• Assisting in evaluating the security posture of systems and networks, identifying vulnerabilities, and recommending mitigation strategies. • Identifying and assessing risks while maintaining the GoA’s Information Technology Security Risk Register. • Assisting in implementing security controls and measures to safeguard sensitive information and ensure compliance with security policies. • Monitoring security alerts, analyzing potential threats, and responding to security incidents to protect the organization's assets. • Analyzing the latest cybersecurity trends and threats, conducting research to support the development of effective security strategies. • Participating in disaster recovery planning and testing to ensure rapid response to incidents. • Supporting CyberAlberta initiatives and the development of training programs that increase cybersecurity awareness across the GoA.

Role Description The Investigations Division is responsible for reviewing and investigating allegations of misconduct, retaliation, or poor performance involving VA's senior leaders and whistleblower retaliation allegations against all VA supervisors. The Investigations Division makes recommendations for disciplinary, non-disciplinary, and corrective actions to leadership. - Serve as the first line supervisor and manage the day-to-day operations of a staff of investigators in the conduct of administrative investigations and related activities. - Supervise case management and provide technical advice on matters referred to OAWP for investigation. - Develop general investigative strategies and tactics to resolve complex investigative issues. - Investigate matters related to conduct, performance, attendance, whistleblower disclosure, and retaliation. - Investigate allegations of misconduct, retaliation, or poor performance involving: - Individuals in a senior executive position. - Individuals employed in a confidential, policy-making, policy-determining, or policy-advocating position in the Department. - Supervisory employees if the allegation involves retaliation against an employee for making a whistleblower disclosure. - Receive referred disclosures from the Office of Special Counsel (OSC), Medical Inspector, Inspector General, or other investigatory authorities and conduct investigations as appropriate. - Conduct high priority/sensitive fact-finding or investigations requiring tact, diplomacy, and extensive experience. - Make recommendations regarding the assignment, evaluation, and approval of the Director's investigative plan. - Develop, review, approve, coordinate, and distribute detailed reports as appropriate. - Participate in individual and/or group interviews to gather information and data. - Perform the full range of supervisory functions for a staff of investigators, including: - Directly supervising and developing performance plans. - Rating the performance of assigned staff. - Assigning work based on priorities, difficulty, workload, and employee capabilities. - Providing leadership, mentorship, training, and administrative oversight. - Identifying developmental and training needs of employees. - Provide presentations, briefings, case updates, and/or reports to the Director and Senior OAWP leadership. - Maintain communication between field personnel and the Director. - Prepare written communication on behalf of the Director regarding operational procedures. - Assist in oversight of the integrity of data input into OAWP's electronic official system of records. - Develop and/or edit written reports detailing all facts and circumstances affecting Investigations program planning and organizational improvements. - Advise/brief the Director on highly complex and sensitive investigations. - Ensure division employees adapt to changes and guidance in investigations. - Maintain and monitor the case management system for receipt and accountability of information regarding alleged misconduct. - Coordinate cases with internal staff and external offices such as OSC, OIG, MSPB, OPM, and others as requested. - Administer the proper opening and closing of administrative investigations. - Perform other duties as assigned. Qualifications - To qualify for this position, applicants must meet all requirements by the closing date of this announcement, 05/19/2026. - Applicants who are current Federal employees and have held a GS grade any time in the past 52 weeks must meet time-in-grade requirements. - For a GS-14 position, applicants must have served 52 weeks at the GS-13 level. - Specialized experience equivalent to at least the next lower grade GS-13 in the normal line of progression for the occupation is required. - Examples of specialized experience include: - Oversight of case management and provision of technical guidance on complex investigations. - Application of general investigative standards and principles. - Leadership in planning, prioritizing, and conducting investigative work. - Drafting clear, logical, and analytically sound written reports. - Conducting reviews of investigative reports and providing constructive feedback. - Maintenance of strict confidentiality. - Briefing senior leadership on high-impact cases. - Establishment and maintenance of professional relationships with stakeholders. Requirements - At least five years of experience leading and supervising administrative investigative teams focused on high profile, complex cases. - A track record of meeting or beating deadlines without compromising investigative integrity. - At least three years of supervisory experience conducting personnel actions. - Experience coordinating investigations with investigative attorneys. - Significant experience using e-discovery tools such as Relativity. - Exceptional ability to prioritize competing deadlines and utilize tracking systems. Benefits - Work schedule: Required to work Monday through Friday with various tours available pending supervisory approval. - Compressed/Flexible: May be authorized by supervisor. - Remote: Yes. - Relocation/Recruitment Incentives: Not authorized. - Financial Disclosure Report: Not required.

• Lead threat modeling engagements on the features and services where the risk warrants it. • Partner with the ProdSec lead to evolve the practice from on-request to repeatable. • Own day-to-day triage of CNAPP findings end to end. • Contribute to SDLC tooling, SAST/SCA workflows, and bug bounty triage. • Partner with product engineering teams as a trusted reviewer. • Bring AI to the work to accelerate triage, summarize findings, and reduce toil. • Push the security floor up over time through documentation, office hours, and tooling improvements.

• Own day-to-day operation of Liftoff's SIEM (Panther) — log source ingestion, detection content, and the alert investigation pipeline. • Lead Liftoff's adoption of AI-augmented SOC tooling (e.g. Prophet, Dropzone, or equivalent) as a multi-year modernization investment. • Triage incoming security alerts and drive timely investigation and remediation with stakeholders across Engineering and IT. • Lead incident response — investigation, containment, and post-incident review — and mature processes and runbooks so response becomes predictable and repeatable. • Build tooling and automation that detects active threats, enriches alerts, and reduces manual investigation toil. • Partner with Engineering and IT to make detection and response self-service where possible — clear log-onboarding paths, documented detection proposals, accessible runbooks — so security scales without becoming a bottleneck. • Close the feedback loop between the team's offensive and proactive findings and detection coverage. • Partner across the security team on cloud, infrastructure, and application security work alongside your detection and response focus — every engineer on this team covers breadth beyond their primary focus. • Participate in the Security team's on-call rotation and incident response.