|Closing Date ||2021-05-19 |
|Reference Number ||21-968-08-054 |
|Job Category ||Experienced |
|Who Can Apply ||Canadian Citizens |
|Location ||Ottawa, Ontario |
|Salary Range ||$84,050 - $102,250 |
|Status ||Indeterminate (permanent) |
|Language Requirement ||Bilingual Imperative (BBB/BBB), Various |
The IT Security Analyst is responsible for the planning, development and delivery of the Service's Information Technology
Security Program. The following describe some of the functions:
- Conduct security audits and investigations through the analysis of information collected from a variety of technical and non-technical sources by using specialized tools and techniques.
- Investigate, analyse and manage IT security incidents involving CSIS IT systems, users accounts, networks, electronic data and devices.
- Liaise with clients and respond to their queries/requests by evaluating the IT security incidents and taking proper actions by prioritizing business goals and information needs.
- Provide expert IT Security advice to managers on security matters by developing and recommending solutions to sensitive security issues.
- Establish and maintain a solid understanding of Service IT implementations, by keeping abreast of the latest developments in technology and by researching and performing proof of concepts in this area.
- Plan, research and conduct in depth Threat and Risk Assessments (TRA) and Statements of Sensitivity (SOS) relating to Service software and hardware to ensure systems integrity, confidentiality and availability.
- Specify, design, procure, install and certify equipment or products for technical security on IT systems such as computer systems, encryption, firewalls, forensics, network intrusion monitoring, and system security audit products.
- Ensure that IT security policies, standards and procedures are being followed to configure use and maintain systems.
- Prepare reports responding to security issues, audits and proposed changes to system applications.
- Develop project proposals and appropriate business cases pertaining to all elements of the security cycle for a particular project and implement the most efficient and cost-effective solutions.
- Liaise with Foreign Agencies, Government Departments and Private Industries to exchange information/methodologies/techniques in the field of security
- Undergraduate degree in a related field* and three (3) years of experience
- Technologist diploma or equivalent professional designation and four (4) years of experience
- College diploma in a related field* and six (6) years of experience
*Related field of study include but are not limited to:
- Computer Science
- Computer / Electrical / Software / Network Engineering or Security
The educational program must be from an accredited learning institution recognized in Canada.
If you completed a program outside of Canada you will be required to obtain proof of a Canadian equivalency at your expense through a recognized credential assessment service.
Note: Any higher level of education could be recognized as experience.
Related experience is a period where the duties included three (3) or more of the following:
- Experience working with and securing IT infrastructure components and services (e.g. networks, storage, applications, directory services, databases, web services, cloud/virtualization services etc.).
- Experience drafting and reviewing technical and/or standards/guidance documents.
- Experience implementing security requirements in IT systems.
- Experience advising, briefing or training employees at all levels.
- Experience working with government policies on IT security (e.g. PGS, MITS, ITSDs, ITSG etc.)
- Experience working with IT risk management processes (SOS, TRA/Security Review, and C&A/SA&A).
- Experience working with and/or supporting Security Information and Event Management systems (ArcSight, ELK stack, Splunk, etc.)
- Experience with forensic analysis of IT hardware and software
- Experience with developing scripts on various systems
- Experience working in a high security environment.
- Industry certifications and/or training in IT security (ie: EC-Council Certified Ethical Hacker, EC-Council Certified Security Analyst, Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), etc.)
- Successful completion of CSE IT Security Learning Center programs of study in relation to the Cyber security.
- Analytical skills
- Behavioural flexibility
- Organizational skills / multitasking
Conditions of Employment
The majority of work in our organization must be done in the office and cannot be performed at home.
Candidates must be eligible to receive an Enhanced Top Secret security clearance. The process involves a security interview, a polygraph, and a background investigation that includes credit and financial verifications. The use of illegal drugs is a criminal offense. Drug use is an important factor considered in your reliability and suitability assessment during the selection process. Therefore it is important not to use any illegal drugs from the time you submit your application.
We thank all applicants for their interest in CSIS. However, only those who are selected for further consideration will be contacted.
For more information, visit CSIS for IT Security Analyst