gJobs.ca

Senior IT Security Analysts Multi-Streams **see duties

Reference Number
RSN20J-013784-000408

Selection Process Number
2020-RSN-EA-CMSS-201460

Organization
Natural Resources Canada

Year
2020-2021

Days Open
30

Classification
CS03

City
Ottawa

Type
External

Quick Summary

Total
87

Employment Equity
55 (63.2%)

Screened out
12 (13.8%)

Screened in
75 (86.2%)

Applicant Submissions (87)

Employment Equity 63.2% 55

Screened Out 13.8% 12

Screened In 86.2% 75

Employment Equity(55)

Women 18.4% 16

Visible minority 50.6% 44

Indigenous 0% 0

People with disabilities 5.7% 5

Language

English 75.9% 66

French 24.1% 21

Status

Citizens 72.4% 63

Permanent Residents 0% 0

Archived Job Poster

Senior IT Security Analysts Multi-Streams **see duties

Reference number: RSN20J-013784-000408
Selection process number: 2020-RSN-EA-CMSS-201460
Natural Resources Canada - Corporate Management and Services Sector - Chief Information Officer and Security Branch
Ottawa (Ontario)
CS-03
$83,147 to $103,304

For further information on the organization, please visit Natural Resources Canada

Closing date: 22 January 2021 - 23:59, Pacific Time

Who can apply: Persons residing in Canada and Canadian citizens residing abroad.

Important messages

We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

Assessment accommodation

The Government of Canada is committed to building a skilled workforce that is representative of Canada's diversity, which includes the recruitment of Canadian Veterans and releasing Canadian Armed Forces personnel:
https://www.canada.ca/en/public-service-commission/jobs/services/public-service-jobs/canadian-armed-forces-members-veterans.html
We encourage applicants to identify any abilities, competencies, and/or experiences acquired through employment with the Canadian Armed Forces where applicable.

***VERY IMPORTANT NOTE:
In order for your application to be considered, all screening questions must be answered. You must provide concrete examples to demonstrate how you meet each qualification.
Applicants must clearly outline how they meet each of the screening criteria (i.e. Education and Experience Qualifications, both Essential and Assets). Please note that it is not sufficient to only state that you meet the requirements, to provide a listing of your current responsibilities or to write "See CV". In your answers to the screening questions, you must provide concrete examples that illustrate how you meet the requirements. Failure to do so could result in your application being rejected from this process.

Please note that the screening/text questions in the on-line application will be used to assess the ability to communicate effectively in writing.

Duties

Stream 1 – Senior IT Security Analyst – IT Security Operations:
Under the supervision of the Manager of Cyber Security and in collaboration with the CS-03 IT Security Operations functional unit’s Team Lead, take the technical lead in support of delivering services as expected from an IT Security Operations Centre such as, but not limited to, active monitoring and threat hunting. Share knowledge with fellow colleagues in support of increasing overall maturity and become an active member of the Cyber Security Incident Response Team (CSIRT) with a functional reporting link to the CS-03 IT Security Operations functional unit Lead. Perform IT Security Forensics related activities only when deemed necessary should leveraging such services provided by Shared Services Canada not be possible. Rotational on-call responsibilities are shared between CSIRT members.

Stream 2 – Team Lead – IT Security Operations:
Under the supervision of the Manager of Cyber Security, supervise the Cyber Security Team’s IT Security Operations functional unit in support of the ongoing delivery of its services while ensuring that areas for improvement be identified with associated plans brought forward for improvement. Supervise and, as required, directly participate in the functional unit’s ongoing Cyber Security Incident Response (CSIRT) related activities. Work closely with the IT Security Operations’ Senior IT Security Analyst in support of increasing overall maturity of the functional unit.

Stream 3 – Senior IT Security Analyst – IT Security Risk Management:
Under the supervision of the Manager of Cyber Security and in collaboration with fellow Team colleagues, maintain and support the IT Security Assessment & Authorization (SA&A) program. Provide guidance in support of SA&A execution. Participate actively on SA&A monitoring and reporting activities. Provide IT security risk based guidance through appropriate cost-effective timely assessments. In collaboration with fellow colleagues from the IT Security Awareness & Governance functional unit, actively participate on providing clear and concise role-based guidance for each of the SA&A program’s families of controls.

