Calgary, Alberta, Canada copyright 2022 ThreeShield Information Security Corporation
Cybersecurity for businesses in Calgary
Secure your business with our proactive IT management and certified cybersecurity professionals in Calgary, Vancouver, and Toronto to keep your business running smoothly.

Call toll-free at 1-877-528-2925.
Calgary: (403) 538-5053
Secure your Business
*required

ThreeShield's Balanced Holistic IT Approach

ThreeShield covers all of your compliance and control requirements without limiting ourselves to checklists and absolutes because we understand that your business isn't exactly like all of the others.

Yes, we can do an insurance or compliance checklist. However, the results that ThreeShield provides are much more comprehensive than a Big 4 accounting firm that need to use strict checklists that junior accountants can complete. Instead, we take a holistic view of the company, dig through risk and vulnerability scenarios and then complete assessments with industry-standard checklists to make sure that we didn't miss anything.

Similarly, we provide holistic information security and proactive IT management services by balancing risk management, business requirements, usability, and resources. This allows us to build or tweak your systems and policies in ways that many cookie-cutter managed service providers would refuse to do.

By building this holistic approach into our culture and quality assurance processes, everyone at ThreeShield ends up delivering results that IT-only and checklist-focused companies simply cannot match. Here are examples of what our clients have said about our approach:

Collaborating with ThreeShield to ensure data security was an exciting and educational experience. As we exploded in growth, it was clear that we needed to rapidly mature on all fronts, and ThreeShield was integral to building our confidence with information, software, and infrastructure security.
-Noelle, financial technology and online retail
As the Chief Compliance Officer of a payments entity, I have relied on ThreeShield Information Security to provide risk-based solutions that have satisfied regulators and business partners alike. While our Money Services Business is unique in that it supports commerce within virtual worlds and video game environments, the security standards that we have to meet are the same as they would be for any regulated financial institution.

ThreeShield has employed a dynamic, risk-based approach to information security that is specific to our business needs but also provides comfort to our external stakeholders.

I recommend their services.
Scott, Tilia Inc.
[ThreeShield] helped us focus our efforts, enhancing our security posture and verifying PCI compliance.
All of this was achieved with minimal disruption to the engineering organization as a whole.
The approach was smart. In a short time, we accomplished what much larger companies still struggle to achieve.
-Brian, Virtual Reality company
Chris [of ThreeShield] possesses the rare skill in security professionals of understanding broader business and technical demands and using that knowledge to develop a balanced approach to security. He skillfully avoids the dogmatic, prescriptive approach to security I've seen all too often and instead builds a security plan that genuinely strengthens the business.
-Landon, VP Operations and Platform Engineering
... works closely with product and business leaders, engineers, and executives to help them understand the necessity of courses of action, deftly getting the entire organization on board with plans.
Chris [of ThreeShield] was keen on building partnerships of understanding with key stakeholders, and made the effort to understand the needs of the customer support team in terms of information, and balance those with the regulatory concerns -- both in specific and in general -- over PII, data storage and transmission, etc. It is this proactive approach that ensured that we had an open line of communication with Chris, and made me feel confident that when reaching out to him with a question or concern would net me a direct and actionable response.
-Debbi, Director of Customer Support
ThreeShield very much values active and respectful collaboration, and went out of their way to get feedback on policies to make sure proposals balanced business needs while not making employees feel like they were dealing with unreasonable overhead. By doing so ThreeShield really helped change the culture around security mindfulness is positive ways.
Tara, Senior Director of Systems and Build Engineering



Some of ThreeShield's Clients

ThreeShield Information Security has provided customized IT security tools and consulting to organizations of all sizes, including the following:
1-Page •  Accounting Firms •  Calgary Foothills Primary Care Network •  Carrier Corporation •  Collins Barrow Calgary LLP •  Computer Sciences Corporation •  Deloitte •  Ernst & Young •  Escape Ops •  Financial advisors •  Fintech companies •  First Gulf Bank •  Government of Alberta •  Hamilton Sundstrand Corporation •  Hurricane Computer Solutions •  International Aero Engines •  KPMG •  Linden Research (Linden Lab) •  NASA •  NORESCO •  Otis Elevator Company •  Plateau Systems •  Pratt & Whitney •  Precious metals retailers •  Red Link SA (Argentina) •  Segurança da Informação e Conformidade •  Sikorsky Aircraft Corporation •  Tilia Inc •  TOOT'n TOTUM •  Towers Watson •  United Technologies Corporation •  Universidade de São Paulo •  UTC Power •  Whitecap Resources Inc

