IT Advisor (Threat Intelligence Analyst)

A workplace powered by you

At BC Hydro, we’re working towards creating a cleaner and more sustainable future for all British Columbians and need

people like you to help us. A career at BC Hydro is meaningful and provides you the opportunity to be part of a talented,

inclusive, and diverse team. We offer a healthy work-life balance, competitive wages, a comprehensive benefits package,

and training opportunities to support you in your career growth. We're proud to be ranked as one of B.C.'s Top Employers

and one of Canada's Best Diversity Employers.

We invite you to join us as we build an even cleaner B.C. We welcome applications from all qualified job seekers. If you’re a

person with a disability, please let us know by emailing RecruitmentHelp@bchydro.com, as adjustments can be made to

help support you in your application process.

IT Advisor (Threat Intelligence Analyst)

Number of positions: 1 Job Location: Dunsmuir 08

Employment type: Permanent Region: Lower Mainland

Hours of work: Full-time (37.5 hrs/wk) Flexible Work Role: Hybrid

Annual salary: $ 107,000.00 - 135,300.00

What you'll do

As a member of the Threat & Vulnerability Management team, you will play a critical role in safeguarding the organization’s

digital infrastructure. While your primary focus will be on threat intelligence, the nature of our team requires a strong

understanding of vulnerability management as well. You will be responsible for identifying, analyzing, and disseminating

high-severity threat intelligence—particularly zero-day vulnerabilities under active exploitation and activity linked to high-

priority threat actors—to drive timely remediation efforts and inform the implementation or enhancement of security controls.

This is a dynamic, cross-functional role that requires collaboration with asset owners, technical teams, and leadership to

ensure a proactive and risk-informed cybersecurity posture.

Key Responsibilities

Threat Intelligence:

- Monitor and analyze threat intelligence sources to stay ahead of emerging threats.

- Disseminate critical and high-severity threat alerts, with a focus on zero-day vulnerabilities and activity from high-impact

threat actors.

- Track and assess threat actor campaigns and TTPs using structured frameworks to inform defensive strategies.

- Apply tactical, operational, and strategic intelligence principles to support both day-to-day security operations and long-

term risk reduction planning.

- Maintain and evolve the organization’s threat profile, including threat actor tracking and sector-specific threat landscape

assessments.

- Collaborate with SOC, incident response, and vulnerability management teams to ensure threat intelligence is actionable

and operationalized.

- Provide context and enrichment to threat intelligence to sharpen its relevance to the organization.

- Support the development and maintenance of threat intelligence dashboards and reporting for both technical and

executive audiences.

- Contribute to the continuous improvement of intelligence validation, dissemination, and escalation processes.

Vulnerability Management:

- Identify and assess vulnerabilities across enterprise systems in both IT and OT environments.

- Oversee vulnerability scanning and ensure findings are shared with responsible teams.

- Prioritize remediation by correlating threat intelligence with internal vulnerability data.

- Collaborate with technical support teams for patching, while ensuring asset owners remain accountable.

- Track remediation efforts and support risk-based prioritization.

- Contribute to threat-informed patching strategies based on real-world exploitation trends.

- Enhance and maintain regular vulnerability management reports and dashboards for leadership, highlighting trends,

remediation status, and risk posture.

- Establish, document, and continuously improve vulnerability management processes, standards, and policies aligned with

industry best practices (e.g., NIST, NERC CIP, CIS).

- Evaluate vulnerabilities associated with third-party vendors and cloud services to manage external risks.

What you bring

- Minimum of 5 years of experience in cybersecurity, with a focus on threat intelligence analysis or related disciplines.

- Strong written and verbal communication skills, with the ability to clearly convey complex information to both technical and

non-technical audiences.

- Solid understanding of cyber threat intelligence frameworks and methodologies.

- Familiarity with the full spectrum of threat intelligence—tactical, operational, and strategic—and how each supports

different layers of defense and decision-making.

- Experience with vulnerability assessment, scanning, and management tools and processes.

- Experience using a threat intelligence platform to manage, enrich, and operationalize threat data.

- Experience creating and delivering hunt packages to support proactive threat detection and threat-informed defense.

- Experience with Operational Technology (OT), Industrial Control Systems (ICS), or operational processes, including

technologies such as SCADA, PLCs, or DCS in industrial or critical infrastructure environments.

- Proven ability to collaborate effectively across IT, security, and business unit teams in a cross-functional environment.

- Strong problem-solving and critical thinking skills, with a proactive and analytical mindset.

- Technical knowledge and practical experience in the following areas:

o IT processes and infrastructure

o Threat and risk assessments

o Vulnerability scanning and management

o Penetration testing fundamentals

o Network architecture and security

o Log management and analysis

o Security auditing and compliance

o Configuration and asset management

Preferred Education & Certifications:

- Bachelor's degree in Cybersecurity, Information Technology, or a related field.

- Certificated in at least one of the following areas, is considered an asset:

o Certified Information Systems Security Professional (CISSP)

o Certified Threat Intelligence Analyst (CTIA)

o Certified Ethical Hacker (CEH)

o GIAC Cyber Threat Intelligence (GCTI)

o CompTIA Cybersecurity Analyst (CySA+)

o GIAC Certified Incident Handler (GCIH)

o GIAC Certified Penetration Tester (GPEN)

What we offer

- A comprehensive benefits package

- A minimum of 15 paid vacation days

- A lifetime pension

- Flexible work model, depending on your role type

- Training and development courses

For more information on the benefits we offer, visit bchydro.com/benefits.

Location: Vancouver, BC, V6B 5R3 Canada

What else you should know

Don't forget to update your Candidate Profile with your current resume and copies of your certifications. If applicable,

include your Trades Qualification. This will ensure we have all the necessary information to assess your application without

any delays.

Date Posted: 2025-09-02 Closing Date: 2025-09-23

For internal use 52203423