Senior Cyber Security Advisor

Closing Date: May 15, 2024

As Canada’s largest diversified mining company, Teck is committed to providing the world with essential resources safely and sustainably. We have a rich history of consistently driving innovation, harnessing cutting-edge technology, and cultivating a dynamic environment that empowers our employees to shape the future.  
 

The Technical function within Teck is comprised of Digital Analytics, Digital Systems, Technical Services and Enterprise Improvement Planning, Autonomy and Innovation. RACE is Teck’s Digital Transformation program and the Digital Analytics (DA) group is a key contributor to RACE and acts as an enabler of innovation and digital transformation for the mining industry.

The Digital Analytics group is comprised of nearly 300 professionals spanning across a variety of teams. These teams are at the heart of the technological innovation happening at Teck, providing solutions that use artificial intelligence and data analytics to diagnose, predict and prescribe actions to improve safety, sustainability, and production, and drive operational outcomes across the mining value chain.

Reporting to the Manager, Software Development, the Senior Cyber Security Advisor is responsible for maintaining a well-secured environment is critical to ensuring that everyone goes home safe and healthy every day. The Senior Cyber Security Advisor will bring crucial expertise to meet that goal, leading all aspects of cybersecurity practices and standards across Digital Analytics. As a member of DA's technical leadership team, this role will be committed to the integrity, confidentiality and availability of information of DA products and the platform on which we operate.

As a cybersecurity domain leader, you will guide the definition and evolution of our security standards, collaborating on application architectures, and leading dialogue to ensure safety, security and privacy by design. You will partner with technical and business colleagues across DA and Technical, ensuring that our cybersecurity practices enable our product value streams to sustain successful and efficient delivery of value to Teck and our customers and protect our customers’ data.

Responsibilities

• Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures

• Own cybersecurity practices and standards across Digital Analytics products and platform

• Establish a cadence to ensure security is embedded in the product lifecycle from beginning and allow for continuous improvement, including recurring audits and compliance with evolving relevant standards

• Lead and conduct Threat Modeling exercises with application development teams and empower them to follow security practices by default

• Be a trusted advisor to build the culture of security and empower security champions to successfully deliver safe and secure products

• Provide cyber security expertise in the risk analysis, assessment, development, and evaluation of security solutions and architectures to secure applications, operating systems, databases, and networks across Digital Analytics

• Collaborate with Teck’s security team to ensure Digital Analytics’ alignment with security strategy, frameworks and mechanisms

• Facilitate vulnerability assessment and support remediation and validation

• Lead dialogue to enable defence in depth based on business criticality of products and data

• Demonstrate business value and transparency by establishing reporting of progress and risk indicators

• Work with vendors to ensure that their practices are aligned with DA security standards, and recommend security improvements to protect our organization

• Engage with internal and external resources as required to ensure the performance of routine operational and periodic security needs meets standards, including incident prevention, detection, and response

Qualifications

• Minimum 8+ years of experience in the cybersecurity field

• College/University degree in Computer Science or related subject area, or equivalent experience

• ISC2, GIAC or other recognized industry certifications such as: CISSP, CEH, OSCP, GSEC, etc.

• Experienced in applications architecture review and establishing security by design

• Proficient with Application Security and overall security risk management industry leading principles and frameworks, and OWASP Top-10 and other common vulnerabilities and remediations.

• Exposure to a breadth of security engineering subject areas including cryptography, network security, intrusion detection and incident response, system security, and security policy

• Understanding of the requirements for the legal follow-up of security incidents including appropriate forensic data gathering and appropriate evidence handling procedures

• Outstanding understanding of Software Development Lifecycle and DevSecOps standard methodologies

• Experience working in development and operational environment on Azure Cloud

Why Join Us?

At Teck, we offer more than just a job – we provide a pathway to personal and professional enrichment. With captivating projects set against stunning backdrops, a culture of inclusivity and collaboration, and boundless opportunities to learn and grow, joining us means embracing a fulfilling and dynamic career adventure. 

Teck employees receive access to our total rewards program and comprehensive benefits package that promote physical, mental, financial, and emotional well-being. This includes but is not limited to:  

• Annual Performance Bonus 
• Profit Share Plan 
• Health Spending Account   
• Personal Spending Account 
• Extended Health Care   
• Dental and Vision Care 
• Employer Paid Pension Plan 
• Life Insurance and Disability Coverage  
• Paid Sick Leave, Vacation and Holidays      
• Virtual Telemedicine and additional support for overall well-being 
• Employee and Family Assistance Program (EFAP)      

Salary Range: $130,000 - $160,000 

The actual base salary offered is determined based on the successful candidate’s relevant experience, skills, and competencies and considers internal equity. 

About Teck

At Teck, we value diversity. Our teams work collaboratively and respect each person’s unique perspective and contribution. Qualified applicants interested in joining a dynamic team are encouraged to submit a resume and cover letter electronically. We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.

Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal and zinc, as well as investments in energy assets. Teck has been named one of Canada’s Top 100 Employers for seven consecutive years. Teck has also been named to the Forbes list of the World’s Best Employers for the past two years and is one of Canada's Top Employers for Young People. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.

Learn more about Teck at www.teck.com or follow @TeckResources