Lead, Cyber Threat Intelligence

Teck is a leading Canadian resource company focused on responsibly providing the metals essential for global development and the energy transition while caring for the people communities and land that we love.

Tecks two regional business units North America and Latin America are responsible for Tecks assets through all phases of safe sustainable development operation and closure. The business units are supported by enterprise-wide functions that set strategic direction establish standards and provide governance as well as supporting the business through shared services centres of excellence and business partnering.

We are seeking an experienced and proactive Lead - Cyber Threat Intelligence (CTI) to guide and mature our threat intelligence function within the Cyber Defence team.

Reporting to the Manager Cyber Threat Defence the successful candidate will oversee the collection analysis and dissemination of actionable intelligence to protect the organization against evolving cyber threats.

This role requires a highly analytical leader with deep subject-matter expertise strategic thinking and hands-on experience in tactical and strategic threat intelligence.

As Lead - CTI you will collaborate with security operations incident response risk management and executive leadership to ensure cyber threat insights drive informed security decisions. This is a senior role ideal for a proven expert with at least 10 years of experience in intelligence cybersecurity or a related field.

Dont miss out on this outstanding opportunity to be part of one of Canadas leading mining companies and join our team!

Responsibilities

Be a courageous safety leader adhere to and sponsor safety and environmental rules and procedures

Champion the 3 lines of defense model for risk management and act as a 2nd line of defense facilitator regularly interacting with the 1st defence line

Develop and execute the CTI program roadmap aligned with organizational security objectives.

Oversee intelligence collection from internal telemetry open-source intelligence (OSINT) commercial feeds government sources and the dark web.

Prioritize and assess threat actor campaigns TTPs and emerging vulnerabilities relevant to the business and industry.

Create and maintain threat actor profiles threat landscape assessments and sector-specific threat reports.

Collaborate with SOC incident response vulnerability management and executive stakeholders to ensure intelligence is operationalized.

Maintain and refine processes for intelligence validation dissemination and escalation.

Drive integration of MITRE ATT&CK and other frameworks into threat analysis and reporting.

Coordinate intelligence-sharing relationships with ISACs industry peers law enforcement and intelligence communities.

Deliver regular briefings and reports to both technical teams and executive leadership.

Implement and maintain automated threat intelligence scripts and workflows using Python PowerShell and other relevant languages

Integrate threat intelligence feeds and APIs into security systems to ensure real-time threat detection and response

Collaborate with the security operations team to develop automated threat seek missions as code

Ensure the integration of threat intelligence with SIEM SOAR and other security tools to improve threat detection and response capabilities

Determine document and curate threat intelligence requirements for the organization and its key partners while establishing critical metrics for the function

Maintain a threat intelligence collection plan to guide the functions processes and integrations

Provide context and enrich threat intelligence in order to sharpen the signal and its relevance to the organization

Qualifications

Minimum 10 years of experience in cyber threat intelligence cybersecurity operations or cyber defense roles.

Proven leadership experience in managing threat intelligence teams or functions.

Strong understanding of the cyber threat landscape adversary tactics techniques and procedures (TTPs) and threat actor motivations.

Expertise in MITRE ATT&CK diamond model kill chain and intelligence lifecycle frameworks.

Experience using tools such as MISP ThreatConnect Recorded Future Anomali Maltego or similar.

Ability to analyze synthesize and contextualize data from diverse sources into clear actionable insights.

Exceptional written and verbal communication skills; able to brief both technical and executive audiences.

Familiarity with SOC IR and vulnerability management workflows.

Coding and scripting skills in languages such as Python PowerShell or Bash

Experience with security automation and orchestration platforms (e.g. SOAR)

Understanding of APIs and integration techniques

Bachelors or Masters degree in Cybersecurity Intelligence Studies Computer Science or a related field

Certifications such as GCTI GCIA GCIH CISSP or equivalent preferred

Additional relevant certifications (e.g. CEH) are a plus

Why Join Us

Teck is a leading Canadian resource company focused on responsibly providing the metals essential for global development and the energy transition while caring for the people communities and land that we love.

At Teck we offer more than just a job we provide a pathway to personal and professional enrichment. With captivating projects set against stunning backdrops a culture of inclusivity and collaboration and boundless opportunities to learn and grow joining us means embracing a fulfilling and dynamic career adventure.

Teck employees receive access to our total rewards program and comprehensive benefits package that promote physical mental financial and emotional well-being. This includes but is not limited to :

Annual Performance Bonus

Profit Share Plan

Health Spending Account

Personal Spending Account

Extended Health Care

Dental and Vision Care

Life Insurance and Disability Coverage

Paid Sick Leave Vacation and Holidays

Virtual Telemedicine and additional support for overall well-being

Employee and Family Assistance Program (EFAP)

Salary Range : CAD $119340 - $147420

119340 - $147420 a year

Key Skills

Employment Type : Full-Time

Experience : years

Vacancy : 1

Lead Cyber Threat Intelligence • Toronto, Ontario, Canada