Location: Vancouver, Calgary, Toronto
Employment Type: Regular Full Time
Workplace Type: On-site
About our Vancouver Office
Located in the heart of downtown Vancouver, between the Pacific Ocean and the Coast Mountains, Teck’s Corporate Office sits in one of Canada’s most culturally diverse cities.
Surrounded by world-renowned nature and globally inspired cuisine, the office brings together many of Teck’s corporate functions - all working toward Teck’s purpose of providing the essential resources the world relies on.
Role Overview
We are seeking an experienced and proactive Lead - Cyber Threat Intelligence (CTI) to guide and mature our threat intelligence function within the Cyber Defence team.
Reporting to the Manager, Cyber Threat Defence, the successful candidate will oversee the collection, analysis, and dissemination of actionable intelligence to protect the organization against evolving cyber threats. This role requires a highly analytical leader with deep subject-matter expertise, strategic thinking, and hands-on experience in tactical and strategic threat intelligence.
As Lead - CTI, you will collaborate with security operations, incident response, risk management, and executive leadership to ensure cyber threat insights drive informed security decisions. This is a senior role ideal for a proven expert with at least 10 years of experience in intelligence, cybersecurity, or a related field.
Don't miss out on this outstanding opportunity to be part of one of Canada's leading mining companies and join our team!
Key Responsibilities
•Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
•Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st defence line
•Develop and execute the CTI program roadmap aligned with organizational security objectives.
•Oversee intelligence collection from internal telemetry, open-source intelligence (OSINT), commercial feeds, government sources, and the dark web.
•Prioritize and assess threat actor campaigns, TTPs, and emerging vulnerabilities relevant to the business and industry.
•Create and maintain threat actor profiles, threat landscape assessments, and sector-specific threat reports.
•Collaborate with SOC, incident response, vulnerability management, and executive stakeholders to ensure intelligence is operationalized.
•Maintain and refine processes for intelligence validation, dissemination, and escalation.
•Drive integration of MITRE ATT&CK and other frameworks into threat analysis and reporting.
•Coordinate intelligence-sharing relationships with ISACs, industry peers, law enforcement, and intelligence communities.
•Deliver regular briefings and reports to both technical teams and executive leadership.
•Implement and maintain automated threat intelligence scripts and workflows using Python, PowerShell, and other relevant languages
•Integrate threat intelligence feeds and APIs into security systems to ensure real-time threat detection and response
•Collaborate with the security operations team to develop automated threat seek missions as code
•Ensure the integration of threat intelligence with SIEM, SOAR, and other security tools to improve threat detection and response capabilities
•Determine, document, and curate threat intelligence requirements for the organization and its key partners while establishing critical metrics for the function
•Maintain a threat intelligence collection plan to guide the function’s processes and integrations
•Provide context and enrich threat intelligence in order to sharpen the signal and its relevance to the organization
Qualifications
•Minimum 10 years of experience in cyber threat intelligence, cybersecurity operations, or cyber defense roles.
•Proven leadership experience in managing threat intelligence teams or functions.
•Strong understanding of the cyber threat landscape, adversary tactics, techniques, and procedures (TTPs), and threat actor motivations.
•Expertise in MITRE ATT&CK, diamond model, kill chain, and intelligence lifecycle frameworks.
•Experience using tools such as MISP, ThreatConnect, Recorded Future, Anomali, Maltego, or similar.
•Ability to analyze, synthesize, and contextualize data from diverse sources into clear, actionable insights.
•Exceptional written and verbal communication skills; able to brief both technical and executive audiences.
•Familiarity with SOC, IR, and vulnerability management workflows.
•Coding and scripting skills in languages such as Python, PowerShell, or Bash
•Experience with security automation and orchestration platforms (e.g., SOAR)
•Understanding of APIs and integration techniques
•Bachelor’s or Master’s degree in Cybersecurity, Intelligence Studies, Computer Science, or a related field
•Certifications such as GCTI, GCIA, GCIH, CISSP, or equivalent preferred
•Additional relevant certifications (e.g., CEH) are a plus
Pay Range: CAD $119,000 - $147,000 per year
The actual amount offered is determined based on the successful candidate’s relevant experience, skills, and competencies and considers internal equity.
Why Teck
At Teck, your work matters—to the world, to our communities and to your future.
As a leading Canadian resource company, we focus on responsibly providing the metals essential for global development and the energy transition while caring for the people, communities and land that we love. We do this guided by our values that, together, form The Teck Way. At Teck, you’ll find purpose-driven work, a culture of respect and inclusion, and the opportunity to grow your career while helping build a better world.
Apply with us
Take the next step in your career by applying for the Lead, Cyber Threat Intelligence role.
We review applications on a rolling basis and encourage you to apply, even if your background doesn’t match every requirement. We value diversity and are committed to an inclusive, barrier-free hiring process. Reasonable accommodations are available upon request.
