Information System Security Specialist

Join to apply for the Information System Security Specialist role at National Research Council Canada / Conseil national de recherches Canada

Join to apply for the Information System Security Specialist role at National Research Council Canada / Conseil national de recherches Canada

Priority may be given to the following designated employment equity groups : women, Indigenous peoples

• First Nations, Inuit and Métis), persons with disabilities and racialized persons

The Employment Equity Act , which is under review, uses the terminology Aboriginal peoples and visible minorities.

Candidates are asked to self-declare when applying to this hiring process.

City : Ottawa

Organizational Unit : Knowledge, Information and Technology Services

Classification : CS-2

Tenure : Continuing

Language Requirements : English

Work Arrangements : Due to the nature of the work and operational requirements, this position is eligible for a hybrid work arrangement (combination of working onsite and telework). Employees in this position who telework will be required to travel to the identified work site at least three times per week or a minimum of 60% of their regular work schedule at their own expense.

• Overtime will sometimes be required.
• Occasionally, must be available for being “on-call” 24h / 7 in rotation.

At NRC, we recognize that Indigenous candidates may have important connections to their communities and you may be eligible for an exception to this work arrangement. Alternative work arrangements may also be considered to accommodate candidates as required. To learn more about these options, please contact the hiring team using the contact information below.

Discover the possible

Anything is possible at the National Research Council (NRC), recently named one of Canada’s 2025 Top Employers for Young People, a 2025 Top Employer in the National Capital Region and Forbes Canada’s Best Employers!

As Canada’s leading research and technology organization, our world-renowned research pushes the boundaries of science and engineering to make the impossible, possible. Every day we explore new ideas through innovative research and help companies discover possibilities that impact Canada’s future and the world.

At the NRC, you’ll also discover new possibilities. Our supportive workplace fosters a culture of creativity, welcoming fresh perspectives and innovation at all levels. We value teamwork. You’ll collaborate across multiple fields and with the brightest minds to find creative solutions. Most importantly, you’ll discover what’s possible within you as you grow, make valuable contributions and progress in your professional journey. From ground-breaking discoveries to a life-changing career, discover your possible at the NRC.

The Role

Within the Knowledge, Information and Technology Services (KITS) Branch, the successful candidate will be responsible for the operational activities of the Cyber Defence Team (CDT). The EC is responsible for the security of NRC's information technology (IT) assets. It provides advisory services to NRC employees and carries out activities such as security monitoring, vulnerability assessment and incident management.

The key activities for this position are the following :

• Monitors and triages cyber security events and enquiries sent to the Cyber Defence Team.
• Reviews and analyses phishing emails reported by NRC employees.
• Investigates cyber security events and incidents, recommends proactive measures and implements corrective action; conducts technical research, participates in forensic analysis; provides guidance and assistance to clients in following approved cyber security standards and procedures.
• Provides technical advice, cyber security assistance and delivers cyber security training and awareness to internal clients.
• Participates on projects to design, develop, test, implement, and support cyber security solutions to protect departmental / agency IT assets.
• Conducts research to support the development of departmental / agency work processes, standards and guidelines.
• Conducts security vulnerability assessments and analysis, supporting the development and implementation of cyber security strategies, processes, infrastructure and tools.
• Participates in the selection, installation, configuration, testing and development of cyber security tools and ensures adherence to the department / agency's cyber security standards and policies.

Screening Criteria

Applicants must demonstrate within the content of their application that they meet the following screening criteria in order to be given further consideration as candidates :

Education

Bachelor degree in Computer Science from a recognized University.

A Technical College diploma in Computer Science or related field or an equivalent combination of education and direct experience may be considered.

For information on certificates and diplomas issued abroad, please see Degree equivalency

Experience

• Recent experience working as a member of a security operations centre (SOC) and understanding its role within the organisation's Cyber Security program.
• Recent experience with Cyber Security event and incident management, including investigation and remediation.
• Relevant experience with the tools used for the analysis and monitoring of Cyber Security events.
• Recent experience providing sound technical advice to ensure the alignment of Cyber Security principles and guidelines / directives / policies with client requirements.
• Recent experience in the IT field, including areas such as desktop configuration and networking principles.
• Recent experience in collecting and clearly communicating technical information to clients, colleagues, and management.

