- Location
- Edmonton · Calgary
- Workplace
- Onsite
- Type
- Full-time
- Department
- AltaML
- Source
- Lever
Description
About the Role:
As our next Information Security Operations Specialist, you own the daily operational information security activities at AltaML, moving beyond basic checklist execution to deliver measurable security resilience. You will safeguard our corporate and production infrastructure, optimize automated defense networks, and proactively counter sophisticated software supply chain and AI-specific threats.
Required Results
-
SOC2 Continuity & Program Expansion
Maintain the existing SOC2 program with 100% continuous compliance across all controls. Partnering closely with the IT team for execution and infrastructure support, you will successfully plan and implement foundational controls required for future security programs (e.g., ISO27001) as the enterprise scales.
KPI: Zero major non-conformances during external audits; 100% of compliance evidence is accurate and collected on time. -
AI-Powered Red Teaming
Plan, configure, and operate our automated AI-powered red team program to independently uncover vulnerabilities before they can be exploited.
KPI: Successfully execute scheduled automated adversarial simulations, delivering clear technical risk documentation and measurable remediation roadmaps. -
Intelligent Threat Monitoring (SIEM)
Manage, calibrate, and continuously improve our AI-supported SIEM platform to optimize visibility and protection across environments.
KPI: Minimize Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) while reducing false-positive alerts by 20% annually through rule tuning. -
Supply Chain & Vulnerability Resilience
Proactively monitor, triage, and mitigate CVEs, third-party software vulnerabilities, and potential software supply chain attacks.
KPI: 100% of critical zero-day vulnerabilities are assessed and mapped to definitive threat response plans within established SLA windows. -
Cross-Functional Engineering Security Coordination
Coordinate security activities and facilitate the seamless integration of detective and protective controls directly within the engineering lifecycle and IT architecture solutions.
KPI: 90% of development pipeline security review findings are collaboratively triaged and resolved without delaying production deployment. -
Agentic AI Secure Enablement
Establish and execute a comprehensive security evaluation and governance framework for third-party, off-the-shelf Agentic AI platforms (e.g., Claude Desktop) connecting to AltaML’s systems.
KPI: 100% of target enterprise AI tools are evaluated against strict data privacy boundaries, session guardrails, and identity controls before access is authorized.