Stream 4 – Senior IT Security Analyst – IT Security Awareness & Governance:
Under the supervision of the Manager of Cyber Security and in collaboration with fellow Team colleagues, help establish and maintain an effective IT security awareness program with supporting governance in place. This program must remain aligned with Treasury Board Secretariat’s and Government of Canada IT Security Lead Agencies’ associated policy instruments and best practices. Actively participate or take the lead in support of clear and concise communication of IT or cyber security related matters.

Work environment

Natural Resources Canada’s Cyber Security Team provides a dynamic environment with strong collaboration and engagement in place. The Manager of Cyber Security strongly encourages members of the Team to empower their respective work areas and remains engaged on supporting decisions made. Teleworking is encouraged in support of applying and maintaining appropriate family and work balance.

Intent of the process

ANTICIPATORY PROCESS - A pool of candidates may be established through this process to staff identical or similar positions at Natural Resources Canada at the CS-03 group and level with various tenures (determinate period or indeterminate), various linguistic requirements (English Essential, French Essential, English or French Essential and Bilingual imperative or non-imperative) and profile(s) (BBB/BBB, CBC/CBC), various security requirements (i.e. Reliability, Secret, Top Secret), various conditions of employment and for various locations.

Positions to be filled: 1

Information you must provide

Your résumé.

In order to be considered, your application must clearly explain how you meet the following (essential qualifications)

EDUCATION - ALL STREAMS:
Successful completion of two years of an acceptable post-secondary educational program in computer science, information technology, information management or another specialty relevant to the position to be staffed.

NOTE:
- Indeterminate period incumbents of positions in the CS group on May 10, 1999, who do not possess the education prescribed above are deemed to meet the minimum education standards based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the CS group.
- It is a recognized educational institution (e.g., community college, CÉGEP or university) that determines if the courses taken by a candidate correspond to two years of a post-secondary program at the institution.
- At the manager's discretion, an acceptable combination of education, training and/or experience may serve as an alternative to the minimum post-secondary education stated above. Whenever the minimum education is met via this alternative, it is met for the specific position only and must be re-assessed for other positions for which this alternative has been specified by the manager

Degree equivalency

EXPERIENCES: Common to all streams
EX1: Recent* experience providing advice and guidance on security related policy, guidance and procedures related to IT technologies.
EX2: Experience in technical writing and the preparation of documentation such as, but not limited to, policy instruments, best practices, guidance, operating procedures, options analysis, presentations, R&D findings and related material.

The following will be applied / assessed at a later date (essential for the job)

Various language requirements
Bilingual BBB/BBB essential for Senior IT Security Analyst positions (Streams 1, 3 and 4)
Bilingual CBC/CBC essential for Team Lead position (stream 2)

Information on language requirements

EXPERIENCES
Stream 1 – Senior IT Security Analyst – IT Security Operations:
Recent and significant** experience in analyzing logs to identify and address potential IT security related issues.

Stream 2 – Team Lead – IT Security Operations:
Recent* team lead or supervisory experience.

Stream 3 – Senior IT Security Analyst – IT Security Risk Management:
Recent and significant** experience in assessing IT security related risk and on providing specialized advice and recommendations for the application of appropriate security controls.

Stream 4 – Senior IT Security Analyst – IT Security Awareness & Governance:
Recent* experience in creating and delivering training or information sessions.

*Recent refers to experience acquired within the last 3 years.
**Recent and significant refers to the breadth and depth of experience acquired over 3 consecutive years within the last 5 years. Breadth and depth is defined as a combination of time spent doing the activity, as well as type (range, scope, and complexity) of work performed.

KNOWLEDGES:
(Common to all streams)
Knowledge of Government of Canada policy instruments. Most importantly, the Policy on Government Security (PGS) and the Directive on Security Management.

Stream 1 – Senior IT Security Analyst – IT Security Operations:
Knowledge of fundamental networking components and concepts including Firewalls, VPN technology, DNS, TLS, TCP/IP.
Knowledge of fundamental approaches in support of responding to IT security related events and incidents.

