Security Analyst

BC Pension Corporation • Full-time • Victoria, BC, CA • 2d ago

Classification: Information Systems R24

Salary Range: $80,703.86 to $91,936.08 per annum (salary includes a 9.9% temporary adjustment)

Reports to: Team Lead, IT Security

Union/Excluded: BCGEU

Security Screening: Required

Job Type: Regular full time

Additional Info: An eligibility list to fill future vacancies may be established. Testing may be required. Lesser qualified applicants may be appointed at a lower level.

We are seeking a Security Analyst to join our SOC team in VICTORIA, British Columbia, Canada.

As a Security Analyst, you will work closely with business and technology stakeholders to ensure security requirements are embedded into systems, processes, and projects across the organization. You are responsible for protecting the confidentiality, integrity, and availability of corporate information systems by identifying, assessing, and mitigating cybersecurity risks. You will focus on investigating security incidents, threats, exposures and implementing security controls to mitigate risk; conducting Threat and Risk Assessments (TRAs); and developing, maintaining, and enhancing security policies, and standards.

Hybrid Work Model

This position is located in our Victoria, BC office. You will have the flexibility to work part of the time on-campus and part of the time off-campus. The requirement for on-campus presence is a minimum of 40% of your schedule in a month.

Additional requirements are determined by the role functions and operational needs of each business area.

About the Team

The Architecture, Information Management and Security branch (AIMS) provides enterprise architecture services, information management and security operations services to the BC Pension Corporation. AIMS delivers leadership around strategic technology planning and directly supports BC Pension's Plan 20|30 initiatives. As well, AIMS ensures the confidentiality, availability and integrity of all corporate information and data systems and is accountable for fully complying with relevant regulations, standards and legal frameworks. Additionally, AIMS is responsible for the operation of all enterprise cyber security solutions and the overall security of our IT systems and data, across the entire technology landscape.

Responsibilities

Supports threat, risk, and cost‑benefit analyses of systems, processes, and information‑sharing agreements to inform information security priorities and management decisions.
Researches, investigates, and analyzes security incidents, threats, and vulnerabilities, recommending and implementing appropriate risk‑reducing controls.
Contributes to the development and continuous improvement of corporate security policies, procedures, standards, and initiatives by identifying gaps in existing baselines and supporting the development of appropriate security controls and remediation strategies.
Supports security best practices into business processes, projects, and system designs.
Develops and maintains processes and procedures to support the delivery of security operations, including threat and risk assessments, incident response, control implementation, and ongoing security monitoring across all systems.
Ensures security requirements for new and enhanced systems are aligned with established security architecture, operational processes, and procedures.
Maintains awareness of emerging technologies, cybersecurity threats, and industry best practices through ongoing research and professional development, and provides informed recommendations on emerging risks and technology solutions
Represents the Cybersecurity team on projects, working groups, and task forces to ensure security standards are integrated; sensitive information is protected, and security awareness is promoted.
Collaborates with IT, security, and development teams to remediate identified security issues and support the ongoing security of systems and networks.
Monitors and investigates events from various tools such as IPS and Zero Trust SSE.

Qualifications

Must have

A degree or diploma in computer science or a related field. An equivalent combination of education, training and experience may be considered.
Security certification such as MS-SC200, or currently obtaining a similar security certification.
A minimum of three years of recent, related experience that includes the following:
Monitoring, identifying, and assessing security risks from both business and technical perspectives.
Working with security platforms, operational controls, and detection and response processes in modern, cloud‑enabled environments.
Supporting security investigations and incident response activities through analysis of system, network, and identity‑related events.
Supporting threat and risk assessments and supporting threat prevention activities, including vulnerability identification, remediation coordination, and security patching to reduce exposure and strengthen security posture.

Nice to have

Professional designation as a Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM), or equivalent.
Relevant certifications, such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), CompTIA Security+, CompTIA CySA+, GIAC Penetration Tester (GPEN), GIAC Security Essentials (GSEC), GIAC Certified Incident Handler (GCIH) or equivalent.

Knowledge, Skills and Abilities

Knowledge of cybersecurity principles and practices supporting security operations, including threat detection, incident response, vulnerability management, and risk mitigation across enterprise environments.
Knowledge of systems, networks, identity concepts, and communication protocols as they relate to monitoring, investigating, and responding to security events.
Knowledge of threat and risk assessment methodologies, common attack techniques, and current cybersecurity threats affecting modern, cloud‑enabled environments.
Knowledge of security controls, policies, standards, and operational processes used to protect sensitive information and corporate systems.
Strong analytical and problem‑solving skills to investigate security incidents, assess risks, identify vulnerabilities, and support remediation activities.
Ability to apply security tools, technologies, and operational processes to support monitoring, detection, response, and ongoing security improvement.
Effective communication skills, both written and verbal, with the ability to convey technical security concepts to technical and non‑technical stakeholders.
Strong documentation skills to support incident reporting, risk assessments, and security recommendations.
Ability to handle sensitive and confidential information with discretion, professionalism, and adherence to policy and legal requirements.
Ability to work collaboratively with IT, security, development, and business teams to address security issues and integrate security requirements into operations and projects.
Ability to prioritize and manage multiple security activities in a dynamic operational environment, including responding to incidents and supporting preventive security initiatives.

Application requirements

Cover letter: Please do not submit a cover letter; it will not be reviewed.

Resume: A resume is required as part of your application. Ensure your resume includes your education, the start and end dates (month and year) of your employment, and any relevant information that relates to the job requirements.

Questionnaire: As part of the application process, you will be prompted to complete an online questionnaire to demonstrate how you meet the job requirements. Responses will be used to shortlist applicants against the job requirements. Please allow approximately 15 minutes to complete this questionnaire.

Applications will be accepted until 04/27/2026, 11:59 PM PST. Late applications will not be considered.

Diversity & Inclusion

BC Pension Corporation is an equal opportunity employer committed to establishing an inclusive, equitable, and accessible environment for all. All qualified applicants will receive consideration for employment without regard to race, national origin, age, religion, disability, sexual orientation, gender identity or expression, marital status or any other basis protected by applicable law.

We are committed to ensuring that reasonable accommodations are made available to persons with disabilities during the recruitment, assessment and selection processes and will provide reasonable accommodations upon request. If you require assistance or accommodation due to a disability, please email us at jobs@pensionsbc.ca.

Thank you for your interest in working with us. We will let you know about your status in this competition as soon as possible. If you have questions about this opportunity, please email us at jobs@pensionsbc.ca.

About Us

BC Pension Corporation is one of the largest professional pension service providers in Canada. We serve over 780,000 active and retired members and more than 1,000 plan employers, paying out more than $540 million in benefits each month (over $6.5 billion a year) to over 240,000 retirees.

One in eight BC citizens is a member of one of the five pension plans we serve.

Services include providing plan information to members and employers, managing contributions and member records, paying pension benefits, and providing policy, financial and communication services to plan boards. We are a community of dedicated professionals who share common beliefs about client service and a desire to make our organization an even better place tomorrow than it is today.