Security Analyst (Cyber Security)

Important messages

Are you a Royal Canadian Mounted Police civilian member assigned to Shared Services Canada? We encourage you to apply! Please note that a civilian member selected for appointment through this process may not have to convert to public servant status before deeming. Contact the Shared Services Canada Human Resources Service Desk at for more information.

At Shared Services Canada we are working to change the landscape of IT for the Government of Canada. We look forward to working with you in the coming years and will support your career while you support our business. Therefore, we encourage you to be a part of our team for at least 2 to 3 years to ensure business continuity.

Work environment

Shared Services Canada (SSC) is mandated to secure Government of Canada Information Technology infrastructure, assets and data. To accomplish this mission, SSC deploys and manages sophisticated advanced Cyber and IT security technologies, solutions and services.

SSC is currently recruiting dynamic and cutting-edge professionals to protect Canada's cyberspace including data protection, infrastructure and application security, and identity management. We are seeking individuals who are looking for a progressive career opportunity in the continuously evolving and challenging cybersecurity environment and who are driven to develop and grow their skills and expertise working with top professionals and teams.

As technology becomes increasingly more sophisticated, the demand for an experienced and qualified workforce to protect the Government of Canada's networks and information systems has never been higher. Set your career sights on being an industry specialist in a rapidly growing field.

Intent of the process

A pool of qualified candidates will be established and will be used to staff similar positions within Shared Services Canada in various locations across Canada. All federal organizations listed in Schedules I, IV and V of the Financial Administration Act (FAA) may use this staffing process to appoint a candidate to its organization in a similar position.

Positions to be filled: 25

Information you must provide

Your résumé.

You must meet all essential qualifications in order to be appointed to the position. Other qualifications may be a deciding factor in choosing the person to be appointed. Some essential and other qualifications will be assessed through your application. It is your responsibility to provide appropriate examples that illustrate how you meet each qualification. Failing to do so could result in your application being rejected.

In order to be considered, your application must clearly explain how you meet the following (essential qualifications)

EDUCATION
Successful completion of two years of an acceptable post-secondary educational program in computer science, information technology, information management or another specialty relevant to the position to be staffed.

Notes:
1. Indeterminate period incumbents of positions in the CS group on May 10, 1999, who do not possess the education prescribed above, are deemed to meet the minimum education standards based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the CS group.
2. It is the recognized educational institution (e.g. community college, CÉGEP or university) that determines if the courses taken by a candidate correspond to two years of a post-secondary program at the institution.
3. At the manager's discretion, an acceptable combination of education, training and/or experience may serve as an alternative to the minimum post-secondary education stated above. Whenever the minimum education is met using this alternative, it is met for the specific position only and must be re-assessed for other positions for which this alternative has been specified by the manager.

Degree equivalency

EXPERIENCE
1. Experience working as an analyst or occupying a similar position in one or more of the following areas of IT:
• Network architecture
• Server administration
• Database administration
• Website administration
• Programming/Scripting
• Network monitoring
• Administration of email systems
• IT security
• Identity
• Credentials
• Access management
• Directory services
• IT security operations
• Classified systems

2. Experience in conducting technical research and analysis in any of the areas of IT as identified in experience 1.
3. Experience occupying a supporting, operational or lead role in an IT environment, involving a variety of platforms, operating systems, environments, database technologies and/or messaging technologies.

The following will be applied / assessed at a later date (essential for the job)

Various language requirements
Bilingual Imperative BBB/BBB
Bilingual Imperative CBC/CBC
English Essential
French Essential
English or French essential

Information on language requirements

KNOWLEDGE
1. Knowledge of cyber security technologies (e.g. Firewall, VPN, IDS/IPS) and threats as they pertain to an enterprise environment.
2. Knowledge of the network protocols such as TCP/IP, UDP, etc.
3. Knowledge of Government of Canada IT security standards and objectives.
4. Knowledge of the principles of IT security.

ABILITIES
1. Ability to use analytical skills to participate in security investigations, evaluate evidence and make recommendations for remediation.
2. Ability to work in a stressful environment with multiple and changing priorities.
3. Ability to communicate effectively orally.
4. Ability to communicate effectively in writing.

