Information Systems Security Analyst
National Research Council Canada
Organizational Unit: Security Branch
Classification: CS-3
Tenure: Continuing
Work Arrangements: This position is eligible for a hybrid work arrangement (combination of working onsite and telework). Employees in this position who telework will be required to travel to the identified work site at least three times per week at their own expense. Indigenous candidates may be eligible for an exception to this work arrangement.
The Role
We are looking for an Information Systems Security Analyst to support our Security Branch. The Information Systems Security Analyst will provide information protection and IT security services in support of NRC’s strategic objectives.
Responsibilities include:
- Evaluating and advising on the security impact of changes to NRC’s IT and network infrastructure.
- Responding to and resolving or escalating reported security incidents.
- Acting as a “clearinghouse” for threat and vulnerability information by monitoring sources of threat and vulnerability data.
- Collaborating with corporate IT/IM service providers to ensure security issues are addressed throughout the project lifecycle.
- Providing technical support to the Risk Management team and maintaining a good understanding of the overall security posture of the organization.
- Supporting Security Branch’s administration investigation function, including seizure and storage of evidence and digital forensics.
The work requires continuous study of network and IT security processes, systems, and software, as well as ongoing study of trends and developments in the IT and IT security fields.
Screening Criteria
Applicants must demonstrate within the content of their application that they meet the following screening criteria:
Education
Post-secondary education and completion of a 2 or 3 year certificate/diploma program in computer systems applications, information systems, and associated information protection and security applications; or equivalent, plus CISSP.
Experience required:
- Collating incident and other security data to produce Briefing Notes and Forensic Reports.
- Project management and project leadership.
- Investigating and analyzing serious security incidents.
- Providing advice and assistance to individuals at various levels of technical knowledge and administrative responsibility.
- Evaluating and advising on security impacts.
- Reviewing and conducting vulnerability assessments on accounts, systems, and interface devices.
- Presenting to various large audiences with different levels of knowledge.
Candidates will be assessed on the basis of the following criteria:
- Knowledge of IM/IT systems hardware, software, and operating systems, including routers, switches, firewalls, intrusion detection, and associated network protocols and concepts.
- Knowledge of relevant federal legislation, policies, standards, and guidance.
- Ability to monitor sources of threat and vulnerability data.
- Ability to investigate and analyze serious security incidents.
- Ability to give briefings to employees at various levels.
- Knowledge in advanced diagnostics and problem solving.
- Knowledge of the fundamentals of project management.
Closing Date: 26 November 2024 - 23:59 Eastern Time
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
