TELUS Agriculture & Consumer Goods is a great place to work. You can see it in our team members. The diversity of the team and their unique contributions set us apart from the competition. Our success is based as much on our future-friendly team as the innovative technology solutions we offer.
We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. Our team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.
We are committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cyber security posture. We manage our cyber risks and provide industry leading cyber governance, assurance and oversight to secure our data. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.
Here’s the impact you will make and what we will accomplish together
Your goal in this position is to proactively protect our organization's information systems and applications by minimizing security risks before they can be exploited. Your primary objective is to reduce the organization's attack surface by identifying, assessing, and driving the remediation of vulnerabilities before they can be weaponized by threat actors. Through comprehensive risk assessment initiatives, continuous monitoring, and supporting our penetration testing program, you aim to strengthen our organization's security posture, ensure business continuity, and minimize the likelihood of security breaches, ultimately serving as the first line of defense in maintaining the organization's cyber resilience from both an offensive and defensive perspective.
Here’s how:
As an experienced security professional with strong collaboration and communication skills, your core focus will be on vulnerability management and supporting our offensive security program. Additional SecOps support may also be required from time to time. You’ll interface with all security teams including security architecture, offensive security, cloud platforms and DevSecOps. You will have a broad understanding and expertise to operate across a number of the noted areas of security:
Security operation - Vulnerability Management:
● Gather and document service and product information from application and system owners to assist in threat risk analysis.
● Implement, administer, and support web application and infrastructure vulnerability scanning tools working with vendors as required.
● Implement and support security solutions to secure web hosting environments.
● Work directly with application and system owners to perform web application and infrastructure vulnerability scans.
● Report on vulnerabilities found for system owners and administrators, providing recommendations for mitigation. Work with the support teams to prioritize remediation to align with security SLA.
Offensive Security:
● Support the organization's Offensive security program by planning, coordinating and facilitating our 3rd party and internal penetration testing activities.
● Work with defensive teams to improve overall security and incident response capabilities.
● Review detailed reports on findings and work with engineering teams by providing recommendations for improving security posture.
● Stay updated on the latest attack techniques, tools, and vulnerabilities to effectively simulate current threats.
Other:
Security Operations - Threat prevention:
● Manage the policy and playbooks interfacing with managed security prevention services spanning EDR, NDR, and MDR.
● Manage the policy and implementation for threat prevention tooling spanning at least 3 of the following; endpoint security, network security, identity and access, application security and data security.
● Manage Security and Awareness systems such as Beauceron
Security monitoring and Incident Response:
● Work with offensive testing leads and managed security service providers to perform threat hunting activities.
● Monitor security events within SIEM , driving the investigation, escalation and triage of incidents.
● Alerting any incident or potential incident (Crowdstrike, Covalence, Obsidian, etc…)
● Act as a security incident response responder in support of cyber incidents In Partnership with Security Architecture and Offensive Security.
● Perform detailed examination of alerts to determine if true or false positives
● Develop and maintain playbooks and SOPs for security events or incidents
● Assist in the investigative process by gathering information regarding intrusion activities and generate accurate incident reports.
● Conduct 3rd party software assessments.
What you bring to this role:
A strong knowledge of information security. With the cybersecurity field evolving at a dramatic pace, staying updated with the latest advances is essential. You will have the ability to acquire knowledge of the latest practices and techniques and stay ahead of your adversaries by “thinking like an adversary”. You will also possess strong analytical skills. You will be able to precisely observe IT systems and applications to determine any upcoming risks to tackle them proficiently. The successful candidate will also be a forward thinker. You will possess the creative skills to identify future dangers and discover appropriate solutions to combat any adverse situations that may impact TELUS Agriculture & Consumer Goods. A qualified candidate will also possess the following:
● An insatiable appetite for new and emerging security technologies
● Previous working experience as a Security Analyst (offensive and defensive) for minimum 3 years
● BA in IT specializing in Cybersecurity, IT or Computer Science
● Advanced knowledge of security controls implementation.
● Advanced knowledge of vulnerability management including remediation of CVE’s, and executing proactive threat hunting.
● Advanced writing skills (Technical and non-technical).
● Practical Cloud security experience with appropriate certification spanning (Azure, AWS, GCP)
● Experience with Vulnerability Scanning tools such as Nessus, Burp Suite, and Tenable
● Experience with ASM
● Knowledge and practical experience any of the following OWASP top 10, OWASP Web application Security Testing Guide (WSTG), OWASP (Mobile) Application Security Verification Standard (MASVS/ASVS), BSIMM, and OpenSAMM
● Experience working on enterprise Cloud services deployments (SaaS, PaaS, IaaS) and understand security challenges involved in Cloud migration, adoption and operation
● Knowledge of application security, software development with security concepts and integration into the development pipelines.
● Experience across SCA, SAST, DAST, and IAST
● Experience with application security capabilities including Web Application Firewalls, DDoS mitigation, Bot prevention, and associated threat management controls
● Knowledge of security and industry standards (e.g., ISO, NIST, ITIL, etc)
● Advanced knowledge of application development processes and at least one programing or scripting language (e.g., Java, Scala, C#, Ruby, Perl, Python, PowerShell)
● Experience with Cloud based security tools (CSPM, CWPP)
● Solid analytical skills
● Solid understanding of firewalls, IDS, PKI, and cryptography
● Basic understanding of CI/CD pipelines
● Ability to multi-task and manage competing priorities using sound judgment
● Enjoy team collaboration and information sharing
● Superior collaboration skills to easily translate technical jargon into business language
● Applicable knowledge of Windows client/server, Unix/Linux systems, Mac OS X
Nice to haves
● Leading security certifications such as CISSP, CISM, CEH, GCIH/ECIH etc...
● Experience working on a fast paced security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
● Hands on Threat modeling, security risk assessment experience is a plus
Join us
Collectively, our talented team and integrated solutions uniquely position us to transform collaboration within the industry at a global level, empowering and connecting producers to consumers for a more efficient, sustainable future.
Everyone belongs at TELUS Agriculture & Consumer Goods. It doesn’t matter who you are, what you do or how you do it, at TELUS Agriculture & Consumer Goods, your unique contribution and talents will be valued and respected. Because the more diverse perspectives we have the more likely we are to crack the code on what our customers want and our communities need.
Do you share our passion for enabling remarkable human outcomes?
Together, let’s make the future friendly.
Accessibility
TELUS Agriculture & Consumer Goods is proud to foster an inclusive culture that embraces diversity. We are committed to fair employment practices and all qualified applicants will receive consideration for employment.
We offer accommodation for applicants with disabilities, as required, during the recruitment process.