The following may be applied / assessed at a later date (may be needed for the job)

ASSET QUALIFICATIONS

OCCUPATIONAL CERTIFICATIONS:
1. ITIL Certification (v2/v3)
2. CISA: Certified Information Systems Auditor
3. Certified Information Systems Security Professional (CISSP)
4. Global Information Assurance Certification (GIAC) in one of the specializations under the Security
Administration category as issued by SANS
5. Successful completion of any Communications Security Establishment (CSE) IT Security Learning Centre Programs of Study
6. Offensive Security Certified Professional and/or Offensive Security Certified Expert
7. Completion of courses within the COMSEC Custodian Certification Program (CCCP) under Communications Security Establishment (CSE)

EXPERIENCE
1. Experience using various programming or scripting languages such as; C, C++, Python and Perl
2. Experience with web application development using SDLC lifecycle.
3. Experience working in/or with Security Incident Response teams.
4. Experience applying CSE best practices ITSG-33, ITSG-22 and ITSG-38 in support of LAN’s/WAN’s management, operation or support.
5. Experience in conducting or contributing to security investigations using various security or forensic tools, techniques or procedures.
6. Experience in conducting or contributing to research and analysis of cyber threats and applying them in the context of GC.
7. Experience in contributing to the development and management of an IT security program, including: security awareness, policies, standards, procedures, processes, monitoring, risk management, and/or activities surrounding the Security Assessment and Authorization (SA&A) or Certification and Accreditation (C&A) of IT infrastructure
8. Experience with Malware/Anti-virus tools and processes performing installation, configuration, and/or support.
9. Experience with performing vulnerability assessments and providing recommendation for remediation to various team.
10. Experience in coordinating administrative investigations in support of the ATIP or the DSO offices
11. Experience applying the principles and practices of IT risk management.
12. Experience in IT incident handling.
13. Experience working with Type-1 cryptography devices
14. Experience applying the IT Security Directives for the Control of COMSEC Material in the Government of Canada (ITSD-03, 01, 06, ITSG-11).
15. Experience developing and/or assessing information systems security or technical security architecture models, elements, or practices.
16. Experience assessing or developing Privacy Impact Assessments or Privacy requirements.
17. Experience in Cyber and IT policy analysis and development, including working with Memoranda to Cabinet, material for presentation to Cabinet or Treasury Board submissions.
18. Experience in coordinating the development of security standards through a peer review committee process.
19. Experience in developing security key performance indicators and reporting dashboards.
20. Experience in coordinating the planning, execution and reporting phases of external and internal audits.
21. Experience in contributing to the development and management of an IT security program, including: security awareness, policies, standards, procedures, processes, monitoring, risk management, and/or activities surrounding the Security Assessment and Authorization (SA&A) or Certification and Accreditation (C&A) of IT infrastructure.
22. Experience following the ISSIP process in ITSG-33, specifically tailoring of security controls and performing security assessment against the selected controls.
23. Experience in working with Canadian Government IT Security related standards and policies (e.g. Government Security Policy, Management of Information Technology Security (MITS) Standards, etc.)
24. Experience in writing non-technical analysis papers and reports
25. Experience in performing Cyber Intelligence, data analytics and/or strategic tradecraft analysis in the context of a Cyber Security program or service.

Selection may be limited to members of the following Employment Equity groups: Aboriginal persons, persons with disabilities, visible minorities, women

Information on employment equity

OPERATIONAL REQUIREMENTS:

Note: The operational requirements may vary by the position being staffed
-Ability and willingness to work overtime as required.
-Ability and willingness to travel
-Ability and willingness to work 24/7 On-call
-Ability and willingness to do shift work
-Ability and willingness to work flexible hours

Conditions of employment

Reliability Status security clearance - Certain positions may have a requirement for a Secret or Top Secret Clearance.

Other information

The Public Service of Canada is committed to building a skilled, diverse workforce reflective of Canadian society. As a result, it promotes employment equity and encourages candidates to indicate voluntarily on their application if they are a woman, an Aboriginal person, a person with a disability or a member of a visible minority group.

The Public Service of Canada is also committed to developing inclusive, barrier-free selection processes and work environments. If contacted in relation to a job opportunity or testing, you should advise the Public Service Commission or the departmental official in a timely fashion of the accommodation measures which must be taken to enable you to be assessed in a fair and equitable manner. Information received relating to accommodation measures will be addressed confidentially.

Preference

Preference will be given to veterans and to Canadian citizens, in that order.

Information on the preference to veterans

We thank all those who apply. Only those selected for further consideration will be contacted.