Security Engineer

Business Unit

Regular Full time

Closing Date : August 17 2025

The Ontario Securities Commission (OSC) is the statutory body responsible for regulating Ontarios capital markets in accordance with the mandate established in the provincial Securities Act and the Commodity Futures Act. The mandate of the OSC is to provide protection to investors from unfair improper or fraudulent practices to foster fair efficient and competitive capital markets and confidence in the capital markets to foster capital formation and to contribute to the stability of the financial system and the reduction of systemic risk. This mandate is performed through policy operational and enforcement activities. The OSC also contributes to national and global securities regulation development.

We offer a diverse fair and flexible work environment and take pride in our challenging and rewarding work.

The Security Engineer will design and implement security systems to protect the OSCs systems from cyber-attacks and help set and maintain security standards. They will monitor networks and systems detect security threats (events) analyze and assess alarms and report on threats intrusion attempts and false alarms either resolving them or escalating them depending on the severity. This role is responsible for having a deep understanding of current OSC Cyber Security systems the broader technological environment and playing a pivotal role in ensuring the implementation of solid cyber security solutions in support of the IT modernization. This role supports the Chief Information Security Officer in performing the operational work required to implement the OSC Information Security Program.

Key Duties and Responsibilities

• Responsible for vendor management identifying new technology resolving vendor issues negotiating statements of work and design solutions.
• Accountable for the implementation of the OSCs security systems or controls.
• Work closely with the Information Services & Digital Solutions (ISDS) Division staff during the implementation of technology projects.
• Implements and configure cyber security tools and integration components working with the infrastructure and Enterprise Architecture units to ensure optimal integration between platforms.
• Assist infrastructure teams in troubleshooting cyber security related integration issues and provides guidance on appropriate technological resolutions.
• Work closely with Management on the procurement process to evaluate vendors and assessment of products based on defined requirements.
• Test and evaluate new security products to assess alignment with OSC ecosystem and make recommendation to Management.
• Identify prioritize and mitigate vulnerabilities across all assets in the OSC to ensure that Security incidents & Vulnerability / Patch Management is proactively managed and security issues are triaged and remediated.
• Monitor and take the necessary action on attacks intrusions unusual / unauthorized activity phishing emails and spam activity.
• Investigate security alerts / breaches and provide the necessary incident response while providing recommendations to remediate the issue.
• Proactively determine emerging threat patterns / vulnerabilities and identify potential weaknesses using advanced analytic tools and appropriate security controls.
• Research and evaluate emerging cyber security threats and make recommendations on approaches and strategies to mitigate them.
• Liaise with the ISDS and stakeholders in relation to security issues and to provide recommendations.
• Generate qualitative reports on privileged accounts and vulnerabilities (etc.) for both technical and non-technical staff to understand our security risk and monitor progress on the necessary remediations.
• Develop and maintain documentation for various security systems and applications.
• Keep up to date with the latest security and technology developments.
• Assist with the creation maintenance and delivery of information security awareness training campaigns.
• Plan for disaster recovery and create contingency plans in the event of any security disruptions to normal operations.
• Provide guidance to junior-level staff relating to monitoring of systems and supports the evolution of the OSC Information Security Program.

Qualifications

Grow your career and make a difference working at the OSC.

We thank all applicants for their interest in the Ontario Securities Commission. We will contact those selected for an interview.

The OSC is committed to diversity and providing an inclusive workplace and providing accommodation in accordance with the Accessibility for Ontarians with Disabilities Act and the Human Rights Code. It is our priority to ensure employment opportunities are visible and barrier-free to all under-represented groups including but not limited to Indigenous Black and racialized groups people with disabilities women and people from the 2SLGBTQI community to achieve an employee demographic profile reflective of the demographic profile of Ontarians.

The OSC is a proud partner with the following organizations : Ascend Canada BlackNorth Initiative Canadian Centre for Diversity and Inclusion and Pride at Work Canada

If you require an accommodationduringthe recruitment process please let us know by contacting our confidential inbox .

Visit Accessibility at the OSCto review the OSCs policies on accessibility and accommodation in the workplace.

Key Skills

Splunk,IDS,Network security,Computer Networking,Identity & Access Management,PKI,PCI,NIST Standards,Security System Experience,Information Security,Encryption,Siem

Employment Type : Full-Time

Experience : years

Vacancy : 1