Government Services - Cybersecurity Operations Analyst

Location of Work: To Be Determined

Status: Permanent Full-time

Closing Date: April 2, 2026

Core Functions

The Cybersecurity Operations Analyst is a hands-on, operational role responsible for maintaining the organization’s daily defensive posture, technical integrity, and IT security compliance. The incumbent ensures that security policies are effectively implemented and that technical remediation activities are completed promptly across all systems.

This role serves as the primary functional bridge between cybersecurity strategy and technical execution. The incumbent acts as a proactive player-coach—triaging threats, performing system-level security tasks, and leading internal efforts to resolve vulnerabilities identified through external audits and the 24/7 Security Operations Center (SOC).

Functional Responsibilities:

Act as the primary technical point of contact for external security audits. Review audit findings, develop remediation plans, and bring systems into compliance.

Manage all reports generated by the SOC. Analyze vulnerability data, prioritize critical risks, and ensure they are resolved through hands-on configuration changes or coordination with the infrastructure team.

Identify, contain, and conduct initial mitigations of system compromises. Act as a key technical participant during crisis management protocols for security incidents, providing deep-dive analysis and reporting on breach vectors.

Act upon existing security reports while developing customized, enhanced reporting to proactively "trap" threats, identify hidden system weaknesses, and detect patterns of unauthorized activity.

Perform regular verifications of user permissions and directory standards (Microsoft Entra ID/Active Directory). Challenge departmental managers on access necessity (Principle of Least Privilege) and perform manual cleanups of stagnant or guest accounts.

Serve as a secondary level escalation point for security-related tickets.

Review new software and hardware requests from the BA or PM teams. Evaluate solutions against security standards and assist in creating secure configuration and operational build books.

Assist in internal and external audits by gathering evidence and implementing corrective actions.

Serve as the operational liaison between cybersecurity leadership and technical teams.

Provide technical guidance on secure configurations and best practices.

Support cybersecurity awareness initiatives and provide technical insights as needed.

Identify gaps in operational security processes and recommend enhancements.

Stay current on emerging threats, technologies, and industry trends to improve security posture

Interaction/Communication Responsibilities:

Assist the Manager of Technical Support Services by directly intervening in complex technical threats, malware removals, or system faults.

Monitor the progress of security-critical tasks assigned to other teams.

Provide formal follow-ups to ensure tasks like offboarding and system decommissioning are completed per policy.

Administrative Responsibilities:

Maintain up‑to‑date documentation for procedures, playbooks, and operational processes.

Support adherence to cybersecurity policies, standards, and regulatory requirements.

Review, develop, and deliver security awareness training materials for both technical staff and end-users.

Contribute to the development of incident response plans, operational workflows, and playbooks.

Maintain up-to-date knowledge and skills in area(s) of responsibility.

Perform other duties as required.

QUALIFICATIONS

Education and Certification:

Bachelor’s degree in Information Technology, Cybersecurity, or a related field.

Relevant certifications (e.g., CISSP, CISM, Security+) are preferred.

Experience

Three to five years of experience in information security or a related field, showcasing a solid foundation in security practices.

Proven track record in conducting risk assessments and implementing effective security measures, successfully mitigating security risks

Language:

Fluency in English is required.

Fluency in verbal Cree and French is an asset

Knowledge and Abilities:

Strong understanding of network and system administration fundamentals.

Experience with vulnerability management and patch management processes.

Ability to analyze logs, investigate alerts, and respond to security incidents.

Knowledge of common security frameworks (e.g., NIST, CIS, ISO 27001).

Strong analytical and troubleshooting abilities.

Ability to work under pressure during security incidents.

Excellent communication and documentation skills.

Proactive, detail-oriented mindset with a strong sense of ownership.

Collaborative approach with the ability to work across multiple technical teams.

Additional Requirements

Typical office setting where there are no unusual physical demands.

Willingness to travel occasionally.

Availability to respond to operational issues outside of regular hours, as needed.

The Cree Nation Government may, at its discretion, waive any or all of the aforementioned requirements if a suitable candidate who is a JBNQA beneficiary accepts to follow a training plan determined by the Cree Nation Government as a condition of employment.