ABOUT THE ROLE
TransAlta is now hiring a Senior Analyst, Cybersecurity Operations to join our Cybersecurity team on a full-time basis, reporting to our Director, Cyber Security.
In this position you'll play a critical role in protecting essential energy infrastructure while helping shape a modern, resilient cyber defence program. You'll be empowered to lead vendors, innovate processes, and continuously improve how security operations are delivered across the organisation.
This position is based out of our Downtown Calgary Head Office, with the flexibility of a hybrid work schedule.
A DAY IN THE LIFE
In this role, you will:
- Lead the day-to-day operations of TransAlta's Cyber Defence functions, including SOC, IR, Threat Intelligence, Detection Engineering, and Security Validation
- Oversee the end-to-end incident response lifecycle, ensuring incidents are effectively triaged, investigated, escalated, and resolved
- Act as the primary operational sponsor for the outsourced MSSP/CSIRT, managing SLAs, KPIs, and service performance
- Leverage Threat Intelligence to enable and drive intelligence-led detection and response
- Mature Detection Engineering by designing, tuning, and validating detections aligned to MITRE ATT&CK
- Coordinate threat emulation, purple team, and validation activities to continuously test and strengthen defences.
- Drive automation across detection, investigation, and response workflows
- Define and track meaningful metrics such as detection coverage, MTTI, MTTR, and response effectiveness
- Collaborate with cybersecurity and technology partners to ensure tools and processes support operational goals
- Provide clear reporting and executive-level support during significant cyber incidents
ABOUT YOU
You are a cyber defence leader who brings both strategic thinking and hands-on operational experience. You have:
- 8+ years of cybersecurity experience, with a strong background in security operations, incident response, or threat intelligence
- Proven experience operating within or leading a hybrid security operations model that includes an outsourced MSSP/CSIRT
- Deep knowledge of SIEM, EDR/XDR, SOAR, and security telemetry across IT and (ideally) OT environments
- Hands-on experience building or maturing Detection Engineering capabilities aligned to MITRE ATT&CK
- A strong understanding of NIST CSF and modern cyber defence frameworks
- Experience driving practical automation and "security as code" approaches
- The ability to analyze complex cyber incidents and translate technical risk into business impact
- Strong communication skills and the confidence to lead during high-pressure situations
- A collaborative mindset with the ability to work effectively across technical and executive audiences
- A passion for continuous improvement, learning, and operational excellence
- Bachelor's degree in Computer Science, Engineering, Cybersecurity, or equivalent experience
- Experience across both IT and OT security environments is preferred
- CISSP, CISM, GCIH, GCIA, or equivalent is desirable
TransAlta Corporation
110 Twelfth Ave SW
Calgary
Alberta Canada
www.transalta.com
