Who we are. At Mercer International Inc., our vision of transforming biomass into bioproducts for a more sustainable world is being realised every day. We are a diversified global producer of forest products, bioproducts, and green electricity with operations in Canada, Germany, Australia, and the United States. We have a consolidated annual production capacity of approximately 2.2 million tonnes of kraft pulp and 550 million board feet of softwood lumber.
What we believe. We believe that a culture of diversity and inclusion is critical in making the best decisions for our people and achieving sustainable business success. Together, we encourage, support, and celebrate the diverse voices of our employees. We strive to provide an inclusive culture by fostering an environment of mutual respect, fairness, and by providing opportunities to contribute and grow.
Position Description
Reporting to the Director, Cyber Security, the Cyber Security Coordinator will be responsible for supporting Mercer’s company-wide cyber security program, operations and projects with a focus on Canada and the US. They will lead cyber incident response and investigations and act as a security champion for IT and other teams. The Cyber Security Coordinator will utilise hands-on technical and cyber skills with communication and coordination skills to protect Mercer from cyber threats while meeting the business needs of the company. This position is located at our Corporate Head Office in Vancouver, BC.
Responsibilities
- Supports the cyber security program, operates security tools, and creates, executes and manages security processes.
- Monitors information security related events, detects and responds to alerts and incidents.
- Analyses security-related logs to identify threats, anomalies and incidents.
- Assesses cyber security exposures of Mercer’s information technology systems. Conducts cyber investigations and prepares detailed reports.
- Leads cyber incident response, works with external IR partners.
- Conducts cyber investigations, performs and coordinates mitigation activities, performs high-level forensic analysis, and engages with external cyber security vendors for detailed forensic review checks.
- Coordinates cyber-related activities across North American operations, serves as the cyber security expert for the region.
- Ensures the security of Mercer’s data and systems on-premises and in the cloud. implements and supports a cloud-aware security architecture and implements appropriate security tools.
- Leads the vulnerability management process; remains current with new cyber vulnerabilities, performs vulnerability assessments, analyses findings, provides detailed reporting, establishes priorities, and implements and coordinates remediation activities.
- Assists in the development of cyber-related reports and KPIs. Collects and analyses data generated by systems and produces required reports and KPIs for designated audiences.
- Supports the delivery of security awareness programs: develops training and exercises. Builds, plans and runs awareness campaigns, reports on results, and provides recommendations.
- Supports the development, documentation, testing, implementation, and enforcement of cybersecurity policies, standards, processes, methodologies, and controls.
- Remains current with cyber security and threat’s landscape, analyses industry trends, and identifies potential impact to Mercer’s technology systems and operations.
- Other duties as assigned.
Qualifications and Experience
- Minimum of 3 years of cyber security experience.
- Bachelor’s degree in Computer Science or other equivalent Information Technology and Cyber Security related studies. An equivalent combination of training and/or experience may be considered.
- Proven experience in security operations. Security Operations Centre (SOC) experience is an asset.
- Information security certifications are preferred (CISSP, CISA, GIAC).
- Experience with delivering end-user’s security awareness training and tests.
- Strong knowledge of modern cloud-based collaboration and productivity tools. Knowledge of Google Workspace is an asset.
- Demonstrated knowledge of Cyber Security and IT technologies, such as anti-malware and endpoint protection, firewall, email security, IPS, SEIM, AD, Windows security, network security, disaster recovery, incident response.
- Knowledge of cyber security industry standards, such as NIST, ISO, CIS, etc.
- Knowledge of public cloud platforms, relevant security tools and cloud security architecture.
- Demonstrated ability to influence outcome without direct authority. Ability to explain cyber security risks and concepts to technical and non-technical audiences.
- Strong verbal and written communication skills.
- Excellent interpersonal skills and the ability to work independently and as part of a team.
- Strong organisational and time management skills with the ability to prioritise and manage several time-sensitive issues at a time.
- Ability to apply project management methodology and deliver assigned tasks within scope and schedule.
- Required to travel to Mercer’s locations in Canada and internationally.
Benefits
- The salary for this position is $110,000 – $140,000 CAD. Salary will be commensurate with education and experience.
- Our group benefits package, which has no waiting period, includes extended health and dental benefits, in addition to a Health Care Spending Account and a fitness allowance.
- RRSP – We provide a competitive RRSP contribution plan, with base contributions made by Mercer which can be supplemented with personal contributions matched by the company up to a certain %.