Condition of Employment

A thorough security clearance process will be applied.

For a Secret Clearance, verification of background information over a period of 10 years is required. Individuals must have lived in Canada for a sufficient period of time to enable the security screening process.

Language Requirements

Information on language requirements and self-assessment tests

Assessment Criteria

Candidates will be assessed on the basis of the following criteria :

• Strong knowledge of the general principles of Cyber Security operations;
• Broad knowledge of activities and technologies relevant to cyber security, including endpoint security, patch management, incident management, change management, network monitoring, malware analysis, vulnerability assessments, etc.;
• Broad knowledge on all aspects of an IT infrastructure including server and workstation hardware and software, Windows and Linux operating systems, Windows Active Directory, TCP / IP networks and network architecture as they apply to IT security (e.g. zoning), encryption and communication technologies, cloud computing, etc.;
• Knowledge of cyber security tools such as Microsoft Sentinel, KQL, and Microsoft Defender for Endpoint.;
• General knowledge of cyber security related policies, directives, standards and guidelines used in the Government of Canada;
• Knowledge of cyber security standards and frameworks from NIST, CSE, ISO, CIS, etc;

ASSETS :

• Knowledge of reporting tools such as Power BI Report Builder and Python / PowerShell scripting will be considered an asset;
• Platform specific security training or certification (e.g. Microsoft, Trellix) will be considered an asset;
• Current industry standard security certification (e.g. CISSP, CISM, CCSP, CISA) will be considered an asset.
• Technology support - Results orientation (Level 2)

Competency Profile(s)

For this position, the NRC will evaluate candidates using the following competency profile : Technology Support

View all competency profiles

Compensation

From $84,807 to $105,949 per annum.

NRC employees enjoy a wide-range of competitive benefits including a robust pension plan, comprehensive health and dental coverage, disability and life insurance, office closure at the end of December, and additional supports to enhance your well-being throughout your career and beyond.

Notes

• In 2025, the NRC has been chosen as one of Canada’s Top Employers for Young People, the National Capital Region’s Top Employers and Forbes Canada’s Best Employers.
• Relocation assistance will be determined in accordance with the NRC's directives.
• A pre-qualified list may be established for similar positions for a one year period.
• In order to ensure a prompt and efficient processing of applications, candidates are encouraged to provide, along with their résumé, a detailed covering letter explaining how they meet each of the requirements of this position (education, experience, language requirements) by providing concrete examples. In addition, the candidate is encouraged to describe in detail when, where and how he / she gained the experience.
• Preference will be given to Canadian Citizens and Permanent Residents of Canada. Please include citizenship information in your application.
• The incumbent must adhere to safe workplace practices at all times and is expected to help management ensure a safe and healthy work environments for themselves and colleagues.
• We thank all those who apply, however only those selected for further consideration will be contacted.

Please direct your questions, with the requisition number (23925) to :

For more information on career tools and other resources, check out Career tools and resources

• If you are currently a term or continuing employee at NRC, please apply through the SuccessFactors Careersmodule from your NRC computer.

Seniority level

Seniority level

Entry level

Employment type

Employment type

Full-time

Job function

Job function

Information Technology

Research Services

Referrals increase your chances of interviewing at National Research Council Canada / Conseil national de recherches Canada by 2x

Get notified about new System Security Specialist jobs in Ottawa, Ontario, Canada .

Information Security Specialist - Azure Cloud Security

Information Security Analyst, Data Loss Prevention

Cloud Security Engineer, Deloitte Global Technology

Senior Analyst, Cybersecurity & Technology Risk - Acquisition & Integration

Azure Cloud Security Engineer - Hybrid in Ottawa

Co-op / Intern Application Security Analyst, Product Security

Principal Security Analyst - Endpoint Security

Senior Director, Analyst – Cyber Security Services (REMOTE : Canada)

Linux Cryptography and Security Engineer

Software Configuration Management Specialist

Linux Cryptography and Security Engineer

Sr Director Analyst - Data Security Product Manager (Remote Canada)

Senior Director Analyst, Security Architecture and Cloud Security (Remote Canada and EMEA)

Staff Verification Engineer, Security IP

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

J-18808-Ljbffr

Information Security Specialist • Ottawa, ON, Canada