The Windfall Project, owned by Gold Fields, is located in northern Québec. By joining our passionate team, committed to creating lasting value beyond mining, you will have the opportunity to contribute to the construction and startup of a world-class mining project, one of the most ambitious in recent decades.
Gold Fields is a globally diversified gold producer with operations in Australia, South Africa, Ghana, Peru, Canada and Chile. At Gold Fields, we are committed to achieving an inclusive workforce and recognize that the diverse talent of our people will ultimately determine our growth, performance and success.
This is a role that offers you the opportunity to lead high-impact initiatives, collaborate with experts, and contribute to our growth in Québec. You will thrive in a dynamic environment where challenges and an exceptional workplace will support your professional growth.
Join the Windfall adventure!
===========================
Responsible for the effective operation, maintenance, and tuning of advanced security tools and controls, enabling rapid detection and escalation of possible incidents, supporting a resilient, secure technology landscape. Operate within a “follow-the-sun” coordination model, ensuring seamless delivery of cyber services to the organization and acting as a interface between cybersecurity teams and the rest of the business. The role provides expert advice on current, evolving, and emerging information security issues.
Duties and responsibilities
- Liaises with internal and external stakeholders in the coordination of investigation into security incidents, exposures and potential breaches and works closely with internal stakeholders on effective threat detection activities aimed at protecting Gold Fields from cyber security threats and incidents.
- Improving the SOC team’s ability to perform thorough threat monitoring and detection by continuously improving correlation rules, detections, playbooks, alerts and reports;
- Lead day-to-day analysis of security events and act as the primary contact for the Global Managed SOC;
- Contributes to the creation and generation of continuous improvement initiatives such as dashboard development, Track cyber. detection tuning, and process automation. Create reports as and when required;
- Contributes to the development and implementation of procedures and standards for ICT systems to safeguard sensitive and confidential data and associated information;
- Continuously monitor security systems, logs, and network traffic for suspicious behaviors or indicators of compromise;
- Utilize Security Operations Monitoring tools like SIEM, XDR, IDS, IPS and related security tools to aggregate and analyze cybersecurity alerts in real-time and ensure their maintenance and updates;
- Source and investigate reliable threat intelligence, using it to inform automated monitoring to identify and flag emerging threats for further investigation;
- Conduct complex investigations and context-gathering on flagged cases and alerts; escalate confirmed incidents and detailed findings to the Incident Response Specialist and relevant teams for full incident handling;
- Maintain clear and accurate records of alerts triage, actions taken, and incident escalations for audit and improvement purposes;
- Support upgrades, troubleshooting, and health checks for security technology infrastructure;
- Respond to tickets logged by users relating to cyber queries and requests;
- Perform any other duties as assigned or necessary to support the objectives of Gold Fields globally.
Required qualifications
- Hold a degree in a field related to computer science or cybersecurity;
- Have at least five (5) years of relevant experience in the IT field. Experience in the mining or heavy industry sectors, an asset;
- Certifications in SOC operations, security monitoring, or equivalent preferred;
- Bilingual (French and English) will work with French- and English-speaking colleagues and suppliers.
Basic skills
- Strong capability to analyze complex problems, identify root causes, and synthesize information rapidly;
- Vigilant in documenting incidents, forensic evidence, and completing thorough follow-ups;
- Strong interpersonal and stakeholder engagement skills, with the ability to influence outcomes.
Technical skills
- Proficiency with SOC tools (monitoring, log management, alert correlation);
- Ability to configure, tune, and maintain detection systems for optimized output;
- Skill in prioritizing and escalating network and system security alerts;
- Excellent Problem Solving and Risk Analysis skills with a proactive approach to continuous improvements
- Strong knowledge of security technologies, frameworks (NIST, ISO, ACSC), and MITRE ATT&CK;
- Familiarity with IT and OT network architectures common in mining environments;
- In-depth knowledge of SIEM, XDR, and security monitoring platforms;
- Understanding threat landscapes, attack techniques, and detection methodologies.
Please note that the masculine form used in this document refers to both men and women. The masculine gender is used without discrimination and for the sole purpose of lightening the text.
In accordance with the terms of the Act to modernize legislative provisions respecting the protection of personal information (commonly referred to as “Law 25”), Windfall Mining Group undertakes to use your contact information (telephone numbers, e-mail and mailing addresses) solely for the purpose of informing you of the status of your application and notifying you of the next steps in the process.
If necessary, Gold Fields Windfall may communicate your personal information to a third party, in order to pursue your recruitment file, within the limits permitted by law and subject to a confidentiality undertaking by the third party.
