Job Information Job Title: Information Security Officer 1 Job Requisition: 79013 Ministry: Technology & Innovation Location: Remote across Alberta Full or Part-Time: Full Time Hours of Work: 36.25 hours per week Permanent/Temporary:Permanent Scope: Open Closing Date: April 28, 2026 Classifications: Systems Analyst Level 1 Salary range: $2,474.33 - $3,710.89/Biweekly ($64,580 - $96,854 / per year) Every member of Technology and Innovation strives to enable the success of our Ministry partners and Albertans through providing exceptional client focused services that meet and exceed our clients’ expectations. We are looking for collaborative, agile, solutions focused individuals with strong communication skills and a strong service orientation. If that describes you, please read on! To learn more about us, please visit our ministry’s web page (https://www.alberta.ca/technology-and-innovation.aspx) and Cybersecurity in Alberta (https://www.alberta.ca/cybersecurity-in-alberta.aspx). The passionate and solutions focused people that we hire help us to drive vital programs and services that affect Albertans. Whatever your position is here, you will be a part of something great. Join us! Role Responsibilities The Government of Alberta (GoA) is expanding its cybersecurity force and is actively recruiting talented professionals to join our newly established Log Management Team. We’re seeking strategic and forward thinking Information Security Officers (ISOs) at the ISO1 level. Multiple permanent positions are available within the Log Management Team in the Cybersecurity Division. As an Information Security Officer, you are tasked with protecting the confidentiality, integrity and availability of the Government of Alberta's (GoA) information assets. You are responsible for identifying, assessing, monitoring, detecting, investigating, researching, and responding to vulnerabilities, threats and incidents impacting the security of information assets. Log Management Team These positions, working with the Detection and Response team, protect Government of Alberta's information assets by collecting, monitoring, and analyzing logs for SIEM ingestion to support detection, investigation, and compliance. They ensure proper logging, retention, and protection, while enabling event correlation, anomaly detection, incident response, troubleshooting, audit readiness, and actionable insights. Responsibilities: Some of the responsibilities of these positions include, but are not limited to: • Collect, monitor, and analyze system, application, and security logs for SIEM ingestion. • Provide security advice, communicate cyber threats, and participate in projects as an SME. • Identify security requirements and develop strategies and solutions to address them. • Identify, assess, and treat vulnerabilities, threats, and risks; document in the IT Security Risk Register; and perform related research as requested. To be successful in these positions, you will demonstrate: • Ability to lead and remain calm in times of crisis. • Excellent verbal and written communication skills for executive briefings and technical discussions. • Demonstrated ability to collaborate effectively and secure alignment across multiple stakeholders. • A sense of curiosity to investigate root cause and identify options and a recommendation. • Analytical and problem-solving skills for complex environments. Role Responsibilities Continued AI-First Mindset These roles are designed with an AI-first approach to help you work smarter, not harder. You will leverage AI tools to: • Automate insights and personalize stakeholder engagement. • Create tailored, high-impact materials using AI-assisted content generation. • Develop and track KPIs using AI to surface trends and predict outcomes. • Demonstrate proficiency in utilizing AI to address complex problems and automate analysis of extensive datasets. If you’re passionate about safeguarding Alberta’s digital landscape and ready to contribute to high impact, mission critical work, this is an exciting opportunity to make a meaningful difference! Please click on this link to view the job description for the ISO1 position. APS Competencies Competencies are behaviors that are essential to reach our goals in serving Albertans. We encourage you to have an in depth understanding of the competencies that are required for this opportunity and to be prepared to demonstrate them during the recruitment process. This link will assist you with understanding competencies: https://www.alberta.ca/system/files/custom_downloaded_images/psc-alberta-public-service-competency-model.pdf. Some of the competencies critical for this position are: • Systems Thinking: You will consider the whole system when developing, evaluating and implementing process and technology change. • Creative Problem Solving: You will assess options and implications in new ways to achieve outcomes and solutions. • Agility: You will need to provide results in a complex, diverse and changing environment. • Develop self and others: A commitment to lifelong learning and the desire to invest in the development of the long-term capability of yourself and others. • Drive for Results: Knowing what outcomes are important and maximizing resources to achieve results that are aligned with the goals of the organization, while maintaining accountability to each other and external stakeholders. • Build Collaborative Environments: Leads and contributes to the conditions and environments that allow people to work collaboratively and productively to achieve outcomes. • Develop Networks: Proactively building networks, connecting, and building trust in relationships with different stakeholders. Qualifications Required: • Two (2) year diploma in Computer Science, Information Technology or a related field. Equivalencies: • A related one-year certificate from a recognized post-secondary institution and one year of related experience. (An industry-recognized certification from a credible source, such as ISC2, may be used in place of the 1-year certificate). Assets: • A recognized security certification (e.g., CISSP, CISM, CISA, CEH, GPEN or equivalent), or active progress toward certification. • Experience utilizing AI-enabled cybersecurity tools and techniques. • Experience in information systems security, IT infrastructure planning, and/or IT architecture. • Experience delivering information security services, supported by knowledge of cybersecurity tools, including: • Threat and risk identification, assessment, treatment, and management. • Incident monitoring, detection, and response. • Digital forensic investigations. • Information security awareness and training initiatives. • IMT disaster recovery planning and support. (Minimum recruitment standards outline the minimum education and experience required for appointment to a job classification. Refer to https://www.alberta.ca/alberta-public-service-minimum-recruitment-standards. Notes Term of Employment: Permanent full-time positions. Hours of Work: 36.25hrs/ week – Monday to Friday Location: Remote across Alberta These position are eligible for remote work. You must reside in Alberta to work remotely. A written assessment may be required as part of the interview process. Final candidates will be required to undergo enhanced security screening. Depending on the project, on-call rotation and overtime may be required. This competition may be used to fill future vacancies, across the Government of Alberta, at the same or lower classification level. Applicants are advised to provide a cover letter summarizing information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies. Additional Information: In your resume, please include dates (including months and years) associated with all education and work experience. As well, please indicate whether your work experience is casual, part-time, or full-time. For example, January 15, 2006 - June 25, 2009: Assistant (PT three 8 hrs. shifts/week). Any costs associated with obtaining the required documents/checks as noted or interview travel expenses, will be the responsibility of the candidate. Out-of-province applicants can obtain the required documents/checks from the province they currently reside in. Links and information on what the GoA have to offer to prospective employees. • Working for the Alberta Public Service - https://www.alberta.ca/advantages-working-for-alberta-public-service.aspx. • Public Service Pension Plan (PSPP) - https://www.pspp.ca. • Alberta Public Service Benefit Information - https://www.alberta.ca/alberta-public-service-benefits. • Professional learning and development - https://www.alberta.ca/professional-development-support-directive. • Research Alberta Public Service Careers tool – https://researchapscareers.alberta.ca. • Positive workplace culture and work-life balance. • Leadership and mentorship programs How To Apply Applicants are advised to provide information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies. Candidates are required to apply for a job online. Please visit https://www.alberta.ca/job-application-resources#before for more information. Please visit Recruitment Principles, for more information. In your resume, please include dates (including months and years) associated with all education and work experience. For example, January 2006 - June 2009 (part-time). This example is provided for illustrative purposes only. Applicants are encouraged to present their information clearly and thoroughly, using a format that best conveys their experience. It is recommended applicants who have completed post-secondary studies from outside of Canada obtain an evaluation of their credentials from the International Qualifications Assessment Service (IQAS)(https://www.alberta.ca/international-qualifications-assessment.aspx) or from a recognized Canadian Credential Evaluator; please visit the Alliance of Credential Evaluation Services of Canada for more information (https://canalliance.org/en/default.html). It is recommended that applicants include the assessment certificate from IQAS or any other educational assessment service as part of their application. Closing Statement This competition may be used to fill future vacancies, across the Government of Alberta, at the same or lower classification level. We thank all applicants for their interest. All applications will be reviewed to determine which candidates' qualifications most closely match the advertised requirements. Only individuals selected for interviews will be contacted. If you require any further information on this job posting or require an accommodation during the recruitment process, please contact Michelle Elliott and Michelle.Elliott@gov.ab.ca.

