Security Operations Consultant - TELUS Health Cybersecurity



Calgary, AB, Canada
Posted on Tuesday, May 30, 2023


We live in and work in a rapidly evolving digital world where cyber security is critical. Protecting information and ensuring the reliability of network and services is paramount. The TELUS Health CSO team strives to always be steps ahead, tackling the toughest cyber security challenges head-on with top talent and cutting-edge technology.

The TELUS Health CSO team is committed to providing excellence in securing our internal and customers’ data and systems, ensuring world-class reliability of security networks and systems, and improving our overall cyber security posture. We manage our cyber risks and provide industry-leading cyber governance, assurance and oversight to secure our data.

We partner with industry leaders to meet the cyber security needs of both TELUS Health and our customers to meet the demands of an increasingly complex and ever-changing cyber security landscape. We are passionate about learning and growing as individuals and as a team, all of which enables us to thrive in a dynamic, fast-paced environment.

Here's the impact you'll make and what we’ll accomplish together

As a Cyber Security Consultant, you’ll be keeping TELUS Health safe and protected by establishing, operating and maintaining security controls and processes, conducting security investigations and incident response. You’ll be part of a global team operating across multiple time zones supporting our clients across all TELUS Health services, solutions, and SaaS products.

What you’ll do

The role of the security analyst can span all areas of security operations, and interface with security architecture, offensive security, cloud platforms and DevSecOps. The analyst is not expected to perform all of the below, but to have a broad understanding and expertise to operate across a number of the noted areas of security.

Security operation - Vulnerability Management

  • Gather and document service and product information from application and system owners to assist in threat risk analysis
  • Implement, administer, and support web application and infrastructure vulnerability scanning tools working with vendors as required
  • Work directly with application and system owners to perform web application and infrastructure vulnerability scans, including performing pre-scan risk assessments to determine suitability for same
  • Implement and support host-based web-specific security solutions to secure web hosting environments
  • Security assessments through code reviews, automation and security architecture audits
  • Manage and implement various types of scanning (SAST, DAST, SCA,IAST, RASP) in TELUS Health CI/CD pipelines and ensure results are appropriately surfaced working collaboratively with developers

Security operation - Threat management

  • Monitor and research external threat intelligence and vulnerability feeds to identify new risks directly applicable to applications and application platforms in use by TELUS Health
  • Notify designated product managers of new or suspected critical or high risk vulnerabilities in enterprise systems
  • Report on vulnerabilities found in web applications and infrastructure for system owners and administrators, providing recommendations for mitigation. Work with the support teams to prioritize remediation to align with security SLAs

Security operation - Threat prevention

  • Manage and configure web application firewalls working with product development teams to define protection rules to mitigate identified vulnerabilities
  • Manage the policy and playbooks interfacing with managed security prevention services spanning EDR, NDR, and MDR
  • Manage the policy and implementation for threat prevention tooling spanning at least 3 of the following; endpoint security, network security, identity and access, application security and data security
  • Configure and manage Advanced Threat Protection modules within the TELUS Health Unified Threat Management security devices

Security monitoring and Incident Response

  • Work with offensive testing leads and managed security service providers to perform threat hunting activities
  • Monitor security events within SIEM, driving the investigation, escalation and triage of incidents
  • Act as a security incident response responder in support of cyber incidents

CSO Security engineering

  • Manage, develop, maintain, and keep secure the Cybersecurity internal communications web platform
  • Define and implement SIEM and SOAR requirements including onboarding log sources, development of manual and automated alerting and playbooks
  • Define and implement tools and processes to drive enhanced threat management, vulnerability management, threat prevention, security monitoring and incident response
  • Contribute to the creation and maintenance of security training

Product Security engineering - in partnership with architecture, cloud security and DevSecOps

  • Consult with users to determine their cybersecurity needs, analyze and review existing security solutions features and requirements
  • Implement security control automation and checkpoints to detect and prevent security issues early in cycle
  • Design tooling and frameworks to make adoption of security best practices easier for developers when working in our code bases

Product Security design - in partnership with security architecture and offensive security

  • Work with engineering and product teams in the design phase of products and features, conducting threat modeling and security architecture, design


What you bring

  • Mandatory requirement to obtain Government of Canada secret level clearance
  • An insatiable appetite for new and emerging security technologies
  • A natural detective-like curiosity about all things cybersecurity and security technology
  • Leading security certifications such as CISSP, CISM, CEH, GCIH/ECIH etc
  • Demonstrate an in-depth knowledge of a broad range of hardware and software products and SDLC concepts & tools such as DevSecOps, Ansible, Jenkins, Github, etc
  • Proven experience in the application security domain with secure OWASP development practices, automating application security testing tools and secure DevSecOps practices
  • Experience with SIEM tools such as Splunk and QRadar and SOAR tools
  • Experience managing alerts from EDR/MDR endpoint protection
  • Knowledge of penetration testing techniques and procedures with industry standard toolsets
  • Experience in the creation and update of incident response, playbooks, runbooks
  • Experience managing Data Loss Prevention technologies
  • Experience with Cloud based security tools (CSPM, CWPP)
  • Basic understanding of CI/CD pipelines
  • Ability to multi-task and manage competing priorities using sound judgment
  • Enjoy team collaboration and information sharing

Nice to haves

  • College diploma or university degree in Computer Science or related field
  • Experience working on a fast paced security team supporting product/engineering functions, cloud infrastructure, and corporate infrastructure development
  • Hands on Threat modeling, security risk assessment experience is a plus
  • Bilingual: English and French an asset