible for supporting the development and implementation of a comprehensive cybersecurity program for the enterprise. This includes conducting security assessments, managing cybersecurity-related regulatory compliance activities, developing and maintaining security policies and procedures, and coordinating security awareness initiatives such as phishing campaigns and training. The analyst will also support security projects including penetration testing, security architecture reviews, and the adoption of emerging technologies like AI tools and data protection solutions.

WHAT YOU WILL DO

The Information Services Cybersecurity Analyst will:

• Conduct security assessments including risk evaluations and regulatory compliance reviews to support the cybersecurity program.
• Develop, update, and enforce cybersecurity policies, standards, and procedures aligned with industry best practices.
• Lead and coordinate cybersecurity awareness efforts such as phishing simulations, quarterly training, and role-based education.
• Support third-party penetration testing engagements and track remediation progress.
• Participate in security architecture reviews to provide recommendations for secure design and implementation.
• Assist with the deployment and governance of emerging technologies, including AI tools (e.g., Microsoft Copilot, ChatGPT) and data protection solutions (e.g., Microsoft Purview, DLP).
• Track vulnerabilities and remediation activities, ensuring timely resolution in collaboration with IT and operational teams.
• Communicate cybersecurity concepts and risks effectively to technical and non-technical stakeholders.
• Performs other duties as assigned, adaptable to the evolving cybersecurity landscape.

WHAT YOU’LL BRING TO THE ROLE

• 5+ years of professional experience in cybersecurity or related IT fields, with demonstrated ability to conduct risk and security assessments and support compliance activities.
• Post-secondary degree/diploma in Computer Science, Information Technology, Cybersecurity, or a related field is preferred. Equivalent professional experience will be considered.
• CISSP certification is required.
• Solid understanding of cybersecurity frameworks such as NIST CSF and familiarity with regulatory requirements in oil and gas or critical infrastructure sectors.
• Proven experience developing, implementing, and enforcing security policies, standards, and procedures.
• Proven experience managing or supporting security awareness programs, including phishing campaigns and role-based training.
• Strong background in vulnerability management, including identification, prioritization, and remediation tracking.
• Experience supporting or managing security projects such as third-party penetration testing and security architecture reviews.
• Practical knowledge or familiarity with emerging AI tools and data protection technologies is highly desirable.
• Self-driven, detail-oriented, and able to operate independently while collaborating across teams in a dynamic environment.
• Knowledge and understanding of Operational Technology.

THE ‘WE & I’ PLAY A VERY IMPORTANT ROLE IN OUR SUCCESS!

• Contribute & Add Value Everyday
• Keep Our Edge & Be Resilient
• Stay Focused & Open-Minded
• Work it Out & Do it Together
  This is what we are all about and we encourage you to learn more! Click Here: The Gibson Way
  For more information, visit www.gibsonenergy.com