• Define and execute a multi-year Application Security roadmap aligned with business goals and industry best practices • Integrate threat modeling, security tools & testing (SAST, SCA, DAST, IAST, RASP, etc.), and secure by design processes into the SDLC (CI/CD pipeline) • Perform security architecture reviews for major product changes • Oversee the end-to-end AppSec vulnerability lifecycle (identification, prioritization, and remediation) • Direct and manage incident response for application security alerts/incidents • Lead the strategy for third-party penetration tests • Deliver executive-level dashboards and reports on application security posture and risk trends • Manage and mentor a high-performing team of AppSec engineers • Drive continuous improvement activities, and deepen leadership awareness of product and application security risks • Collaborate with Engineering and Product leads to embed security into the SDLC

• Own the product security research agenda for Chainguard scanning the broader ecosystem, identifying emerging attack patterns, and translating them into clear risks and opportunities for Chainguard and our customers. • Shape security direction across products and platforms, partnering closely with Product, Engineering, and Security leadership to embed your findings into roadmaps, architecture decisions, and long-term plans. • Operate as someone who sees the whole ecosystem, spots issues early, and helps others navigate with confidence (and just enough healthy paranoia). • Research emerging threats & trends in software supply chain and product security, and analyze their impact on Chainguard’s products and customers. • Design creative mitigations across people, process, and technology not just proof-of-concept demos, but pragmatic defenses that actually get adopted. • Lead large-scale, multi-quarter initiatives that materially reduce risk or improve our security maturity across multiple product lines and platforms. • Partner with executive and senior engineering leadership to drive org-level security strategy, influence key roadmap decisions, and secure buy-in for big, complex changes. • Identify systematic weaknesses (in systems, structures, and sometimes habits) and develop plans that fix root causes in ways that persist long after you’ve moved on to the next hard problem. • Mentor and uplevel others across Product Security and Engineering by helping teams think more strategically about threats, risk, and long-term security posture. • Represent Chainguard externally through talks, conferences, and thought leadership, sharing what we’re learning and helping move the industry forward.

• Prepare and configure laptops for new employees and keep devices up to date. • Perform onboarding and offboarding processes, ensuring the proper provisioning and deactivation of accesses and devices. • Manage the office infrastructure, including basic technical support and equipment maintenance. • Implement and monitor antivirus and MDM solutions, ensuring the security of company devices. • Create and implement automations to optimize manual and repetitive processes, contributing to the efficiency of IT and Information Security operations. • Participate in automation and continuous improvement projects, proposing solutions that bring agility to IT and Information Security routines.