Apply Now

Senior Network Exploitation Analyst

Job ID22-968-09-089-8349
Date Posted2022-05-13
Job TypeFull-time
Job CategoryPublic Administration
Closing Date 2022-06-26
Reference Number 22-968-09-089
Job Category Subject Matter Expert
Who Can Apply Canadian Citizens

Location Ottawa, Ontario
Toronto, Ontario
Burnaby, British Columbia
Montreal, Quebec
Salary Range $95,350 - $116,060
Status Indeterminate (permanent)
Language Requirement Various

Job Summary

As a Senior Network Exploitation Analyst, you will be part of a team of energetic professionals in the area of operational investigations.

Your days will be filled with the excitement and challenges that you would expect as a Technical Analyst within Canada's national intelligence agency. Your role within our agency will offer you the chance to become part of a dedicated team that investigates cyber threats to the security of Canada, such as espionage, foreign-influenced activities, and terrorism. Your day-to-day functions will include conducting technical analysis of Adversary Computer Network Exploitation artifacts using forensics and other methodologies.  You will also be involved in the development, design, implementation, and maintenance of creative systems and tools that support cyber national security investigative activities.

A career as a Network Exploitation Analyst within CSIS will provide you with the opportunity to play a key role in keeping Canadians Cyber safe by investigating and countering cyber-attacks impacting Canada and Canadian interests.

The Senior Network Exploitation Analyst is responsible for overseeing the investigative activities related to foreign computer network exploitation (CNE) operations. Main responsibilities:

  • Leading, providing mentorship on, and case managing cyber investigations.
  • Providing specialized advice on cyber investigations.
  • Collaborating with counterparts across Canada in investigating CNE activity with industry and individuals.
  • Assessing, interpreting and attributing cyber activity investigated by the Service.
  • Overseeing the creation of cyber threat intelligence related to the Service's cyber investigations.
  • Leading the analysis of cyber investigations related to foreign CNE operations, including hard drive and network traffic forensics, and malware analysis.
  • Maintaining technical knowledge of cyber threats by monitoring classified and open source reporting, and attending cyber conferences/working groups.


  • Undergraduate degree in Computer Science or Engineering and seven (7) years of relevant experience*
  • College Technologist diploma and nine (9) years of relevant experience*

The educational program must be from an accredited learning institution recognized in Canada. If you have completed a program outside of Canada, you will be required to obtain proof of a Canadian equivalency at your expense from an accredited learning institution recognized in Canada. 

Note: Any higher level of education could be recognized as experience.


  • Requirement 1: you must demonstrate experience in at least one (1) of the three (3) subjects listed below. You must clearly indicate and demonstrate the number of years of experience acquired for each subject(s) chosen, and that you acquired this experience within the last ten (10) years.
    • Experience in malware analysis (static or dynamic)
    • Experience in malware signature development (e.g. regex, yara)
    • Experience in computer forensics (disk, memory, mobile) or network forensics (PCAP, DNS, TCP)
  • Requirement 2: Candidate must demonstrate experience in at least two (2) of the eight (8) subjects listed below**. The number of years of experience acquired must be clearly indicated and demonstrated for each subject. In addition, experience must have been gained within the last ten (10) years.
    • Experience in malware analysis (static or dynamic)
    • Experience in malware signature development (e.g. regex, yara)
    • Experience in computer forensics (disk, memory, mobile) or network forensics (PCAP, DNS, TCP)
    • Experience in cyber threat analysis, or the production of cyber threat intelligence
    • Experience in scripting (e.g. Python, PHP, Shell) or software development (C/C++)
    • Experience IT Infrastructure (LAN/WAN, networking)
    • Experience in IT Security appliances (e.g. VPN, Firewall, IDS, etc.)
    • Experience with network communication protocols (e.g. DNS, TCP, etc.)

** You may not select the same experience twice and must have a total of three (3) different experiences (one experience from Requirement 1 and two experiences from Requirement 2).  


  • Experience in providing briefings and presentations.
  • Experience with threat intelligence platforms such as MISP or similar.
  • Experience in scripting/automating the processing of large volumes of data.
  • Experience in data science and implementing machine learning models/algorithms.
  • Experience with techniques used by computer hackers to penetrate computer networks and related technologies.


  • Analytical skills
  • Innovation
  • Ability to learn
  • Rigour
  • Communication

Conditions of Employment

Not Applicable


You must clearly indicate for which location(s) you apply; otherwise, your application will be rejected.

A written exam will be administered to successful applicants. If you are successful at the exam, you will be invited to an interview. The exam will serve to evaluate analytical skills and technical knowledge related to the required experience.

The majority of work in our organization must be done in the office and cannot be performed at home.

Reference Links

Security Requirements

Candidates must be eligible to receive an Enhanced Top Secret security clearance. The process involves a security interview, a polygraph, and a background investigation that includes credit and financial verifications. The use of illegal drugs is a criminal offense. Drug use is an important factor considered in your reliability and suitability assessment during the selection process. Therefore it is important not to use any illegal drugs from the time you submit your application.


We thank all applicants for their interest in CSIS. However, only those who are selected for further consideration will be contacted.

For more information, visit CSIS for Senior Network Exploitation Analyst