Security Analyst

National Research Council Canada, Canada

Updated: 3 months ago
Location: Ottawa West, ONTARIO
Deadline: Telephone: 343-596-8193 Closing Date: February 11, 2024 - 23:59 Eastern Time

Priority will be given to the following designated employment equity groups: Indigenous peoples* (First Nations, Inuit and Métis), persons with disabilities and racialized persons*.

 

* The Employment Equity Act, which is under review, uses the terminology Aboriginal peoples and visible minorities. 

 

Candidates are asked to self-declare when applying to this hiring process.

 

City: Within a National Research Council Office across Canada
Organizational Unit: Knowledge, Information and Technology Services
Classification: CS-2
Tenure: Continuing
Language Requirements: Bilingual Imperative BBB/BBB

 

Note: Due to the nature of the work and operational requirements, this position will require some physical presence at the NRC work location identified, in the form of a hybrid work arrangement (a combination of working onsite and offsite)

 

  • Overtime will sometimes be required.
  • Occasionally, must be available for being “on-call” 24h/7 in rotation.  

Your Challenge

Great Minds. One Goal. Canada's Success.

 

Help bring research to life and drive your career forward with the National Research Council of Canada (NRC), Canada's largest research and technology organization.

 

Within the Knowledge, Information and Technology Services (KITS) Branch, the Security Analyst is responsible for carrying out the operational activities of the Cyber Defence Team (CDT).  The CDT is responsible for the security of NRC IT assets and provides advisory services to NRC employees and performs activities such as security monitoring, vulnerability assessments, and incident management.

 

The key activities for this position are the following:

 

  • Monitors and triages cyber security events and enquiries sent to the Cyber Defence Team.
  • Reviews and analyses phishing emails reported by NRC employees.
  • Investigates cyber security events and incidents, recommends proactive measures and implements corrective action; conducts technical research, participates in forensic analysis; provides guidance and assistance to clients in following approved cyber security standards and procedures.  
  • Provides technical advice, cyber security assistance and delivers cyber security training and awareness to internal clients.
  • Participates on projects to design, develop, test, implement, and support cyber security solutions to protect departmental/agency IT assets. 
  • Conducts research to support the development of departmental/agency work processes, standards and guidelines. 
  • Conducts security vulnerability assessments and analysis, supporting the development and implementation of cyber security strategies, processes, infrastructure and tools. 
  • Participates in the selection, installation, configuration, testing and development of cyber security tools and ensures adherence to the department/agency's cyber security standards and policies.

Screening Criteria

Applicants must demonstrate within the content of their application that they meet the following screening criteria in order to be given further consideration as candidates:


Education

Successful completion of university or post-secondary education and/or formal technical training relevant to the work.

 

For information on certificates and diplomas issued abroad, please see Degree equivalency


Experience
  • Recent experience working as a member of a security operations centre (SOC) and understanding its role within the organisation's Cyber Security program.
  • Recent experience with Cyber Security event and incident management, including investigation and remediation.
  • Relevant experience with the tools used for the analysis and monitoring of Cyber Security events.  
  • Recent experience providing sound technical advice to ensure the alignment of Cyber Security principles and guidelines/directives/policies with client requirements.
  • Recent experience in the IT field, including areas such as desktop configuration and networking principles.
  • Recent experience in collecting and clearly communicating technical information to clients, colleagues, and management.

    • Condition of Employment

    Secret (II)


    Language Requirements

    Bilingual Imperative BBB/BBB

     

    Information on language requirements and self-assessment tests


    Assessment Criteria

    Candidates will be assessed on the basis of the following criteria:


    Technical Competencies
  • Strong knowledge of the general principles of Cyber Security operations;
  • Broad knowledge of activities and technologies relevant to cyber security, including endpoint security, patch management, incident management, change management, network monitoring, malware analysis, vulnerability assessments, etc.;
  • Broad knowledge on all aspects of an IT infrastructure including server and workstation hardware and software, Windows and Linux operating systems, Windows Active Directory, TCP/IP networks and network architecture as they apply to IT security (e.g. zoning), encryption and communication technologies, cloud computing, etc.;
  • Knowledge of cyber security tools such as Microsoft Sentinel, Microsoft 365 Defender, Trellix Endpoint Security (McAfee), VMware Carbon Black;
  • General knowledge of cyber security related policies, directives, standards and guidelines used in the Government of Canada; 
  • Knowledge of cyber security standards and frameworks from NIST, CSE, ISO, CIS, etc;
  • Knowledge of reporting tools such as Power BI Report Builder will be considered an asset;
  • Platform specific security training or certification (e.g. Microsoft, Trellix) will be considered an asset;
  • Current industry standard security certification (e.g. CISSP, CISM, CCSP, CISA) will be considered an asset.

    • Behavioural Competencies
    • Technology support - Client focus (Level 2)
    • Technology support - Communication (Level 2)
    • Technology support - Initiative (Level 2)
    • Technology support - Teamwork (Level 2)
    • Technology support - Results orientation (Level 2)

    Competency Profile(s)

    For this position, the NRC will evaluate candidates using the following competency profile: Technology Support

     

    View all competency profiles


    Compensation

    Rates under review

     

    From $74,552 to $93,612 per annum.

     

    An incumbent occupying a position within the CS Group is currently entitled to receive a terminable allowance of $212 per month.

     

    In addition, the incumbent will receive the Bilingualism Bonus of $800 per year.

     

    NRC employees enjoy a wide-range of competitive benefits including comprehensive health and dental plans, vacation, sick, and other leave entitlements, disability insurance and pension plans.


    The NRC Advantage

    The National Research Council of Canada (NRC) is the Government of Canada's largest research organization supporting industrial innovation, the advancement of knowledge and technology development. We collaborate with over 70 colleges, universities and hospitals annually, work with 800 companies on their projects, and provide advice or funding to over 8000 Small and Medium-sized Enterprises (SMEs) each year.

     

    We bring together the brightest minds to deliver tangible impacts on the lives of Canadians and people around the world. And now, we want to partner with you.  Let your expertise and inspirations make an impact by joining the NRC.

     

    At the NRC Employee wellness matters. We offer flexible work schedules as well as part-time work to help employees maintain work-life balance. We are one of the few federal organizations that close our offices during the December holiday season.  We offer professional learning and development opportunities such as conferences, workshops, and a suite of mentorship, award and recognition programs. Diversity enables creativity and innovation. Fostering a diverse, inclusive, welcoming and supportive workplace is important to us, and contributes to a more inclusive Canadian innovation system. We welcome all qualified applicants and encourage you to complete the employment equity self-declaration questions during the job application process. Please let us know of any accommodation measures required to help you to be assessed in a fair and equitable manner. Please note that the information you provide will be treated confidentially. 

     

    Help us solve problems for Canada. Grow your career with us today!


    Notes
    • Relocation assistance will be determined in accordance with the NRC's directives.
    • A pre-qualified list may be established for similar positions for a one year period.
    • Candidates have to use a cover letter to demonstrate how they meet the education and experience factors listed on the poster.
    • Preference will be given to Canadian Citizens and Permanent Residents of Canada. Please include citizenship information in your application.
    • The incumbent must adhere to safe workplace practices at all times.
    • We thank all those who apply, however only those selected for further consideration will be contacted.

     

     

    Please direct your questions, with the requisition number (21247) to:

    E-mail: [email protected]

    Telephone: 343-596-8193 
    Closing Date: February 11, 2024 - 23:59 Eastern Time

     

    For more information on career tools and other resources, check out Career tools and resources

     

    *If you are currently a term or continuing employee at NRC, please apply through the SuccessFactors Careers module from your NRC computer.