Organizational Context

The Canadian Centre of Recovery Excellence (CoRE) is a trailblazing Crown corporation backed by the Government of Alberta, dedicated to transforming the recovery journey for individuals facing mental illness and addiction. By providing decision-makers with cutting-edge data, evidence, and actionable insights, CoRE paves the way for impactful recovery solutions.

Through groundbreaking research, world-class data and analytics, expert guidance, and strong collaborations, CoRE is driving meaningful change at every level of the system. With an unwavering commitment to real-world results, CoRE is not just supporting recovery — it’s shaping a brighter future for all Albertans.

As a trusted advisor to governments, healthcare professionals, and global leaders, CoRE empowers communities to deliver recovery-focused mental health and addiction services that truly make a difference.

Position Summary

As part of the Data and Analytics division, the Cybersecurity Analyst supports developing and implementing CoRE’s cybersecurity framework and related policies. This role provides strategic guidance to senior leaders (Chief Information Officer (CIO), Chief Privacy Officer (CPO) and General Counsel, and other information technology (IT) leaders) ensuring alignment with CoRE’s data strategy and priorities. The Cybersecurity Analyst advises CoRE’s divisions on applying cybersecurity policies across cloud platforms, supporting risk management initiatives including mitigation planning and business continuity, and collaborates with external cybersecurity service providers to strengthen the organization’s overall security posture.

Responsibilities:

1. Cybersecurity Framework and Implementation

• Contribute to the development of the cybersecurity framework and support the integration of policies, procedures and ensure the use of best practices to protect CoRE’s AWS and other cloud technology assets and to ensure Albertans’ privacy and data in alignment with CoRE’s overarching data strategy.
• Assist in developing cybersecurity framework elements, including technology, roles, processes, and controls to proactively manage cyber threats and respond to cybersecurity incidents.
• Support the creation of performance measures to monitor and report on the cybersecurity framework objectives.
• Participate in the development of an IT risk management strategy to identify and proactively manage risks relating to CoRE’s information and technology assets.
• Ensure the cyber security framework fulfills all legal, ethical, and business obligations with respect to security and protection of information and information technology assets.
• Ensure security management aligns with Government of Alberta IT services, and other stakeholders, as needed.
• Contributes to the evaluation of security operations in accordance with CoRE’s mandate and business plans.
• Conduct regular reviews of cybersecurity framework and related policies to ensure alignment with evolving cybersecurity practices, technologies, and legislative requirements to support the protection of CoRE’s digital assets and services.
• Provide support and guidance to all CoRE program areas to facilitate consistent implementation of cybersecurity standards, procedures, and processes.
• Complete regular vulnerability audits and compliance testing to ensure the confidentiality, integrity and availability of CoRE information and technology assets.
• Support investigations of real or perceived security incidents or breaches.
• Monitor and report on CoRE’s real or perceived security incidents or breaches.

2. Risk Mitigation and Business Continuity/Disaster Recovery

• Maintain and update CoRE’s risk registry of significant IT risks, monitor changes to the risk profiles, and work with CIO, CPO and General Counsel, Executive Directors, and technology leaders to ensure that risk management plans are in place.
• Assist in the development and maintenance of IT Business Continuity and Disaster Recovery plans.
• Support the design and execution of tabletop exercises, assessments, and communication exercises to test response plans and update strategies and related operational plans as needed.
• Monitor and report on significant security risks and contribute to the development of strategies and reports to manage and treat risks.
• Support the development of Risk Threat Assessments (TRA) and collaborate with the Privacy Officer on Privacy Impact Assessments (PIA).

3. CoRE Priorities Advancement

• Provide security issue analysis, recommendations, and advice to guide executive decision-making and planning.
• Collaborate with other IT leads and professionals to provide integrated and comprehensive security and technology protection to CoRE.
• Identify and raise awareness of significant emerging issues and participate in their resolution.
• Prepare security briefings, draft policy and strategic documents, reports, and other materials in response to requests from senior and executive leaders, news reports, and release of major research studies.
• Other duties as assigned.

Education and Experience:

• Post-secondary degree in computing science or technology-related field.
• Minimum of 3-5 years of related experience in the cybersecurity industry.
• Relevant industry certification is an asset.
• Equivalent combinations of education and experience will be considered.

Knowledge, Skills, and Abilities:

• Knowledge of and ability to interpret relevant legislation and policy (e.g., Health Information Act, Protection of Privacy Act (Alberta) (POPA), Access to Information Act (Alberta (ATIA), and CASL (Canada’s Anti-Spam Legislation)).
• ISO and NIST knowledge and expertise.
• Cybersecurity domain knowledge including confidentiality, integrity, and availability controls etc.
• Knowledge of cybersecurity technologies, markets, and vendors (firewalls, intrusion detection, assessment tools, encryption, certification authority and Web and application development).
• Full understanding of cyber threats, and knowledge of cybersecurity roles, processes, and controls to mitigate risk in balance with ongoing business operations.
• Knowledge of AWS application and database security solutions used to store enterprise information, directory services, and information systems auditing.
• Process improvement principles, methodologies, and practices.
• Risk management principles, methodologies, and practices.
• Project management processes, methodologies, principles, and techniques.
• Strong interpersonal, communications, conflict resolution, and facilitation skills.
• Strategic thinking, planning, and visioning and the ability to translate strategy into business and operational plans.
• Well-developed leadership skills.
• Ability to shift priorities as demands or directions change.
• Ability to exercise judgment and creative problem-solving when evaluating complex situations with multi-faceted criteria.
• Ability to influence behavior changes in others.

Pension and Benefits

• CoRE offers a pension plan with LAPP which provides a retirement income, survivor benefits, and early retirement options. Explore more at www.lapp.ca .
• As part of our commitment to our employees’ well-being, CoRE is pleased to provide a group benefits plan and health spending account. This comprehensive plan includes extended health care coverage, travel insurance, dental care, specialized medical coverage, and more.

Pre-employment Conditions

• Prior to an offer of employment, candidates are required to complete and maintain satisfactory Criminal Record, Education Verification, and Canadian Work Authorization checks as well as Conflict of Interest disclosure, as applicable.
• Candidates who have completed post-secondary studies outside of Canada may be required to provide an evaluation of their credentials from the International Qualifications Assessment Service (IQAS) or from a recognized Canadian Credential Evaluator; please visit the Alliance of Credential Evaluation Services of Canada for more information.

How To Apply

Applicants should provide a resume and cover letter that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies.

Closing Date: October 19, 2025

We thank all applicants for their interest. All applications will be reviewed to determine which candidates' qualifications most closely match the advertised requirements. Additional screening information may be requested. Candidates chosen to move forward to interview will be contacted. An eligibility list may be established to fill similar positions.

CoRE is committed to inclusiveness, equity, and accessibility and encourage all qualified candidates to apply. If you require accommodation during any portion of the selection process, please let our team know at hr@recoveryexcellence.org