Careers and Company Philosophy

ThreeShield operates under two guiding principles:

  1. Treat our employees, clients, and community members as people.
    Our founders have intentionally created a culture that avoids many of the problems that we felt as "working numbers" in big accounting, government, and Fortune 50 companies.
    Our flexible work environment with interesting side projects and respectful management are some of the reasons why our employees often comment about how much happier they are than their friends in "the big corporate world."
    In addition to the security awareness training that we provide to schools, seniors, and community organizations, we have implemented B-Corp standards and legal commitments to sustain our "people before profits" culture.
  2. Provide real information security.
    Most IT support shops say that they provide cybersecurity services. However, when you dig deeper, few of them have Certified Information Systems Security Professions (CISSP), Certified Information Systems Auditors (CISA), or staff with decades of experience improving security for governments, Fortune 50 companies, and innovative Silicon Valley companies.
    Those that do typically use cookie-cutter approaches and compliance checklists or by-the-book security principles. The truth is that compliance and security maxims do not provide real security. ThreeShield digs through vulnerabilities, constantly improves our approach and toolset, and customizes what we do for each client.

Employee Benefits:

  • Exposure and education
    Your first few months at ThreeShield might feel like a fire hose. You won't be stuck in a dark room watching a SEIM like other SoC jobs. You won't be answering endless calls about basic IT support (our proactive processes increase our clients' reliability beyond what most MSPs and MSSPs can offer, so they don't need to take time out of their day to reach out for support as often). Instead, you'll gain exposure and mentorship around advanced information security, in-depth configurations for Microsoft 365, Google Workspace, various endpoint detection and response platforms, various firewalls, Azure, AWS, and the latest in cloud protection. We encourage regular professional development, and you'll be expected to obtain CISSP and CISA credentials as soon as you qualify. This seems like a lot, but you'll have a great team to support you along with experts who have worked in cybersecurity for everything from bitumen mines to rockets.
  • Flexible work environment
    We need to make sure that our clients' needs are met when they need them, but don't artificially restrict work hours.
  • Home Internet
    Most of our team members work from home, so we pay for employee Internet bills as a tax-free benefit.
    Employees are responsible for calculating any personal use of their Internet bill for tax purposes
  • Telecommuting
    Wasting hundreds of dollars a month and hours per day on commuting isn't worth it. Although ThreeShield employees must live and work in Canada for data residency, police background checks, and security purposes, most of us work from home most days with limited client and office visits.
  • Extended health benefits
    Dental, vision, paramedical, life, critical illness, prescription drugs, out-of-country and major medical, etc.
  • Health Spending Account (HSA)
    for costs that our "Gold Level" insurance plan doesn't fully cover.
  • Paid sick leave
    Our approach to work is really flexible and we take a proactive approach to health (like everything we do). However, sometimes, even working from home isn't an option. We want to make sure that our teammates can recover quickly with adequate rest and that our clients get fully-focused consulting. To this end, we provide a flexible sick leave program.
  • Paid medical, dental, vision, and vaccination leave
    We take a proactive approach to security and well-being. To this end, ThreeShield pays for the time our team members spend at annual medical checkups, biannual (fully paid) eye exams, vaccinations, and dental checkups (every 9 months).
  • Employee & Family Assistance Program (EFAP)
    , concierge drug advocate for high-cost drugs, virtual physician and healthcare service
  • Pizza days
    Just because we work from home doesn't mean that we can't enjoy some office perks. With staff from Vancouver to Toronto, these are harder to arrange than they used to be when everyone was in Calgary, but we still make an effort to have them once in a while.
  • Employee laptops
  • Leading-edge cybersecurity tools
    are an essential part of our job. At ThreeShield we don't only use the best commercial and open-source tools, but we also develop leading-edge tools. As a result, our team is the first to have access to this new technology.

Before you Apply:

  • Before you apply to a cybersecurity job, please take three minutes to watch the following video so you can prepare for your interview and career:
  • Your diploma or degree may have taught you the fundamentals, but it's only the foundation for your success. Please make sure that you've played with the latest technologies and how cybersecurity works in the “real world.”

Job Postings:
  • You can find our current active openings on LinkedIn.

Already Hacked?

