Top Benefits
About the role
Who We Are Our Power, Your Possibilities At TransAlta , we don’t just generate electricity-we generate opportunity. As one of Canada’s largest publicly traded power generators, we’ve been powering communities for over 100 years across Canada, the U.S., and Australia. Our diverse energy portfolio and passionate team are driving the transition to a cleaner, more sustainable future.
We believe in the power of purpose, the strength of collaboration, and the value of continuous learning. If you’re ready to make a real impact in a dynamic industry, you bring the energy - we’ll provide the platform .
About The Role We are looking to hire a to join our Cybersecurity and Risk Management team at TransAlta! As the Cybersecurity Specialist, you will work closely with the IT and OT teams and other stakeholders across the business. You will be responsible for sustaining and enhancing the cybersecurity and risk management program to help improve the overall security posture at TransAlta. The ideal candidate must be highly motivated and eager to learn and grow their knowledge, expertise, and capabilities.
We’re looking for a Cybersecurity Specialist to join our Cyber Security and Risk Management team on a Full-Time basis. As the Cybersecurity Specialist, you will work closely with the IT and OT teams and other stakeholders across the business. You will be responsible for sustaining and enhancing the cybersecurity and risk management program to help improve the overall security posture at TransAlta. The ideal candidate must be highly motivated and eager to learn and grow their knowledge, expertise, and capabilities.
This position is based out of our Downtown Calgary Head Office , with the flexibility of a hybrid work schedule .
A DAY IN THE LIFE Cybersecurity Governance, Risk Management, and Compliance
- Act as IT/OT cybersecurity SME, providing expertise across governance, risk, and supply chain security.
- Support development and execution of cybersecurity strategy, roadmap, and policies aligned with frameworks (NIST CSF, CIS Controls).
- Maintain and improve corporate cybersecurity policies, standards, and procedures.
Evaluate and monitor third-party vendor risks; ensure governance and security controls are in place.
- Identify, assess, and document cybersecurity risks; implement controls to mitigate them.
- Assist in developing plans and protocols to protect information systems from cyber threats.
- Support internal/external security audits and compliance activities.
- Conduct cloud and vendor security risk assessments as part of supply chain risk management.
- Build strong relationships with business stakeholders, IT/OT teams, and vendors.
Cybersecurity Operations & Monitoring
- Collaborate with CyberSOC to monitor threat intelligence and advise on risk treatment.
- Provide security advisory for projects and implement security initiatives.
- Assist in incident response activities and cloud security management (e.g., Microsoft 365, Azure).
- Lead cybersecurity awareness training and campaigns across the organization.
- Support vulnerability and patch management processes, including scanning and risk analysis.
- Develop and maintain cybersecurity metrics and KPIs to demonstrate program effectiveness.
About You
- Minimum of bachelor’s degree in the field of Computer Science, Computer Information Systems, Information Systems Security Management, or Computer Engineering.
- Minimum of 5-7 years IT experience, with 3-5 years in Cybersecurity and Risk Management.
- Minimum one or more of the following security certifications: ISC2-CISSP, ISACA CISM, CISA, SANS GSEC, Microsoft infrastructure and/or security certifications, OSCP etc.
- Experience with IT/Cybersecurity governance and risk management frameworks and threat assessment methodologies (e.g., NIST CSF, NERC-CIP, CIS Controls).
- Experience with C-SCRM frameworks and practices is an asset (e.g., NIST SP 800-161 Rev. 1).
- Strong understanding and technical IT knowledge, with foundational cyber risk, compliance, and ability to define and operationalize cybersecurity processes.
- Proficiency in key IT/OT technologies and protocols, including TLS, SSH, HTTPS, SD-WAN, VLANs, Zero Trust Architecture, SSO, MFA, and VPNs.
- Ability to weigh business needs against risk concerns and articulate issues to management.
- Strong problem solving, organizational, and time management skills.
- Effective communication, interpersonal, and relationship management skills.
