Cyber Security Analyst

Posted Tuesday, January 13, 2026 at 9:00 AM

Rocky View County values our employees and provides a welcoming and stable work environment where positive energy, creativity, and a service mindset are encouraged. We seek individuals who enjoy making a difference and contributing meaningfully to a vibrant community.Our valued and diverse team of 500+ employees are provided with the same concern, respect, and caring attitude as the 45,000 people who call Rocky View County home.

At Rocky View County we value employee work/life balance. Staff are provided with opportunities to grow professionally while being supported with paid training, a competitive salary, benefits after 30 days, 27 paid days off in their first year, plus general holidays, a pension plan, paid sick time, and a hybrid work environment for eligible positions.

The Cyber Security Analyst to safeguard municipal infrastructure, digital services, and critical IT/OT environments. This role leads the charge in monitoring, detecting, and mitigating cyber threats while proactively hardening Microsoft 365 and on-premises ecosystems. Beyond technical defense, the position serves as a key advisor in developing security policies and fostering a culture of cyber-awareness to ensure that staff and residents rely on secure, uninterrupted services.

• Monitor & Triage: Oversee SIEM and EDR alerts; investigate, contain, and remediate emerging threats.
• Incident Management: Execute incident handling playbooks and coordinate response efforts with departmental business owners.
• Threat Hunting: Proactively hunt for vulnerabilities using logs, telemetry, and intelligence from the Canadian Centre for Cyber Security (CCCS).
• Optimization: Continuously tune detections and use cases to improve accuracy and reduce false positives.

• Assessment: Conduct regular vulnerability scans, validate risk levels, and track remediation through to completion.
• Best Practices: Advise on secure configurations for Windows, M365, Azure, and cloud applications aligned with CIS Benchmarks.
• Infrastructure Security: Support patch governance and establish configuration baselines for all municipal assets.
• OT/SCADA Support: Provide monitoring and security support for water/wastewater SCADA networks; maintain strict segmentation and vendor access reviews.

• Identity Governance: Administer Entra ID (Azure AD), MFA, Conditional Access, and privileged access models (PIM) following a Least-Privilege principle.
• Communication Security: Maintain phishing protection, anti-malware, and DMARC/DKIM/SPF protocols.
• Endpoint & Network: Manage endpoint protection (Intune), firewall configurations, and access control systems.

• Strategic Alignment: Drive the County’s security program forward by aligning controls with NIST CSF, CIS Controls, and ISO/IEC 27001.
• Privacy & Records: Ensure all security operations and data handling align with ATIA and POPA requirements, maintaining forensic integrity and log retention for potential investigations.
• Risk Oversight: Maintain asset and risk registers; review and approve security exceptions and change requests.

• Act in a professional and responsible manner to protect the integrity of employees and the business of Rocky View County.
• Display a professional and ethical responsibility to protect privacy, use information appropriately, and maintain the confidentiality and security of all information related to employees, business, and residents of Rocky View County.
• Work in accordance with the requirements established by the RVC Health and Safety Program and the Alberta OHS Act, Regulation and Code.
• Take reasonable care to protect their health and safety and other persons at or in the vicinity of the worksite while they are working.
• Perform other duties and special projects as assigned.

A combination of a degree or diploma in Computer Science, InfoSec, or a related field (or an equivalent mix of education and experience) along with 5–7+ years in IT security operations or network/systems roles with hands-on incident response experience.

Previous experience in the public sector or municipal government is considered a strong asset.

• Deep understanding of the Incident Response Lifecycle.
• Advanced knowledge of Windows Security, Active Directory/Entra ID, and Network fundamentals (TLS, DNS, VPN).
• Proficiency in PowerShell for security automation.
• Ability to translate complex technical risks into clear reports for non-technical stakeholders.

• Required (within 12 months): CompTIA Security+ AND (Microsoft SC-200 OR AZ-500).
• Preferred: CISSP, CISM, GCIH (Incident Handler), or GICSP (Critical Infrastructure/OT).

• Demonstrated strong analytical rigor by remaining calm, methodical, and effective when leading the response to high-pressure security incidents.
• Maintain a service-excellence mindset, viewing security as a business enabler and using plain language to guide and empower staff across the organization.
• Uphold the highest standards of integrity, exercising absolute discretion and confidentiality when handling sensitive municipal data.
• Committed to continuous professional growth, actively staying ahead of the evolving threat landscape to protect the County's interests.
• Excellent communication and interpersonal skills, with the ability to explain technical concepts to non-technical users.
• Strong problem-solving and analytical abilities, with a focus on delivering practical and effective solutions.
• Demonstrated leadership and mentorship capabilities, with a commitment to fostering a collaborative team environment.
• Highly self-directed, with the ability to prioritize tasks, manage time effectively, and adapt to changing priorities.
• A customer-focused mindset, with a dedication to providing exceptional service and support.

We thank applicants for their interest. Only those selected for an interview will be contacted.

Closing Date: Open until a suitable candidate is found.