Information & Application Security Manager

at  Conuma Resources Limited

ABOUT US

Conuma Resources is a metallurgical coal producer based in Northeast British Columbia (NEBC), Canada. Our surface mine operations, including Willow Creek, Wolverine, Brule, and Quintette, position us as an integral part of the global steel supply chain, producing high quality steelmaking coal for leading global steelmakers. Nestled in the breathtaking landscapes near Tumbler Ridge and Chetwynd, Conuma is deeply committed to creating a positive impact in the region where we operate, and supporting our local communities by promoting them as a place to call home. Conuma offers diverse career opportunities, and we are always looking for driven and eager individuals to join our team! Come home to Conuma— it’s more than a job; it’s an invitation to live, work, and explore in beautiful NEBC!

EDUCATION, EXPERIENCE & QUALIFICATIONS

• Bachelor (4-year) degree with a technical major, such as engineering or computer science.
• 3 to 5 years experience in high-level IT security management.
• Experience supporting various operating systems and technologies (MS Exchange, Active Directory, Azure AD, SharePoint, SQL Database).
• Advanced networking experience with CISCO Switches/Routers and Gateways, Firewall.
• Experience with software applications and tools such as CrowdStrike, Ironscale, Proof Point, and CISCO ISE. to protect company information and resources.
• Experience with the network administration (CISCO Certification is an asset).
• Project Management certification is an asset (PMP).

TECHNICAL COMPETENCIES & SKILLS

• Ability to work in a mid-size IT Department in a 24x7 environment.
• Experience in implementing security policies and access control in the organization.
• Working experience with Datacenters and VMWare. Nutanix’s knowledge is an asset.
• Ability to always be ready to react to cyber-related incidents quickly.
• Excellent understanding of audit and compliance standards.
• Experience with the audit process and performing risk-based audits.
• Strong analytical ability where problems are typically unusual and difficult.
• Strong analytical skills and ability to prioritize and multitask.
• In-depth knowledge of application security principles, practices, and tools.
• Extensive knowledge of security industry standards and best practices such as OWASP, ISO 27001, and NIST standards.
• Strong understanding of security risks, threats, and vulnerabilities and the judgement to assess and articulate risk effectively.
• Preferred certifications include: CISSP, CSSLP, CISM.

• Lead the strategy, roadmap, and development of a comprehensive Cyber/Application security program/policies.
• Implement role-based access control (RBAC). Implement and manage identity and access management systems.
• Audit policies and controls continuously.
• Monitor all operations and infrastructure. This involves reviewing alerts and logs from different security systems to monitor the organization’s digital security footprint.
• Maintain all security tools and technology.
• Monitor internal and external policy compliance. Ensure that vendors and employees understand and operate within that cybersecurity compliance framework.
• Prepare and deliver metrics and reports for senior management to show efficiency and compliance of security functions.
• Detail out the security incident response program.
• Train team members and employees on cybersecurity.
• Ensure regulatory compliance. Liaise with a company’s legal, auditing, and human resources teams to ensure security policy compliance.
• Create plans for disaster recovery in case of cyberattacks or security breaches.