Sterling Crane Canada
As a part of the global industrial organization Marmon Holdings—which is backed by Berkshire Hathaway—you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best.
At Marmon Crane Services we proudly operate a network of four industry-leading mobile crane service companies across Canada, the United States and Australia. From jobs in oil and gas, energy, mineral mining and civil infrastructure, our mission is to lift the weight off our customers’ shoulders safely. This shared purpose is realized through the dedication of approximately 1600 employees internationally. Within our collective team, you’ll be empowered to lift your career to new heights every day.
As a part of the global industrial organization Marmon Holdings, which is backed by Berkshire Hathaway - you’ll be doing things that matter, leading at every level, and winning a better way. We’re committed to making a positive impact on the world, providing you with diverse learning and working opportunities, and fostering a culture where everyone’s empowered to be their best. We’re excited for you to join us at Marmon Crane Services!
We are seeking a hands-on Cybersecurity Operations Analyst to strengthen our day-to-day cybersecurity operations. This role focuses on Identity and Access Management (IAM), monitoring security systems, addressing threats proactively, and responding to security incidents across our operations in Canada, the US, and Australia.
Reporting to the Sr. Manager of IT Infrastructure & Security – Global, the successful candidate will take ownership of routine security operations, including managing user access controls, investigating threats, and supporting incident response efforts. This role will collaborate with IT teams and vendors to enforce established security policies, maintain core security tools, and ensure operational compliance with internal standards and regulatory requirements.
Location: Edmonton, AB - Hybrid Role (Flexible onsite schedule).
Working Hours: 8:00 AM – 5:00 PM MST, Monday to Friday.

QUALIFICATIONS

• Bachelor’s degree in computer science, Information Technology, or a related field (or equivalent experience).
• Security certifications such as SSCP, CISSP, CISA, or other relevant designations are preferred.
• 5–7 years of IT experience with 2–3 years in hands-on security operations (IAM, incident response, vulnerability management).
• Experience managing IAM solutions (e.g., Okta, Azure AD, Microsoft Identity platforms).
• Familiarity with EDR, SIEM, email security, and vulnerability management tools (e.g., SentinelOne, Proofpoint, Qualys) to support remediation; knowledge of industry frameworks such as NIST CSF, CIS Controls, or ISO 27001 is an asset.
• Working knowledge of Zero Trust security models, IAM, MFA, and network segmentation.
• Ability to balance multiple priorities in a fast-paced environment and meet critical deadlines.
• Strong analytical, problem-solving, and communication skills, with the ability to translate technical information for non-technical stakeholders.
• An equivalent combination of education and experience may be considered.

TECHNICAL EXPERTISE AND SKILLS:

• Demonstrate passion, interest, and understanding of trends and best practices in cyber security and related technologies.
• Demonstrable IT skills, including working with enterprise technology environments and modern platforms such as cloud service providers and security software such as: Artic Wolf, Blackpoint, Proofpoint, Abnormal Security, Qualys, SentinelOne, BitSight, and KnownB4.
• Proficiency in Zero Trust security models, IAM, MFA, and network segmentation.
• Excellent communication skills, including the ability to communicate effectively with external stakeholders and internal stakeholders at varying levels within the organization and to translate technical concepts for non-technical audiences.
• Strong attention to detail, with excellent organizational, time management, analytical, problem-solving, and critical thinking skills.
• The ability to multitask, take initiative, demonstrate flexibility to adapt to changing situations and priorities, and meet critical deadlines.

Identity & Access Management (IAM)

• Manage user lifecycle activities (onboarding, offboarding, role changes) across enterprise systems, cloud platforms, and SaaS applications (e.g., Okta, Azure AD, Microsoft Identity solutions).
• Enforce the least privilege and Zero Trust models for access control, including the implementation and monitoring of MFA.
• Conduct regular access reviews and ensure proper documentation and audit readiness.

Security Operations & Incident Response

• Oversee day-to-day security operations, including system monitoring, detection, triage, and response to security incidents.
• Investigate alerts from SIEM, EDR, and email security systems; escalate high-priority incidents to the Sr. Manager.
• Maintain and improve incident response playbooks and ensure proper documentation of incidents and lessons learned.
• Coordinate with third-party SOC partners and vendors to address identified risks effectively.

Governance & Compliance Support

• Assist in maintaining supporting procedures, processes, standards, and guidelines aligned with Sterling Crane’s IT Policy Framework.
• Prepare access-related and operational evidence for security audits and compliance assessments (e.g., FTC, PCI).
• Support ongoing regulatory compliance efforts and provide documentation as needed for audits.

Documentation & Control Management

• Develop and maintain security documentation, including incident response playbooks, IAM procedures, and access control guidelines.
• Maintain audit-ready evidence for compliance activities (e.g., access review logs, incident reports, and control documents).
• Support the Sr. Manager in creating and updating policies, standards, and procedures as required.

Security Tools & Process Management

• Administer and maintain key security tools (EDR, email security, vulnerability scanning) and monitor cloud environments such as Microsoft 365, Azure, and other SaaS platforms.
• Assist with vulnerability assessments, tracking remediation efforts, and collaborating with IT teams to resolve findings.
• Stay informed about emerging threats, vulnerabilities, and tools to help strengthen defenses.

Awareness & Collaboration

• Provide input for security awareness training campaigns and phishing simulations.
• Build collaborative relationships across IT and business units to integrate security practices into daily operations.
• Contribute to tracking and reporting on key security metrics (e.g., incident resolution time, access review completion rates) to support continuous improvement of security operations.