A workplace powered by you
At BC Hydro, we’re working towards creating a cleaner and more sustainable future for all British Columbians and need
people like you to help us. A career at BC Hydro is meaningful and provides you the opportunity to be part of a talented,
inclusive, and diverse team. We offer a healthy work-life balance, competitive wages, a comprehensive benefits package,
and training opportunities to support you in your career growth. We're proud to be ranked as one of B.C.'s Top Employers
and one of Canada's Best Diversity Employers.
We invite you to join us as we build an even cleaner B.C. We welcome applications from all qualified job seekers. If you’re a
person with a disability, please let us know by emailing RecruitmentHelp@bchydro.com, as adjustments can be made to
help support you in your application process.
IT Advisor (Cybersecurity Operations)
Number of positions: 1 Job Location: Dunsmuir 08
Employment type: Permanent Region: Lower Mainland
Hours of work: Full-time (37.5 hrs/wk) Flexible Work Role: Hybrid
Annual salary: $ 107,000.00 - 135,300.00
Position Highlights
BC Hydro is seeking a talented individual, with a range of skills and experience, to join its cybersecurity operations team.
The team is responsible for defending, detecting and responding to cyber incidents, managing threat and vulnerability, and
overseeing or directly supporting security platforms such as SIEMs, firewalls, and anti-virus systems. The team is often
consulted on matters of security requirements and design, and there are opportunities to participate on projects.
This positions will appeal to individuals who want to make a difference, who are naturally curious, driven, and who possess
a strong security aptitude and positive attitude. Personal growth is important at BC Hydro and so all team members have
the opportunity to undertake different roles within the team based on your skill set and the needs of the team.
BC Hydro offers a complex and challenging technical environment facing advanced threats. We can all but guarantee that
you will never be bored!
What you'll do
As a member of the Cybersecurity Operations team, you may be expected to perform a combination of the following tasks:
Incident Detection & Response
- Investigate, analyze, and respond to cyber incidents across IT and OT environments.
- Assist with the development of new analytic methods/correlation rules for detecting threats and incidents.
- Perform event correlation using information gathered from a variety of sources within the enterprise to gain situational
awareness and determine the effectiveness of an observed attack.
- Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse
activities and distinguish these incidents and events from benign activities.
- Analyze identified malicious activity to determine weaknesses exploited, exploitation methods, effects on system and
information.
- Determine tactics, techniques, and procedures (TTPs) for intrusion sets.
- Analyze, isolate, and remove malware.
Cyber Defence
- Use data collected from a variety of cyber defense tools (e.g. endpoints, cloud workloads, firewalls and network logs) to
analyze events that occur within their environments for the purposes of detecting and mitigating cyber threats.
- Administration of SIEM platforms; develop and create dashboards, queries, reports, and alerts to enhance log analysis
and threat detection and response.
- Perform cyber defense trend analysis and reporting.
- Lead focused initiatives to quickly address key cybersecurity challenges.
- Drive implementation of new features in cyber defense tools.
- Coordinate mitigation efforts for urgent threats identified from various sources such as intelligence reports.
- Use cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.
- Assist in the construction of signatures which can be implemented on cyber defense network tools in response to new or
observed threats within the network environment or enclave.
- Develop content for cyber defense tools.