Information Security Officer 3 (Security Architect, Application and Product Security)

Role Responsibilities

We’re expanding our Cybersecurity Services team and hiring Security Architects within our Application and Product Security group.

Do you have a curious mind and a broad set of technical skills to back it up? Do you enjoy figuring out “what happened and who dun it” to determine capabilities to protect applications and services from experiencing similar incidents? Do you thrive on improving systems, services, and processes to be more secure, effective, and efficient? Can you keep the larger picture in mind while digging into the weeds? Do you enjoy working with teams of dedicated professionals to reduce the occurrence of significant security issues and strengthen the security posture of an enterprise environment?

If so, this position may be for you!

As an Information Security Officer, you will play a critical role in safeguarding the Government of Alberta’s digital services, ensuring the confidentiality, integrity, and availability of key systems and data. You will work closely with client departments to strengthen and evolve security architecture and capabilities, embedding security seamlessly within a modern DevSecOps framework.

In this role, you will help uphold the Government of Alberta’s Information Security Management Directives (ISMDs) and related cybersecurity policy instruments, with a focus on application and product security. Your contributions will directly support the secure and reliable operation of the province’s computing environment and digital services. Additionally, you may lead or support the design and implementation of security controls including cybersecurity technologies, processes, policies, and awareness initiatives to continuously enhance Alberta’s cybersecurity posture.

Responsibilities:

Some of your responsibilities in this position will include but are not limited to:

• Development, maintenance, advocacy, and compliance for security architecture and DevSecOps framework and policy instruments such as directives, frameworks, policies, standards, and guidelines.
• Security architecture subject matter expertise in the one or more following domains:
  • Secure application development processes and tools.
  • Secure business architecture.
  • Secure data architecture.
  • Secure application architecture.
  • Secure technology architecture.
• Consultation, evaluation, and delivery of digital service products throughout the solution development life cycle (SDLC) for conformance to IMT cybersecurity policy instruments including formulation of options and recommendations.
• Conduct security review, consult, and advise on secure coding, secrets management, on-premises, Amazon Web Services (AWS), Azure, Google Cloud Platform (GCP), and third-party hosted solutions with verbal and written report.
• Provide security advice to business and technical stakeholders, including senior executives.

Role Responsibilities Continued

• Participate in projects as an information security subject matter expert with a focus on security architecture and security capabilities within a DevSecOps framework to protect digital service development and operations.
• Participate in the identification of information security requirements, as well as the development of strategies and solutions to meet these requirements across the organization.
• Facilitate or perform identification, assessment, and treatment of information and technology security threats and risks.
• Ensure risks and treatment plans are documented in the Government of Alberta's Information Technology Security Risk Register.
• Communicate cyber threat information to stakeholders.
• Perform cyber threat or cyber security controls related research as requested by Cybersecurity Services management.
• May be required to assist in cybersecurity incident response as required.
• Must have a sense of humor.

The Security Architect (Information Security Officer 3) is a senior-level role where you’ll lead security initiatives, projects, or teams while applying deep, expert-level knowledge of security architecture. This position plays a hands-on leadership role, driving impactful information security outcomes across the organization.

To be successful in this position, you will demonstrate:

• Ability to lead and remain calm in times of crisis.
• Excellent verbal and written communication skills for executive briefings and technical discussions.
• Demonstrated ability to collaborate effectively and secure alignment across multiple stakeholders.
• A sense of curiosity to investigate root cause and identify options and a recommendation.
• Analytical and problem-solving skills for complex environments.

AI-First Mindset

The role is designed with an AI-first approach to help you work smarter, not harder. You will leverage AI tools to:

• Automate insights and personalize stakeholder engagement.
• Create tailored, high-impact materials using AI-assisted content generation.
• Develop and track KPIs using AI to surface trends and predict outcomes.
• Demonstrate proficiency in utilizing AI to address complex problems and automate analysis of extensive datasets.

Please click on this link to view the job description for this position.

APS Competencies

Competencies are behaviors that are essential to reach our goals in serving Albertans. We encourage you to have an in depth understanding of the competencies that are required for this opportunity and to be prepared to demonstrate them during the recruitment process.

This link will assist you with understanding competencies: 

https://www.alberta.ca/system/files/custom_downloaded_images/psc-alberta-public-service-competency-model.pdf

Some of the competencies critical for this position include:

• Systems Thinking: You will consider the whole system when developing, evaluating and implementing process and technology change.
• Creative Problem Solving: You will assess options and implications in new ways to achieve outcomes and solutions.
• Agility: You will need to provide results in a complex, diverse and changing environment.
• Develop self and others: A commitment to lifelong learning and the desire to invest in the development of the long-term capability of yourself and others.
• Drive for Results: Knowing what outcomes are important and maximizing resources to achieve results that are aligned with the goals of the organization, while maintaining accountability to each other and external stakeholders.

Qualifications

Required:

• A university degree in Computer Science, Information Technology, or a related field.
• Minimum of 4 years of related experience in:
  • Secure solution delivery life cycle,
  • Secure application development.
  • Securing continuous integration and continuous deployment (CI/CD),
  • DevSecOps, testing, and security architecture.

Notes

Term of Employment: Permanent full-time positions

Hours of Work: 36.25hrs/ week – Monday to Friday

Location: Remote across Alberta

This position is eligible for remote work. You must reside in Alberta to work remotely.

There is a possibility of assistance with relocation expenses.

A written practical exercise may be required as part of the interview process.

Depending on the project, on-call rotation and overtime may be required.

Final candidates will be required to undergo enhanced security screening.

This competition may be used to fill future vacancies, across the Government of Alberta, at the same or lower classification level.

Applicants are advised to provide a cover letter summarizing information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies.

Any costs associated with obtaining the required documents/checks as noted or interview travel expenses, will be the responsibility of the candidate. Out-of-province applicants can obtain the required documents/checks from the province they currently reside in.

Links and information on what the GoA have to offer to prospective employees.

• Working for the Alberta Public Service - https://www.alberta.ca/advantages-working-for-alberta-public-service.aspx.
• Public Service Pension Plan (PSPP) - https://www.pspp.ca.
• Alberta Public Service Benefit Information - https://www.alberta.ca/alberta-public-service-benefits.
• Professional learning and development - https://www.alberta.ca/professional-development-support-directive.
• Research Alberta Public Service Careers tool – https://researchapscareers.alberta.ca.
• Cybersecurity in Alberta - https://www.alberta.ca/cybersecurity-in-alberta
• Positive workplace culture and work-life balance.
• Leadership and mentorship programs