Division: Strategy and Transformation

Department: Business Transformation

Term: 1 Permanent Full Time position available.

Closing Date: 10/16/2025

Labour Group: SCMMA

Posting: 4638

Job Summary

The Cybersecurity Analyst will provide operations support for the Cybersecurity Lead in the implementation of the cybersecurity program for the City to ensure confidentiality, integrity and availability of information assets across Corporate Information Technology (IT) and Operational Technology (OT) assets in the City of Saskatoon.

Duties & Responsibilities

• Provides day to day operational support to the Cybersecurity Lead in the implementation of the cybersecurity program for the City.
• Supports the Cybersecurity Lead to develop, implement, and assist in the review, update, interpretation and implementation of corporate cybersecurity policies and procedures; providing advice that are appropriate, practical and consistent with relevant legislation, regulations, laws and industry standards.
• Participates in cybersecurity threats assessment and risk management processes across people, process and information technology and operational technology infrastructure and environments.
• Provides input into the planning and development of complex city-wide projects and ensures integration of security controls and activities within the lifecycle. These responsibilities could include arranging, facilitating, and participating in technology security design and planning sessions to develop solutions for security problems.
• Analyzes incidents and support the containment and remediation process to ensure an appropriate response to incidents.
• Coordinates and reports post-incident activities and lessons learnt for corporate use and external information sharing.
• Prepares and present cybersecurity awareness materials to internal and external audiences as required.
• Monitors and reviews applications, databases, network devices, access technologies to ensure proper configuration of security settings, policies and ensure secure use practices are in place
• Identifies current gaps in cybersecurity risk management across the City to determine additional cybersecurity actions based on industry best practices, developments, and knowledge, to maintain appropriate security posture in operational technology (OT) and IT environments. Conducts regular internal vulnerability assessments and work with relevant units in IT and OT departments to remediate vulnerabilities.
• Participates in external penetration tests, interprets results, and liaise with relevant stakeholders to address identified issues in a timely fashion.
• Creates cybersecurity operational guides (such as hardening guides) in consultation with relevant IT and OT departments; monitor the use of developed principles, and advise on necessary improvements from time to time.
• Participates in the development, tests and implementation of a practical disaster recovery plan.
• Performs other related duties as assigned.

Qualifications

Education, Training and Experience Requirements

• Degree in Engineering, Computer Science, Information Systems, Computer Engineering or recognized equivalent.
• 5 years continuous experience in information security management activities, e.g. policy formulation, cyber risk management, incident management, disaster recovery and business continuity, cybersecurity awareness, security architecture and management etc.
• Possession of any of the following certifications:
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Auditor (CISA Recognized Certifications)
  • Systems Security Certified Practitioner (SCCP)
  • Comptia Security+ Certification
  • GIAC (SANS) Certifications

Knowledge, Abilities and Skills

• Demonstrated ability be able to support cloud and on-premises environments
• Good communication and presentation skills.
• Demonstrated experience designing, implementing and operating cyber-security systems and solutions across technology platforms (Network, Databases, Applications).
• Proficiency in the use of Microsoft PowerPoint.
• Experience working in Operational Technology (OT) and Industrial Control Systems (ICS) environments. Technology operations experience in Critical Infrastructures (Energy, Water, Defense, Chemical, etc.) ..
• Experience in the use of Security Information and Event Management Tools (SIEM) tools.
• Regulatory compliance experience such as The Local Authority Freedom of Information and Protection of Privacy Act, PIPEDA, NERC-CIP, PCI-DSS.
• Knowledge of any of the following Cyber-security frameworks (Purdue, NIST CSF, NIST SP800-53, CIS, ISO 27001, etc).

Requires Security Check

Acceptable current Criminal Record Check (CRC) upon offer of employment.

Weekly Hours: 36.67

Salary Range: $80,150.88 to $93,935.04 CAD per annum (2023 rates)

Diversity, Equity and Inclusion

The City of Saskatoon offers an inclusive workplace that embraces diverse backgrounds. As an equity partner with the Saskatchewan Human Rights Commission (SHRC), the City commits to diversity, equity and inclusion in our workplaces. By having our workforce reflect the community we serve, we support the realization of miyo-pimatisiwin, (me-o-pi-ma-ti-si-win) “the good life”, for all residents. To learn more about Diversity, Equity and Inclusion at the City, please visit Saskatoon.ca/diversity

Accommodation

The City of Saskatoon strives to provide an accessible and inclusive workplace for all, including throughout the application and selection process through reasonable access and accommodations. Should you require accommodation through any stage of the recruitment process, please email talentacquisition@saskatoon.ca.

While we appreciate all applications we receive, only candidates under consideration will be contacted.

Our Recruitment Process: Application > Posting Closes > Resume Review > Pre-screen/Interview > Offer > Pre-Employment Conditions > Welcome to the City