Nice to Haves
- Experience with cloud services and performing cloud security risk assessments.
- Foundational knowledge of regulatory and compliance requirements (e.g., Privacy, NERC-CIP, SOX).
- Knowledge and experience with Security Training & Awareness, SIEM, CASB, Azure Security tools (e.g., KnowBe4, Azure Sentinel, Defender XDR).
- Experience in an OT (Operations Technology) environment.
- Familiarity or experience with adversarial tactics and techniques (e.g., MITRE ATT&CK®).
THE PERKS
- Competitive salary
- Annual and long-term incentives available for select roles
- Company-matching pension plan
- Flexible health benefits for you and your family
- Generous vacation and personal days
- Learning and development programs
- Employee recognition and rewards
- Annual wellness allowance
Explore our Employee Experience Booklet on our Careers site to see how we support your growth and wellbeing www.transalta.com/careers
OUR CULTURE At TransAlta, we’re driven by a Culture of Results, Learning, and Purpose. We prioritize psychological safety, wellbeing, inclusion, and belonging - creating a space where everyone can thrive. We believe that diverse perspectives drive innovation and progress, and we’re committed to building a workplace where you can be your authentic self.
Ready to Power Up With Us? Excited about this role but don’t meet every single requirement? We still encourage you to apply. Studies have shown that women and people of color are less likely to apply for a job unless they meet every single qualification. You might just be the candidate we are looking for. What To Expect The successful candidate may be required to complete background checks appropriate to the role and may include criminal record, education and employment verification or credit checks. ‘Safety sensitive positions’ will be required to complete pre-employment testing.
Due to the high volume of applications we receive, only those progressing will be contacted.
About TransAlta Corporation
TransAlta Corporation (formerly Calgary Power) is an electricity power generator and wholesale marketing company headquartered in Calgary, Alberta. It is a privately owned corporation and its shares are traded publicly. It operates over 70 power plants in Canada, the United States and Australia. TransAlta operates geothermal, wind, hydro, natural gas and coal power generation facilities.
Top Benefits
About the role
Who We Are Our Power, Your Possibilities At TransAlta , we don’t just generate electricity-we generate opportunity. As one of Canada’s largest publicly traded power generators, we’ve been powering communities for over 100 years across Canada, the U.S., and Australia. Our diverse energy portfolio and passionate team are driving the transition to a cleaner, more sustainable future.
We believe in the power of purpose, the strength of collaboration, and the value of continuous learning. If you’re ready to make a real impact in a dynamic industry, you bring the energy - we’ll provide the platform .
About The Role We are looking to hire a to join our Cybersecurity and Risk Management team at TransAlta! As the Cybersecurity Specialist, you will work closely with the IT and OT teams and other stakeholders across the business. You will be responsible for sustaining and enhancing the cybersecurity and risk management program to help improve the overall security posture at TransAlta. The ideal candidate must be highly motivated and eager to learn and grow their knowledge, expertise, and capabilities.
We’re looking for a Cybersecurity Specialist to join our Cyber Security and Risk Management team on a Full-Time basis. As the Cybersecurity Specialist, you will work closely with the IT and OT teams and other stakeholders across the business. You will be responsible for sustaining and enhancing the cybersecurity and risk management program to help improve the overall security posture at TransAlta. The ideal candidate must be highly motivated and eager to learn and grow their knowledge, expertise, and capabilities.
This position is based out of our Downtown Calgary Head Office , with the flexibility of a hybrid work schedule .
A DAY IN THE LIFE Cybersecurity Governance, Risk Management, and Compliance
- Act as IT/OT cybersecurity SME, providing expertise across governance, risk, and supply chain security.
- Support development and execution of cybersecurity strategy, roadmap, and policies aligned with frameworks (NIST CSF, CIS Controls).
- Maintain and improve corporate cybersecurity policies, standards, and procedures.
Evaluate and monitor third-party vendor risks; ensure governance and security controls are in place.
- Identify, assess, and document cybersecurity risks; implement controls to mitigate them.