Stream 2 – Team Lead – IT Security Operations:
Knowledge of the Treasury Board Secretariat Public Service Performance Management solution with application of smart work objectives.

Stream 3 – Senior IT Security Analyst – IT Security Risk Management:
Knowledge of the Canadian Centre for Cyber Security (CCCS) published IT Security Guidance on IT Security Risk Management: A Lifecycle Approach (ITSG-33).
Knowledge of the Government of Canada’s Harmonized Threat & Risk Assessment Methodology (HTRA Methodology).

Stream 4 – Senior IT Security Analyst – IT Security Awareness & Governance:
Knowledge of fundamental approaches and techniques in support of effective communication and promotion of specific subject matters such as IT security.

LEADERSHIP COMPETENCIES (Common to all streams):
• Engagement (Working effectively with people, organizations and partners);
• Values and Ethics (Serving through integrity and respect);
• Excellence through results (Delivering results through own work, relationships and responsibilities); and,
• Strategic Thinking (Innovating through analysis and ideas).

ABILITIES: (Common to all streams)
Ability to communicate effectively in writing.
Ability to communicate effectively orally.

The following may be applied / assessed at a later date (may be needed for the job)

ASSETS (Common to all streams):
• Experience in the preparation, testing and evaluation of infrastructure / security controls of IT systems.
• IT Security certifications from recognized certification bodies such as ISC2 (ex CISSP, CCSP), ISACA (ex CISA, CISM), SANS (ex GCIH, GSNA), CompTIA (ex Security+), EC-Council (ex CEH)
• Industry certifications for Project Management.
• Experience in the design, implementation, operations and maintenance of Cloud services and technologies including Software-As-a-Service (SaaS), Platform-as-a-Service (PaaS), Infrastructure-as-a-Service (IaaS) and Desktop-as-a-Service (DaaS) – i.e. Azure Virtual Desktop Infrastructure (VDI).
• Experience with collaboration tools including Microsoft Teams and integration / use of Office 365.
• Experience with IT security incident related activities.
• Experience with managing workloads and prioritizing associated tasks.
• Experience with budget forecasting.

Degree equivalency

Selection may be limited to members of the following Employment Equity groups: Aboriginal persons, persons with disabilities, visible minorities, women

Information on employment equity

Operational or Condition of Employment depending on the position to be staffed.
Willing and able to work overtime as required.
Willing and able to work in a virtual environment.
Willing and able to travel as required.

Conditions of employment

Various security profiles: Reliability or Secret depending on the position to be staffed.

Other information

The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply.

Information on employment equity

The hiring organization will accept applications on-line only. All job applications must therefore be submitted through the Public Service Resourcing System. To submit an application on-line, please select the button “Apply Online” below. Persons with disabilities preventing them from applying on-line are asked to contact 1-800-645-5605.

A written examination may be administered.
An interview may be conducted.
Reference will be sought.

Persons are entitled to participate in the appointment process in the official language of their choice. Applicants are asked to indicate their preferred official language in their application.

For this selection process, it is our intention to communicate with candidates via email for screening and assessment purposes. This will include communication of screening results and invitations to written tests and interviews. To that end, candidates must include a valid email address in their application. It is the candidate’s responsibility to ensure that this address is functional and that it accepts messages from unknown users (some email systems block these types of email). It is also the candidate’s responsibility to ensure accurate information is provided and updated as required.

Candidates should be prepared to provide proof of education (copy of degree/diploma) and citizenship or permanent resident status. If you have obtained education outside Canada, you will be required to submit proof of evaluation of Canadian equivalency.

Candidates with foreign credentials must provide proof of Canadian equivalency. Consult the Canadian Information Centre for International Credentials for further information at http://www.cicic.ca/.

Candidates from outside the public service may be required to pay for travel costs associated with this selection process.

Preference

Preference will be given to veterans and to Canadian citizens, in that order, with the exception of a job located in Nunavut, where Nunavut Inuit will be appointed first.

Information on the preference to veterans

We thank all those who apply. Only those selected for further consideration will be contacted.

Copyright © 2023 Sannax Corp. All rights reserved.
0.0