AltaML

Information Security Operations Specialist

AltaML$70K — $95K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3-5 years in Information Security operations or engineering, preferably in SaaS or cloud-native environments.
  • Familiarity with security certification programs like SOC2 or ISO27001.
  • Knowledgeable in cloud security principles, modern SIEMs, firewalls, encryption, and identity management.
  • Proficiency in securing and using various operating systems, including MacOS, Linux, and Windows.
  • Technical degree in Computer Science, Cybersecurity, or related field, or equivalent experience.

Responsibilities

  • Manage and enhance the AI-supported SIEM and network monitoring systems.
  • Investigate security incidents and perform vulnerability assessments.
  • Conduct internal security compliance reviews (SOC2, ISO27001).
  • Collaborate with IT to implement security controls and account sync.
  • Operate AI-powered red teaming platforms to identify vulnerabilities.
  • Integrate security practices into engineering lifecycle and architecture.
  • Evaluate new AI platforms against security and data privacy standards.

Benefits

  • Collaboration with IT and engineering teams for seamless operations.
  • Opportunity to lead and innovate in AI security initiatives.
  • Work in a fast-paced environment with cutting-edge technologies.
  • Continuous professional development in information security.
  • Contributions to Responsible AI practices in security operations.
Full Job Description
About the Role:

As our next Information Security Operations Specialist, you own the daily operational information security activities at AltaML, moving beyond basic checklist execution to deliver measurable security resilience. You will safeguard our corporate and production infrastructure, optimize automated defense networks, and proactively counter sophisticated software supply chain and AI-specific threats.
Required Results
  1. SOC2 Continuity & Program Expansion
    Maintain the existing SOC2 program with 100% continuous compliance across all controls. Partnering closely with the IT team for execution and infrastructure support, you will successfully plan and implement foundational controls required for future security programs (e.g., ISO27001) as the enterprise scales.
    KPI: Zero major non-conformances during external audits; 100% of compliance evidence is accurate and collected on time.
  2. AI-Powered Red Teaming
    Plan, configure, and operate our automated AI-powered red team program to independently uncover vulnerabilities before they can be exploited.
    KPI: Successfully execute scheduled automated adversarial simulations, delivering clear technical risk documentation and measurable remediation roadmaps.
  3. Intelligent Threat Monitoring (SIEM)
    Manage, calibrate, and continuously improve our AI-supported SIEM platform to optimize visibility and protection across environments.
    KPI: Minimize Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) while reducing false-positive alerts by 20% annually through rule tuning.
  4. Supply Chain & Vulnerability Resilience
    Proactively monitor, triage, and mitigate CVEs, third-party software vulnerabilities, and potential software supply chain attacks.
    KPI: 100% of critical zero-day vulnerabilities are assessed and mapped to definitive threat response plans within established SLA windows.
  5. Cross-Functional Engineering Security Coordination
    Coordinate security activities and facilitate the seamless integration of detective and protective controls directly within the engineering lifecycle and IT architecture solutions.
    KPI: 90% of development pipeline security review findings are collaboratively triaged and resolved without delaying production deployment.
  6. Agentic AI Secure Enablement
    Establish and execute a comprehensive security evaluation and governance framework for third-party, off-the-shelf Agentic AI platforms (e.g., Claude Desktop) connecting to AltaML's systems.
    KPI: 100% of target enterprise AI tools are evaluated against strict data privacy boundaries, session guardrails, and identity controls before access is authorized.


What You'll Do:

Threat Monitoring & Incident Operations (25%)
  • Manage and improve the AI-supported SIEM, network monitoring tools, and alerting infrastructure.
  • Respond to operational security incidents, investigate anomalies, and execute vulnerability analysis.

Compliance, Audits & IT Team Collaboration (20%)
  • Conduct internal security reviews against compliance baselines (SOC2, ISO27001).
  • Collaborate with the IT administration team to execute controls and ensure system accounts sync correctly across in-scope applications.

Adversarial Simulation & AI Red Teaming (20%)
  • Operate and tune automated AI-powered red teaming platforms.
  • Deploy ethical hacking techniques to safely test internal systems, cloud infrastructure, and network boundaries.

Secure Engineering & Architecture Integration (15%)
  • Work closely with development and architecture teams to design secure infrastructure solutions.
  • Embed security guardrails into code workflows to catch software supply chain threats early.

Emerging AI Technology Governance (10%)
  • Evaluate risks associated with new third-party AI agents and desktop integrations.
  • Define identity controls, data boundaries, and safe configurations for user tool adoption.

Reporting, Policies & Documentation (10%)
  • Create and maintain controls, policies, SOPs, and technical security guidelines.
  • Provide senior leadership with clear metrics and reporting on security incidents and posture maturity.


What You Bring:

  • Experience: 3-5 years of dedicated professional experience in an Information Security operations or engineering capacity (ideally in a fast-paced SaaS, cloud-native, or startup environment).
  • Compliance Literacy: Practical familiarity with maintaining or supporting a formal security certification program (such as SOC2 or ISO27001).
  • Technical Domain Knowledge: Good understanding of cloud computing security concepts, modern SIEM setups, firewalls, data encryption, and identity directories.
  • OS Agility: Hands-on comfort securing and navigating diverse operating systems, specifically MacOS, Linux, and Windows infrastructure.
  • Education: A related technical degree or diploma in a matching field (e.g., Computer Science, Cybersecurity, Systems & Network Administration) or equivalent deep practical experience.


Responsible AI (RAI)

AltaML employees, contractors, and associates must be trained and well-versed in the importance of Responsible AI and empowered to enact RAI principles by developing and deploying AI solutions. They should also be empowered to raise and escalate RAI concerns as required.

AltaML is responsible for elevating public discourse and awareness of AI through open, transparent communications with the broader public.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses and identifying potential inconsistencies or verification signals in application materials based on available information. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

About AltaML

AltaML is a Canadian company that specializes in artificial intelligence and machine learning. The company was founded in 2018 and is headquartered in Edmonton, Alberta. AltaML offers a range of services, including data analysis, predictive modeling, and natural language processing. The company works with clients in various industries, including healthcare, finance, and energy. AltaML is committed to helping its clients leverage the power of AI to improve their operations and achieve their business goals.
Learn more about AltaML
Size
50 employees
Industry
Founded
2018

Similar Jobs

More Jobs at AltaML

More Information Technology Jobs

Find similar Information Security Operations Specialist jobs: