ANTICIPATORY - Cyber Security Analyst

ANTICIPATORY - Cyber Security Analyst Reference number: GSS24J-059397-000018 Selection process number: 24-GSS-NCR-EA-NSSB-48211 Shared Services Canada - Network and Security Services - Infrastructure Security Operations Calgary (Alberta), Edmonton (Alberta), Vancouver (British Columbia), Victoria (British Columbia), Winnipeg (Manitoba), Moncton (New Brunswick), Saint John (New Brunswick), St. John's (Newfoundland and Labrador), Halifax (Nova Scotia), Belleville (Ontario), Cornwall (Ontario), Kingston (Ontario), Ottawa (Ontario), Toronto (Ontario), Charlottetown (Prince Edward Island), Chicoutimi (Québec), Gatineau (Québec), Longueuil (Québec), Matane (Québec), Montréal Island (Québec), Québec (Québec), Rimouski (Québec), Sherbrooke (Québec), Saskatoon (Saskatchewan) IT-02 $83,961 to $102,763 For further information on the organization, please visit Closing date: 10 July 2024 - 23:59, Pacific Time Who can apply: Persons residing in Canada, and Canadian citizens and Permanent residents abroad. Important messages We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential. Work environment Shared Services Canada (SSC) is modernizing how the Government of Canada manages its information technology (IT) infrastructure. The Department is mandated to deliver email, data centre and telecommunication services, including videoconferencing and Wi-Fi, to partner organizations. At SSC, we are building an environment that doesn't just have jobs, but valuable long-term careers. We provide a supportive and collaborative workplace with flexible work arrangements. We promote a positive work-life balance with a commitment to workplace wellness. SSC is dedicated to building and promoting a diverse, equitable and inclusive workforce, representative of Canadian society. All candidates who believe they are qualified are encouraged to apply, including Black, other racialized and Indigenous peoples, women, persons with disabilities and persons of the 2SLGBTQI+ community. SSC has several networks within its Diversity community that promote equality in the workplace and help build a culture of mutual respect. The Diversity community explores ways to increase employee engagement on issues that affect the equity seeking groups. The following networks provide members with a safe place to connect, discuss common issues, exchange information and voice concerns: -Indigenous Circle -Black Employees Network -Persons with Disabilities Network -Pride Network -Visible Minorities Network -Women’s Network Intent of the process This process may be used to staff similar positions within Shared Services Canada in various locations across Canada. Positions to be filled: Number to be determined Information you must provide Your résumé. In order to be considered, your application must clearly explain how you meet the following (essential qualifications) EDUCATION Graduation from a two-year program of study from a recognized post-secondary institution with acceptable specialization in computer science, information technology, information management or another specialty relevant to the position to be staffed. Note: 1. Indeterminate incumbents in the IT group on December 9, 2021 who do not possess the education prescribed above, are deemed to meet the minimum education standard based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the IT group. 2. Indeterminate incumbents of positions in the CS group on May 10, 1999, who do not possess the education prescribed above, are deemed to meet the minimum education standard based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the IT group. 3. At the manager’s discretion, an acceptable combination of education, training and/or experience may serve as an alternative to the minimum education stated above. Whenever the minimum education is met using this alternative, it is met for the specific position only and must be re-assessed for other positions for which this alternative has been specified by the manager. EXPERIENCES EX1. Experience supporting the analysis and investigation of IT security incidents or vulnerabilities. EX2. Experience in interacting with one or more of the following: clients, colleagues, supervisor, or interdisciplinary teams, to resolve IM/IT incidents or changes. EX3. Experience in documenting cyber/IT Security issues, requirements, procedures or solutions. EX4. Experience participating in the selection, installation, configuration, testing and development of IT security tools. The following will be applied / assessed at a later date (essential for the job) Various language requirements Bilingual Imperative BBB/BBB English Essential COMPETENCIES C1. Analytical Thinking C2. Client Service C3. Initiative C4. Teamwork ABILITIES A1. Ability to communicate effectively in writing. A2. Ability to communicate effectively orally. The following may be applied / assessed at a later date (may be needed for the job) ASSET QUALIFICATIONS One or more asset qualifications may be considered depending on the position being staffed. OCCUPATIONAL CERTIFICATIONS • Information Technology Infrastructure Library (ITIL) Certification (v3). • Certified Information Systems Security Professional (CISSP). • Successful completion of any Communications Security Establishment IT Security course (CSE). • Certified Cloud Security Professional or CCSK Certificate of Cloud Security Knowledge (CCSP). • Offensive Security Certified Professional and/or Offensive Security Certified Expert (OSCP / OSCE). • PRINCE 2 certification. • PMP certification. • Certified Red Team Operations Professional (CRTOP). • Certified Ethical Hacker (CEH). • GIAC Certified Incident Handler (GCIH). • Other related security certification. EXPERIENCES AEX1. Experience supporting one or more of the following cybersecurity areas: 1. Cyber Incident Response 2. Proactive monitoring 3. Identifying, evaluating, treating, and reporting on security vulnerabilities 4. Cloud Computing (Azure, AWS, etc.) 5. Security Device Management 6. Threat/Vulnerabilities Intelligence 7. Safeguarding networks using detection, pattern analysis, threat recognition and mitigations 8. Penetration Testing / Red-Teaming / Blue-Teaming 9. Risk Assessment 10. Public Key Infrastructure AEX2. Experience supporting the development and delivery of presentations to technical and non-technical audiences. AEX3. Experience supporting the investigation of IT security incidents/violations and supporting the implementation of corrective actions. AEX4. Experience supporting the design and/or implementation of cyber security strategies. AEX5. Experience installing, configuring, tuning, monitoring, operating, and supporting security tools and services such as Firewalls, IPS/IDS (SIEM) or other related Cyber/IT security services. AEX6. Experience participating in the assessment or deployment of security controls, such as tools and software applications with the objective of protecting IM/IT infrastructure from harmful incidents and malicious attacks. AEX7. Experience in Attack Surface Management or Threat Hunting. AEX8. Knowledge or experience applying current industry trends or best practices that affect the management of Cybersecurity. AEX9. Experience in leveraging technology and programming languages to develop efficient tools for enhancing data and security intelligence. AEX10. Experience in leveraging technology and programming languages to analyze data and create visualizations. ORGANIZATIONAL NEEDS - In support of achieving a diverse and representative workforce, selection may be limited to candidates who self-declare as a member of one or more of the following designated Employment Equity groups: Indigenous peoples, members of visible minorities including the Black community, persons with disabilities and/or women. To self-declare, please complete the EE section in your application. - SSC is committed to providing opportunities across Canada where feasible, and to increasing its regional presence. ORGANIZATIONAL NEEDS: - In support of achieving a diverse and representative workforce, selection may be limited to candidates who self-declare as a member of one or more of the following designated Employment Equity groups: Indigenous peoples, members of visible minorities including the Black community, persons with disabilities and/or women. To self-declare, please complete the employment equity section in your application. - SSC is committed to providing opportunities across Canada where feasible, and to increasing its regional presence. OPERATIONAL REQUIREMENT - Able to work overtime on short notice Conditions of employment Secret security clearance Other information The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply. The Government of Canada Workplace Accessibility Passport helps federal public service employees get the tools, supports and measures they need to perform at their best and succeed in the workplace. It is a tool that allows employees to document their workplace barriers and accommodation needs. It promotes collaboration between an employee and their manager to address barriers and implement the solutions needed to ensure that employees are equipped to succeed on the job, no matter where their duties are performed. SSC is proud to be one of the first in government to offer the Accessibility Passport to its employees. More Information on Self-Declaring ¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯ You can self-declare if you are a member of one or more of these four (4) designated employment equity groups: women, Indigenous (Aboriginal) peoples, persons with disabilities and members of visible minorities, as identified by the Employment Equity Act. Why self-declare: • It gives employment equity group members access to tailored programs, mentorships and networks • It helps build a public service that represents Canada’s diversity • It allows the public service to identify and eliminate barriers to hiring members of employment equity groups, by measuring their success rates at each step of the hiring process How to self-declare : If you belong to one or more employment equity group, you can self-declare when you apply for a job through GC Jobs by completing the Employment Equity section under Requirements ______________________________________________________________________ WHEN YOU APPLY - Focus on screening questions and on your résumé. Screening questions and your résumé will be the first pieces of information we’ll see about you, so be sure to highlight your achievements, and be clear about your experience and your education. ? Be specific about roles you've occupied and/or projects you’ve worked on. ? If you've had roles related to this position, tell us about it. ? Your evaluation will begin the moment you apply to the process. ? You must meet all essential qualifications in order to be appointed to the position. Candidates must clearly demonstrate in the screening questionnaire HOW they meet the education and experience criteria listed in the Essential Qualifications. Please note that stating that the requirement has been met, and/or listing past or current responsibilities does not represent adequate substantiation. You must provide CONCRETE EXAMPLES that clearly illustrate how you meet the requirement (how, when and where). Résumés may be used as a secondary source to validate the merit criteria, although comments such as "refer to my attached résumé" will not be accepted and may result in your application being rejected. The main steps in this process are as follows: 1. Submission of your application. 2. Preselection of candidates based on essential experiences and education. 3. A self-assessment of competencies and an opportunity to elaborate on asset qualifications may be administered to the candidates selected to proceed. 3. Invitation to a virtual interview which will assess some essential competencies (you will also need to present your proof of education) for candidates that pass the self-assessment with possible volume management strategies (various) being used if necessary. 4. Candidates will be notified by e-mail of their status in the process (successful or not). 5. If a hiring manager considers a qualified candidate, his or her references could be verified and aligned with validation or formal reference exercises.