Requisition ID: 52671 | Job Category: Technology | Employment Type: Regular Full Time | Location: Vancouver, Calgary, Toronto | Workplace Type: #LI - On-site
Location: Vancouver, Calgary, Toronto
Employment Type: Regular Full Time
Workplace Type: On-site
About our Vancouver Office
Located in the heart of downtown Vancouver, between the Pacific Ocean and the Coast Mountains, Teck’s Corporate Office sits in one of Canada’s most culturally diverse cities.
Surrounded by world-renowned nature and globally inspired cuisine, the office brings together many of Teck’s corporate functions - all working toward Teck’s purpose of providing the essential resources the world relies on.
Role Overview
We are seeking an experienced and proactive Lead - Cyber Threat Intelligence (CTI) to guide and mature our threat intelligence function within the Cyber Defence team.
Reporting to the Manager, Cyber Threat Defence, the successful candidate will oversee the collection, analysis, and dissemination of actionable intelligence to protect the organization against evolving cyber threats. This role requires a highly analytical leader with deep subject-matter expertise, strategic thinking, and hands-on experience in tactical and strategic threat intelligence.
As Lead - CTI, you will collaborate with security operations, incident response, risk management, and executive leadership to ensure cyber threat insights drive informed security decisions. This is a senior role ideal for a proven expert with at least 10 years of experience in intelligence, cybersecurity, or a related field.
Don't miss out on this outstanding opportunity to be part of one of Canada's leading mining companies and join our team!
Key Responsibilities
•Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
•Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st defence line
•Develop and execute the CTI program roadmap aligned with organizational security objectives.
•Oversee intelligence collection from internal telemetry, open-source intelligence (OSINT), commercial feeds, government sources, and the dark web.
•Prioritize and assess threat actor campaigns, TTPs, and emerging vulnerabilities relevant to the business and industry.
•Create and maintain threat actor profiles, threat landscape assessments, and sector-specific threat reports.
•Collaborate with SOC, incident response, vulnerability management, and executive stakeholders to ensure intelligence is operationalized.
•Maintain and refine processes for intelligence validation, dissemination, and escalation.
•Drive integration of MITRE ATT&CK and other frameworks into threat analysis and reporting.
•Coordinate intelligence-sharing relationships with ISACs, industry peers, law enforcement, and intelligence communities.
•Deliver regular briefings and reports to both technical teams and executive leadership.
•Implement and maintain automated threat intelligence scripts and workflows using Python, PowerShell, and other relevant languages
•Integrate threat intelligence feeds and APIs into security systems to ensure real-time threat detection and response
•Collaborate with the security operations team to develop automated threat seek missions as code
•Ensure the integration of threat intelligence with SIEM, SOAR, and other security tools to improve threat detection and response capabilities
•Determine, document, and curate threat intelligence requirements for the organization and its key partners while establishing critical metrics for the function
•Maintain a threat intelligence collection plan to guide the function’s processes and integrations
•Provide context and enrich threat intelligence in order to sharpen the signal and its relevance to the organization
Qualifications
•Minimum 10 years of experience in cyber threat intelligence, cybersecurity operations, or cyber defense roles.
•Proven leadership experience in managing threat intelligence teams or functions.
•Strong understanding of the cyber threat landscape, adversary tactics, techniques, and procedures (TTPs), and threat actor motivations.
•Expertise in MITRE ATT&CK, diamond model, kill chain, and intelligence lifecycle frameworks.
•Experience using tools such as MISP, ThreatConnect, Recorded Future, Anomali, Maltego, or similar.
•Ability to analyze, synthesize, and contextualize data from diverse sources into clear, actionable insights.
•Exceptional written and verbal communication skills; able to brief both technical and executive audiences.
•Familiarity with SOC, IR, and vulnerability management workflows.
•Coding and scripting skills in languages such as Python, PowerShell, or Bash
•Experience with security automation and orchestration platforms (e.g., SOAR)
•Understanding of APIs and integration techniques
•Bachelor’s or Master’s degree in Cybersecurity, Intelligence Studies, Computer Science, or a related field
•Certifications such as GCTI, GCIA, GCIH, CISSP, or equivalent preferred
•Additional relevant certifications (e.g., CEH) are a plus
Pay Range: CAD $119,000 - $147,000 per year
The actual amount offered is determined based on the successful candidate’s relevant experience, skills, and competencies and considers internal equity.
Why Teck
At Teck, your work matters—to the world, to our communities and to your future.
As a leading Canadian resource company, we focus on responsibly providing the metals essential for global development and the energy transition while caring for the people, communities and land that we love. We do this guided by our values that, together, form The Teck Way. At Teck, you’ll find purpose-driven work, a culture of respect and inclusion, and the opportunity to grow your career while helping build a better world.
Apply with us
Take the next step in your career by applying for the Lead, Cyber Threat Intelligence role.
We review applications on a rolling basis and encourage you to apply, even if your background doesn’t match every requirement. We value diversity and are committed to an inclusive, barrier-free hiring process. Reasonable accommodations are available upon request.
Requisition ID: 52671 | Job Category: Technology | Employment Type: Regular Full Time | Location: Vancouver, Calgary, Toronto | Workplace Type: #LI - On-site