IT Security Analyst
Do not discuss your application with others (including on social media) besides your partner, or close family members - who should also be reminded about the need to be discreet.
|Who Can Apply||Canadian Citizens|
|Salary Range||$84,050 - $102,250|
|Language Requirement||Bilingual Imperative (BBB/BBB), Various|
The IT Security Analyst is responsible for the planning, development and delivery of the Service's Information Technology Security Program.The following describe some of the functions:
- Conduct security audits and investigations through the analysis of information collected from a variety of technical and non-technical sources by using specialized tools and techniques.
- Investigate, analyse and manage IT security incidents involving CSIS IT systems, users accounts, networks, electronic data and devices.
- Liaise with clients and respond to their queries/requests by evaluating the IT security incidents and taking proper actions by prioritizing business goals and information needs.
- Provide expert IT Security advice to managers on security matters by developing and recommending solutions to sensitive security issues.
- Establish and maintain a solid understanding of Service IT implementations, by keeping abreast of the latest developments in technology and by researching and performing proof of concepts in this area.
- Plan, research and conduct in depth Threat and Risk Assessments (TRA) and Statements of Sensitivity (SOS) relating to Service software and hardware to ensure systems integrity, confidentiality and availability.
- Specify, design, procure, install and certify equipment or products for technical security on IT systems such as computer systems, encryption, firewalls, forensics, network intrusion monitoring, and system security audit products.
- Ensure that IT security policies, standards and procedures are being followed to configure use and maintain systems.
- Prepare reports responding to security issues, audits and proposed changes to system applications.
- Develop project proposals and appropriate business cases pertaining to all elements of the security cycle for a particular project and implement the most efficient and cost-effective solutions.
- Liaise with Foreign Agencies, Government Departments and Private Industries to exchange information/methodologies/techniques in the field of security.
Undergraduate degree in a related field* and three (3) years of experience
- Technologist diploma or equivalent professional designation and four (4) years of experience.
- College diploma in a related field* and six (6) years of experience
*Related field of study include but are not limited to:
- Computer Science
- Computer / Electrical / Software / Network Engineering or Security
The educational program must be from an accredited learning institution recognized in Canada.
If you completed a program outside of Canada you will be required to obtain proof of a Canadian equivalency at your expense through a recognized credential assessment service.
Note: Any higher level of education could be recognized as experience.
Related experience is a period where the duties included three (3) or more of the following:
- Experience working with and securing IT infrastructure components and services (e.g. networks, storage, applications, directory services, databases, web services, cloud/virtualization services etc.).
- Experience drafting and reviewing technical and/or standards/guidance documents.
- Experience implementing security requirements in IT systems.
- Experience advising, briefing or training employees at all levels.
- Experience working with government policies on IT security (e.g. PGS, MITS, ITSDs, ITSG etc.)
- Experience working with IT risk management processes (SOS, TRA/Security Review, and C&A/SA&A).
- Experience working with and/or supporting Security Information and Event Management systems (ArcSight, ELK stack, Splunk, etc.)
- Experience with forensic analysis of IT hardware and software
- Experience with developing scripts on various systems
- Experience working in a high security environment.
- Industry certifications and/or training in IT security (ie: EC-Council Certified Ethical Hacker, EC-Council Certified Security Analyst, Certified Information System Auditor (CISA), Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), etc.).
- Successful completion of CSE IT Security Learning Center programs of study in relation to the Cyber security.
- Analytical skills
- Behavioural flexibility
- Organizational skills / multitasking
Conditions of Employment
The majority of work in our organization must be done in the office and cannot be performed at home.
Applicants must clearly demonstrate in their application how they meet each Education and Experience criteria. Failure to do so will result in the applicant being screened out of the career opportunity.
CSIS is a separate employer and is not subject to the Public Service Employment Act (PSEA). CSIS has its own classification, compensation system, and a different staffing regime. As such, we use a different staffing process and terminology.
CSIS is committed to building a workforce that is truly representative of the Canadians it serves by cultivating a diverse and inclusive workplace environment. This will be achieved by increasing employment equity group representation (including persons with disabilities, visible minorities, Indigenous peoples, and women) at all levels within the organization through hiring and talent management practices. We will also ensure that appropriate accommodations are made (e.g., specialized equipment, changes to physical workspace) to provide employment opportunities for all qualified candidates. In support of achieving a greater, diverse and skilled workforce, we strongly encourage those individuals who belong to one or more of the employment equity groups to self-identify when applying.
Should you require accommodation in relation to a disability, please tell us at the beginning of the selection process. This information will be kept confidential.
The personal information provided in your application is protected under the Privacy Act and will be held in Personal Information Bank SIS/P-PU-025.
Report a problem or mistake on this page
- Date modified: