Digital Careers: Cybersecurity/Information Security/IT Security Positions (Inventory)
Selection process number: 2022-TBD-EA-BA-153986
Various Government of Canada Organizations
Closing date: Friday, December 9th, 2022 at 11:59 PM Eastern Time
Who can apply: Persons residing in Canada and Canadian citizens residing abroad.
The Federal Public Service is stronger and most effective when we reflect the diversity of the Canadian population we serve. The Government of Canada is dedicated to building and promoting a diverse, equitable and inclusive workforce, representative of Canadian society. All candidates who believe they are qualified are encouraged to apply, including Black, other racialized and Indigenous peoples, women, persons with disabilities and persons of the 2SLGBTQI+ community.
The Government of Canada is committed to Employment Equity (EE). In order to achieve a representative workforce, selection could be based on qualified candidates self-declaring as belonging to one of the EE groups. To self-declare, please complete the EE section in your application.
- It gives employment equity group members access to tailored programs, mentorships and networks
- It helps build a public service that represents Canada’s diversity
- It allows the public service to identify and eliminate barriers to hiring members of employment equity groups, by measuring their success rates at each step of the hiring process
Information on employment equity
We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.
When you apply to this selection process, you are not applying for a specific job, but to an inventory for future vacancies. As positions become available, applicants who meet the qualifications may be contacted for further assessment.
The Government of Canada offers meaningful and influential careers with opportunities to work on social, technological and economic topics that matter to Canadians.
In the context of a pandemic, the temporary or permanent measures put in place to ensure the health and safety of employees as well as the continuity of operations may vary, depending on the mandate and priorities of each federal organization. If you have any questions regarding these measures, they can be addressed with the department(s) that contact you about a specific employment opportunity.
Have you considered joining the Public Service of Canada? Would you like to put your skills and knowledge towards protecting systems and services that Canadians rely on? As the government of Canada continues its digital transformation journey, the demand for a cyber workforce to protect the networks and information systems that Canadians rely on has never been greater. As a cyber security/IT security professional in the government of Canada, you will be working at the forefront of the cybersecurity challenges and helping to ensure that the technologies used across the government protects the information they carry.
You’ll have opportunity to access to continuous learning through onboarding, on-the-job training, coaching, mentoring, interdepartmental placements, and many other opportunities such as career advancement as well as working with and learning from exceptional cyber/IT security professionals.
How are we bringing the government of Canada into the digital age? View our #GCDigital video!
|Intent of the process|
This process will be managed by the Treasury Board of Canada Secretariat, Office of the Chief Information Officer of Canada, and used by various federal government organizations. Candidates may be contacted to be further assessed. A pool will be established and may be used to staff similar positions with various tenures.
Positions to be filled: Number to be determined
|Information you must provide|
|In order to be considered, your application must clearly explain how you meet the following (essential qualifications)|
Graduation from a two-year program of study from a recognized post-secondary institution with acceptable specialization in computer science, information technology, information management or another specialty relevant to the position to be staffed or an acceptable combination of education, training and/or experience. This process adheres to the current IT classification standard.
For more information: Degree equivalency
Please review all of the experience requirements for each IT stream (IT-01, IT-02, IT-03, and IT-04) and select the streams and roles you are applying for based on your level of experience. You must meet all the essential criteria for each stream and role you are applying for.
STREAM 1: IT-01
EXP1. Experience in information technology or providing technical support in the development, integration, implementation, or operations of IT security solutions.
STREAM 2: IT-02
EXP1. Recent* Experience (> 1 year) supporting enterprise level IT Infrastructure, IT Security Infrastructure, IT Applications; or Endpoints in an enterprise environment.
EXP2. Recent* Experience (> 1 year) working in Cybersecurity, Information Security, IT Security Analysis
- Network Security (i.e., Managing Security Controls, IT Security Perimeter Defences, Firewalls, Intrusion Prevention/Detection Systems (IPS/IDS), &, Security Information and Event Management (SIEM))
- Installation, Administration, Maintenance and Troubleshooting of Security Solutions including Cloud
- Identity, Credential and Access Management
- Active Directory Services
- IT Security Operations (i.e., Patch Management, Security Incident Response, Threat and Vulnerability Management)
- Scripting (i.e., PowerShell, Python, etc.)
*Recent experience is defined as within the last three (3) years.
STREAM 3: IT-03 (Technical Advisor or Team Lead)
EXPERIENCE - BOTH POSITIONS
EXP1. Significant* experience working in Cybersecurity, Information Security, or IT Security Analysis or occupying a similar position installing, operating, maintaining, and providing enterprise-level support for systems in two or more of the following areas:
- Server Administration
- Directory Services Infrastructure Support
- Identity/Credential and Access Management
- IT Security Operations or Security Operations Center
- Cloud Computing (Azure, AWS, etc.)
- Cyber Security Architecture
- Security Device Management
- Threat Modelling
- Risk Assessment
EXP2: EX3. Significant* experience installing, configuring, tuning, monitoring, operating, and supporting security tools and services such as Firewalls, IPS/IDS (SIEM) or other related Cyber/IT security services.
EXP3: Significant* experience in developing and implementing security processes and tools based on the business, operational, technical and security requirements. Recent experience supporting the development of architectural processes, designs and patterns that meet organizations cyber security strategic or tactical objectives.
EXP4. Significant* experience providing strategic advice to managers and above.
*Significant is defined the depth and breadth of combined experience gained over a minimum period of three (3) years.
STREAM 4: IT-04 (Senior Technical Advisor or Manager)
EXPERIENCE - EXP1 and EXP2 are essential for both positions
EXP1: Extensive* experience leading, managing or contributing to complex IT security program objectives.
EXP2: Extensive* experience in analyzing information, providing strategic advice and recommendations to senior management or clients.
EXP3. Significant* experience providing strategic advice to managers and above.
EXP4. Recent* experience drafting Standard Operating Procedures (SOPs), technical documents, instruction manuals, policies or documents pertaining to IT or Cybersecurity.
EX5 is essential for Manager positions only.
EXP5: Extensive* experience managing or leading multi-disciplinary teams in Cyber Security or IT Security.
*Extensive means the depth and breadth of combined experience that is normally acquired by performing the tasks over a period of four (4) years or more.
*Recent experience is defined as within the last two (2) years.
Security and Risk Management
- Knowledge of IT Security Assessment and Authorization following ITSG-33 framework and/or Harmonized Threat and Risk Assessment methodology.
- Knowledge of and experience conducting IT Privacy Impact Assessments.
- Experience in the development and implementation of IT security policies, procedures, and standards based on Government of Canada (GC) or National Institute of Standards and Technology (NIST), best practices, and compliance requirements. Knowledge of current IT risks and experience in implementing security solutions.
- Experience in designing, implementing and supporting enterprise security solutions.
- Experience in network security design and implementation.
- Knowledge of encryption methodologies including TLS, SSL, and IPSEC.
- Knowledge of network protocols such as BGP, TCP, UDP, and IPv4 / 6.
- Knowledge of digital identity concepts and systems.
- Knowledge of key digital identity standards.
- Experience working with identity, access, and privileged account management solutions.
- Experience supporting security services such as Firewalls, Intrusion Detection, Security Information and Event Management (SIEM), Anti-Virus, Anti-Malware, Data Loss prevention, Network Security, Vulnerability Assessment and Directory Services, Penetration Testing, or other related Cyber/IT security services.
- Experience in configuring and administering Linux Server environment.
- Experience working with centralized Multi-Factor Authentication (MFA) services to support strengthening the authentication process to sensitive Government of Canada (GC) IT infrastructure services.
- Experience leading complex IM/IT Security Projects.
- Experience supporting Red Team and/or Blue Team activities.
- Experience with Cyber Threat Intelligence services such as Threat Detection and Response, Attack Surface Management, Threat Intelligence, Threat Hunting or Data Protection in support of IT Governance.
- Experience in IT security incident management.
- Experience in cloud-based service delivery and working with Platform as a Service (PaaS), Infrastructure as a Service (IaaS), and/or Software as a Service (SaaS).
- Experience implementing Cloud based authentication solutions
- Experience configuring and administering Azure Active Directory (Azure AD) or Amazon Web Services (AWS) authentication services.
Software Development Security
- Knowledge of secure development, coding, engineering practices.
- Knowledge of software development life cycles and methodologies is required, including knowledge of programming and systems analysis procedure.
Asset - Occupational Certifications
- (ITIL) Information Technology Infrastructure Library Certification (v3).
- (CISSP) Certified Information Systems Security Professional.
- (GIAC) Global Information Assurance Certification in one of the specializations under the Security Administration category as issued by SANS.
- (CSE) Successful completion of any Communications Security Establishment IT Security Learning Centre Programs of Study.
- (OSCP / OSCE) Offensive Security Certified Professional and/or Offensive Security Certified Expert.
- (TOGAF) The Open Group Architecture Forum Certification.
- (PMP) Project Management Professional or Prince Certification.
- Cloud Storage Certifications (AWS, CCNA, CCNP, or MCSE).
- (CISM) Certified Information Security Manager.
- (CISA) Certified Information Systems Auditor.
|The following will be applied / assessed at a later date (essential for the job)|
The following competencies are essential for all positions:
- Analytical Thinking
- Stress management
- Problem solving
- Communication - To be evaluated throughout the entire hiring process including in your screening question responses. Clarity, coherence, conciseness as well as appropriate attention to detail (spelling, grammar and relevance to the factor being substantiated) may be used to evaluate your ability to communicate effectively in writing.
Bilingual positions (Bilingual Imperative BBB/BBB & CBC/CBC) or English Essential positions. Team Leader and Manager positions are Bilingual Imperative.
Information on language requirements
|Second Language Writing Skills Self-Assessment|
In order to help you decide if you should apply to a bilingual position, an optional self-assessment of your writing skills in your second official language is available for you to take before completing your application.
For more information, please consult:
Unsupervised Internet Test of Second Language Writing Skills
Applicable to all streams:
- Knowledge of current trends or best practices that affect the management of IM/IT, Cybersecurity, or the delivery of technology services.
|The following may be applied / assessed at a later date (may be needed for the job)|
Selection may be limited to members of the following Employment Equity groups: Aboriginal persons, persons with disabilities, visible minorities, women
Information on employment equity
|Conditions of employment|
Various security requirements: Top Secret clearance, Secret clearance, or Reliability status
Note: The level of security required will vary according to the position to be staffed.
All employees of the core public administration are required to be fully vaccinated against COVID-19 and attest to their vaccination status unless accommodated based on a medical contraindication, religion, or another prohibited ground for discrimination as defined under the Canadian Human Rights Act.
Give yourself the best chance to succeed!
If you have a limitation that may impact your performance during an assessment, such as a test or interview, you may require an accommodation. Assessment accommodations are designed to remove the obstacles without altering the criteria being assessed so candidates with limitations can fully demonstrate their abilities.
If you have any question or would like more information pertaining to accommodation measures, contact email@example.com.
For more information about assessment accommodation, please visit https://www.canada.ca/en/public-service-commission/services/assessment-accommodation-page.html
Please note that candidates who have been qualified as a result of any of the following processes should not apply as they would be placed in the same pool: 17-RP/PSR-IM/IT, 18-RP/PSR-IM/IT, WIT-19-EA, 19-PSC-EA-IM/IT, 19-PSR/RP-IM/IT, CID20-EA or 21-PSC-INV-PWD-EA-CS-2.
Preference will be given to veterans first and then to Canadian citizens and permanent residents, with the exception of a job located in Nunavut, where Nunavut Inuit will be appointed first.
Information on the preference to veterans
We thank all those who apply. Only those selected for further consideration will be contacted.