The Manager, Cyber Architecture, Strategy & Design is the lead role in defining and assessing Teck's security strategy, architecture and practices. They will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services across both IT and Industrial OT environments.
The Manager will be an advocate of security requirements and objectives with constituencies, while also ensuring that security architecture and practices do not infringe on the needs of the business. Specifically, they will serve as the technical sounding board for the CISO's interaction with other line-of-business constituencies across Teck. The successful Manager is encouraged to evaluate new services, vendors, applications and security tools, among other items, from a technical perspective and translate the risk characteristics of these activities and functions into enterprise risk terms that the CISO can communicate to their colleagues.Responsibilities
- Be a courageous safety leader, adhere to and sponsor safety and environmental rules and procedures
- Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are aligned with business, technology and threat drivers across both IT and OT environments.
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
- Develop and maintain security architecture artifacts (models, patterns, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security strategy plans and architecture artifacts.
- Participate in application and infrastructure projects to provide security planning advice.
- Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO or the individual responsible for overall security direction.
- Identify baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM).
- Develop standards and practices for data encryption and tokenization within Teck based on our data classification criteria.
- Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
- Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the organization.
- Participate in vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset and guidance from the CISO or other executive management.
- Conduct application reviews to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
- Coordinate with DevOps teams to advocate secure coding practices and raise concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction.
- Coordinate with the privacy officer to detail data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
- Validate IT and Cloud infrastructures and other reference architectures for security best practices, and recommend changes to improve security and reduce risk where applicable.
- Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPS), web application firewalls (WAF), anti-malware/endpoint protection systems, etc.
- Review network segmentation to ensure zero-trust/least privilege for network/cloud access.
- Conduct reviews of and supervise the change management function for security rule sets.
- Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
- Support the testing and validation of internal security controls as advised by the CISO or IA team.
- Review security technologies, tools and services, and make recommendations to the broader security team for their use based on security, financial and operational metrics.
- Coordinate with operational and facility-management teams to assess the security of operational technology and Internet of Things (IoT) systems.
- Liaise with other security architects and security practitioners to share standard methodologies and insights.
Why Join us?
- Bachelor's or master's degree in computer science, information systems, cybersecurity or a related field.
- Expert-level experience in using architecture methodologies such as SABSA, Zachman and TOGAF
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on applications, infrastructure and cloud services
- One or more of the following security certifications: CISSP, CISM, CISA, TOGAF, GAIC
- 5 - 10 years of experience as a cyber security architect that encompasses the following:
- Cloud Computing Security
- WAN Security
- Application Security
- Endpoint Security
- Logging and Monitoring
- Third Party Risk Management
- Governance, Risk and Compliance
- Cyber Incident Response
- Full-stack knowledge of IT infrastructure:
- Operating systems (Windows, Unix and Linux)
- IP networks (WAN, LAN)
- Storage networks (Fibre Channel, iSCSI and network-attached storage)
- Backup networks and media
- Direct experience designing IAM technologies and services (e.g., Active Director, LDAP, Amazon Web Services[AWS] IAM)
- Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
- Change management
- Configuration management
- Asset management
- Incident management
- Problem management
- Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS and Microsoft Azure)
- Validated experience with the following regulations, standards and frameworks:
- Sarbanes-Oxley Act
- General Data Protection Regulation (GDPR)
- Privacy Principles (best practices)
- International Organization for Standardization (ISO) 27001/2
- ISA 62443
- National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF)
- Background in manufacturing, mining or energy/utilities sectors are preferred.
At Teck, we offer more than just a job - we provide a pathway to personal and professional enrichment. With captivating projects set against stunning backdrops, a culture of inclusivity and collaboration, and boundless opportunities to learn and grow, joining us means embracing a fulfilling and dynamic career adventure.
Teck employees receive access to our total rewards program and comprehensive benefits package that promote physical, mental, financial, and emotional well-being. This includes but is not limited to:
- Annual Performance Bonus
- Profit Share Plan
- Health Spending Account
- Personal Spending Account
- Extended Health Care
- Dental and Vision Care
- Employer Paid Pension Plan
- Life Insurance and Disability Coverage
- Paid Sick Leave, Vacation and Holidays
- Virtual Telemedicine and additional support for overall well-being
- Employee and Family Assistance Program (EFAP)
$141,000 - $175,000
The actual base salary offered is determined based on the successful candidate's relevant experience, skills, and competencies and considers internal equity.About Teck
At Teck, we value diversity. Our teams work collaboratively and respect each person's unique perspective and contribution. Qualified applicants interested in joining dynamic team are encouraged to submit a resume and cover letter electronically. We wish to thank all applicants for their interest and effort in applying for the position; however, only candidates selected for interviews will be contacted.
Teck is a diversified resource company committed to responsible mining and mineral development with major business units focused on copper, steelmaking coal and zinc, as well as investments in energy assets. Teck has been named one of Canada's Top 100 Employers for the six consecutive years. Teck has also been named to the Forbes list of the World's Best Employers for the past two years and is one of Canada's Top Employers for Young People. Headquartered in Vancouver, Canada, its shares are listed on the Toronto Stock Exchange under the symbols TECK.A and TECK.B and the New York Stock Exchange under the symbol TECK.
Learn more about Teck at www.teck.com or follow @TeckResourcesJob Segment:
Cyber Security, Developer, Cloud, Coal Mining, Security, Technology, Mining
Apply now »
Law Enforcement and Security