Manager - Information Security Management
Your Opportunity:
The Cyber Security Team Manager leads a multi-disciplinary cyber security team responsible for day-to-day security operations, incident response coordination, and continuous improvement of detection, response, and preventative security controls. The role ensures timely identification, analysis, containment, and recovery from cyber threats, while partnering with IT and business stakeholders to reduce enterprise cyber risk and improve security resilience.
Description:
Security Operations & Incident Management Oversees security monitoring and triage across SIEM, EDR, network, and cloud environments to ensure timely detection of threats and policy violations. Establishes and maintains alert handling, escalation, communications, runbooks, and on‑call coverage. Continuously improves SOC operating model, staffing, and performance against SLAs and KPIs. Acts as Incident Commander or delegate for cyber incidents, coordinating containment, eradication, recovery, evidence preservation, and post‑incident reviews. Leads threat hunting, root cause analysis, and maintains incident response playbooks, tabletop exercises, and lessons‑learned actions. Security Controls & Tooling Manages lifecycle, tuning, and effectiveness of security tooling, including SIEM use cases, EDR policies, SOAR automation, and vulnerability management workflows. Partners with infrastructure, cloud, identity, and application teams to implement and validate security controls and logging. Drives automation of enrichment, triage, ticketing, and response actions to improve efficiency and consistency. Governance, Risk & Leadership Provides operational input to cyber risk assessments, security exception reviews, and control testing. Produces executive‑level reporting on incidents, threats, vulnerabilities, and control health, translating technical risk into business impact. Liaises with vendors, managed service providers, and internal stakeholders in a matrixed environment. Recruits, coaches, and develops staff; manages staffing, schedules, and coverage for BAU operations and major incidents; and contributes to planning, budgeting, training, and special project.
- Transition Company: Health Shared Services
- Classification: Program Manager
- Union: Exempt
- Unit and Program: IT, Information Risk Management
- Primary Location: CN Tower
- Location Details: Eligible to work remotely within Alberta
- Negotiable Location: Provincial
- Employee Class: Regular Full Time
- FTE: 1.00
- Posting End Date: 13-MAY-2026
- Date Available: 25-MAY-2026
- Hours per Shift: 7.75
- Length of Shift in weeks: 2
- Shifts per cycle: 10
- Shift Pattern: Days
- Days Off: Saturday/Sunday
- Minimum Salary: $44.17
- Maximum Salary: $75.70
- Vehicle Requirement: Not Applicable
Diploma or degree in information security, cybersecurity, computer science, information systems, or a related discipline (or equivalent combination of education and experience). Relevant industry certifications are strongly preferred (e.g., CISSP, CISM, GIAC (GCIH/GCFA/GCIA), CEH, Microsoft/AWS/Azure security certifications). Post-secondary degree in cybersecurity or related field. Advanced certifications (e.g., CISSP, CISM, GIAC) and formal incident response or digital forensics training.
Additional Required Qualifications:
5+ years of progressive experience in cyber security, including security operations (SOC), incident response, and operational security controls. 3+ years of people leadership experience (hiring, performance management, coaching and development) in a technical environment. Hands-on familiarity with SIEM platforms (e.g., Splunk, Sentinel, Securonix), EDR tools, vulnerability management, and threat intelligence feeds. Experience operating in hybrid environments (on-premises and cloud) and collaborating with infrastructure, identity, and application teams. Ability to run command-and-control activities during incidents, manage competing priorities, and communicate clearly to technical and non-technical audiences. Demonstrated experience establishing metrics and reporting to measure effectiveness (e.g., MTTD, MTTR, alert quality, incident trends).
Preferred Qualifications:
Experience implementing or optimizing SOC processes, use-case engineering, and SOAR automation workflows. Experience with security governance activities (risk assessments, control testing, audit support). Project/change management experience deploying new security tools or improving enterprise processes.
Please note:
All postings close at 23:59 MT of the posting end date indicated.
Security Screening:
A satisfactory criminal record check and/or Vulnerable Sector Search is required prior to your first day of work. Additionally, all employees have an ongoing duty to disclose any charges or convictions that may occur during their employment with AHS.
Healthy Albertans. Healthy
Communities. Together.
We’re passionate about what we do. Our team of skilled and dedicated health care professionals, support staff, and physicians promote wellness and provide health care all across Alberta.
Everything we do at AHS reflects a patient and family centred approach; it’s about putting patients’ and families’ experiences, priorities and trust first.
We are an equal opportunity employer. AHS values the diversity of the people and communities we serve and is committed to attracting, engaging and developing a diverse and inclusive workforce.