- Assist in developing plans and protocols to protect information systems from cyber threats.
- Support internal/external security audits and compliance activities.
- Conduct cloud and vendor security risk assessments as part of supply chain risk management.
- Build strong relationships with business stakeholders, IT/OT teams, and vendors.
Cybersecurity Operations & Monitoring
- Collaborate with CyberSOC to monitor threat intelligence and advise on risk treatment.
- Provide security advisory for projects and implement security initiatives.
- Assist in incident response activities and cloud security management (e.g., Microsoft 365, Azure).
- Lead cybersecurity awareness training and campaigns across the organization.
- Support vulnerability and patch management processes, including scanning and risk analysis.
- Develop and maintain cybersecurity metrics and KPIs to demonstrate program effectiveness.
About You
- Minimum of bachelor’s degree in the field of Computer Science, Computer Information Systems, Information Systems Security Management, or Computer Engineering.
- Minimum of 5-7 years IT experience, with 3-5 years in Cybersecurity and Risk Management.
- Minimum one or more of the following security certifications: ISC2-CISSP, ISACA CISM, CISA, SANS GSEC, Microsoft infrastructure and/or security certifications, OSCP etc.
- Experience with IT/Cybersecurity governance and risk management frameworks and threat assessment methodologies (e.g., NIST CSF, NERC-CIP, CIS Controls).
- Experience with C-SCRM frameworks and practices is an asset (e.g., NIST SP 800-161 Rev. 1).
- Strong understanding and technical IT knowledge, with foundational cyber risk, compliance, and ability to define and operationalize cybersecurity processes.
- Proficiency in key IT/OT technologies and protocols, including TLS, SSH, HTTPS, SD-WAN, VLANs, Zero Trust Architecture, SSO, MFA, and VPNs.
- Ability to weigh business needs against risk concerns and articulate issues to management.
- Strong problem solving, organizational, and time management skills.
- Effective communication, interpersonal, and relationship management skills.
Nice to Haves
- Experience with cloud services and performing cloud security risk assessments.
- Foundational knowledge of regulatory and compliance requirements (e.g., Privacy, NERC-CIP, SOX).
- Knowledge and experience with Security Training & Awareness, SIEM, CASB, Azure Security tools (e.g., KnowBe4, Azure Sentinel, Defender XDR).
- Experience in an OT (Operations Technology) environment.
- Familiarity or experience with adversarial tactics and techniques (e.g., MITRE ATT&CK®).
THE PERKS
- Competitive salary
- Annual and long-term incentives available for select roles
- Company-matching pension plan
- Flexible health benefits for you and your family
- Generous vacation and personal days
- Learning and development programs
- Employee recognition and rewards
- Annual wellness allowance
Explore our Employee Experience Booklet on our Careers site to see how we support your growth and wellbeing www.transalta.com/careers
OUR CULTURE At TransAlta, we’re driven by a Culture of Results, Learning, and Purpose. We prioritize psychological safety, wellbeing, inclusion, and belonging - creating a space where everyone can thrive. We believe that diverse perspectives drive innovation and progress, and we’re committed to building a workplace where you can be your authentic self.
Ready to Power Up With Us? Excited about this role but don’t meet every single requirement? We still encourage you to apply. Studies have shown that women and people of color are less likely to apply for a job unless they meet every single qualification. You might just be the candidate we are looking for. What To Expect The successful candidate may be required to complete background checks appropriate to the role and may include criminal record, education and employment verification or credit checks. ‘Safety sensitive positions’ will be required to complete pre-employment testing.
Due to the high volume of applications we receive, only those progressing will be contacted.
About TransAlta Corporation
TransAlta Corporation (formerly Calgary Power) is an electricity power generator and wholesale marketing company headquartered in Calgary, Alberta. It is a privately owned corporation and its shares are traded publicly. It operates over 70 power plants in Canada, the United States and Australia. TransAlta operates geothermal, wind, hydro, natural gas and coal power generation facilities.