CAN_Lead
Varite Voir toutes les offres
- Calgary, AB
- Permanent
- Temps-plein
TransAlta is seeking an experienced Onsite SOC Lead to lead day to day Security Operations and Incident Response for a critical energy environment.
This role will be the primary onsite security leader responsible for operational execution| incident management| stakeholder communication| and continuous improvement of SOC maturity.The SOC Lead will play a key role in TransAltas transition to a scalable| platform led SOC model with strong automation| analytics| and executive visibility.Key Responsibilities:
SOC Operations and Leadership:
Lead onsite Security Operations Center activities on a daily basis
Own Tier 1 through Tier 3 incident triage| investigation| and containment coordination
Ensure continuous twenty four by seven monitoring aligned to agreed SLAs
Drive reduction in Mean Time to Detect and Mean Time to Respond
Act as the primary onsite point of contact for security operationsIncident Management:
Manage end to end incident lifecycle including escalation and resolution
Lead coordination with IT| infrastructure| and application teams during incidents
Provide clear and timely communication to business and executive stakeholders
Conduct post incident reviews and root cause analysisPlatform and Technology Oversight:
Lead operations on the Sentinel SecOps platform
Oversee log ingestion| correlation| enrichment| and analytics across IT environments
Ensure effective use of SOAR playbooks and automation for response
Validate and tune detection use cases aligned to energy sector threats
Support roadmap planning for OT and ICS log onboardingThreat Intelligence and Proactive Defense:
Integrate threat intelligence into detection and response workflows
Enable proactive threat hunting aligned to energy sector risks
Leverage AI and analytics assisted triage and investigation workflowsGovernance and Reporting:
Produce operational metrics| dashboards| and monthly reporting
Track alert volumes| incident trends| and platform performance
Support SOC governance and continuous improvement initiativesRequired Experience:
Proven experience leading SOC operations in enterprise or critical infrastructure environments
Strong hands on experience with SIEM platforms such as Sentinel| Chronicle| or equivalent
Experience with incident response| threat detection| and SOC workflows
Strong understanding of SOAR and security automation
Excellent communication and stakeholder management skills
Ability to work onsite and lead during high pressure incident scenariosPreferred Experience:
Experience supporting energy| utilities| or industrial environments
Exposure to OT or ICS security monitoring concepts
Experience working with CISO level stakeholders
Familiarity with hybrid IT and cloud security monitoringSuccess Criteria:
Stable and reliable SOC operations
Improved detection and response timelines
Successful adoption of platform led SOC operations
Positive stakeholder engagementSkills: Cyber SecurityExperience Required: 8-10 YearsSkills: Category Name Required Importance Experience
SkillCategoryTest1_MN Cyber Security Yes 1 7+ years