You're not alone: most companies using traditional IT without certified cybersecurity, audit, and compliance professionals get hacked eventually. Now, it's time to get you up and running and prevent it from happening again with proactive cybersecurity.
This includes:

  • Working with your existing IT provider/staff to limit damage, preserve evidence, and get you back up and running as quickly as possible
  • Optional forensic copies of affected systems
  • Backup restoration or data recovery, if possible
  • Properly designed off-site backups (it's amazing how many backups get wiped during ransomware attacks)
  • Full patching and monitoring of operating systems, firmware, and applications (most traditional IT providers miss the applications and firmware patches)
  • Cloud, application, and server hardening
  • Cloud and computer monitoring managed by a Certified Information Systems Security Professional (CISSP)
  • Reconciling cloud and computers to catch unauthorized logins
  • Employee training
  • Comprehensive information security assessment performed by a Certified Information Systems Auditor (CISA)
  • Credit card compliance managed by a certified Payment Card Industry Professional (PCI-P)
  • Regular reviews of third-party website compromises that may affect your data security
  • Regular vulnerability scans and customized security approach

Get Started

Not Hacked Yet

With the constant stories of other businesses being taken down by hackers and ransomware, it's time to take a proactive approach to IT and information security.

If you already have on-site IT or are working with an IT service provider, we'll fill the skill gap by supplementing their great customer service with certified information security and compliance professionals to give your small or medium-sized company the same level of security as the best Fortune 50 companies.

If you need comprehensive cybersecurity and IT support, we're able to quickly organize your computers into a secure enterprise-grade IT infrastructure while maintaining the flexibility that you need. We also provide full monitoring and support for Windows, Mac, and Linux, if needed.

Whichever option you choose, your business will become more reliable and resilient, including:

  • Properly designed off-site backups (it's amazing how many backups get wiped during ransomware attacks)
  • Full patching and monitoring of operating systems, firmware, and applications (most traditional IT providers miss the applications and firmware patches)
  • Cloud, application, and server hardening
  • Cloud and computer monitoring managed by a Certified Information Systems Security Professional (CISSP)
  • Reconciling cloud and computers to catch unauthorized logins
  • Employee training
  • Comprehensive information security assessment performed by a Certified Information Systems Auditor (CISA)
  • Credit card compliance managed by a certified Payment Card Industry Professional (PCI-P)
  • Regular reviews of third-party website compromises that may affect your data security
  • Regular vulnerability scans and customized security approach

Get Started

Assessments

After cybersecurity incidents hit a bit too close to home, many business owners, boards, insurance companies, and critical clients demand a cybersecurity or compliance review.

We provide flexible and customized assessments with minimal business interruptions, including:

  • PCI credit card compliance assessments (if you accept credit cards you probably need this at least once a year)
  • Web application, website, and application programming interface assessments
  • Comprehensive information security assessments
  • Indepedant Auditor Reports by Certified Information Systems Aditors (CISA) of your existing IT services
  • Targeted reviews of specific systems
  • Post-Implementation Reviews of new projects
  • IT infrastructure and software design reviews
  • Recurring vulnerability scans and assesments
  • Privacy and clinic reviews
  • Expert Witness reviews by an expert certified by The Court of Queen's bench in the general area of cyber security.
  • Penetration testing

No matter what your cybersecurity or compliance needs, ThreeShield has certified experts to meet your needs

Get Started

Let's Get Started

We can start finding and fixing your security vulnerabilities the same day you call

Get Started Now

COVID-19 Precautions and Cybersecurity Implications

COVID-19 Information Security Tips

For information on how we protect businesses from cybersecurity risks specific to COVID-19, please see our article at https://www.threeshield.com/ca/COVID-19%20Coronavirus%20Cybersecurity.

Getting ready to go back to the office? Please see our article at https://www.threeshield.com/ca/Cyber-sanitize-reopen/.

These preparation steps are often too much for people trying to run their business or even their regular IT staff/provider handling routine tasks. We remove that burden and let you focus on your business.

Let ThreeShield help

Our COVID-19 Precautions

On-Site Visits
To protect our clients and staff, we wear CAN-99 masks made in British Columbia for all client visits.
All of ThreeShield's cybersecurity experts who visit client sites are fully vaccinated.

Limiting Contact
In addition to conducting all of our meetings remotely using encrypted videoconference tools, we have replaced most of our on-site work with remote assessment devices that we either drop off or ship to your site. This provides us with a secure way to perform the same deep-dive vulnerability assessments we used to perform on-site without requiring your staff to come into the office after the devices are plugged into your network.

Let's work together