Incident Management Specialist

Location: National Capital Region
Security Clearance: Secret Security Clearance

Core Responsibilities:

The responsibilities for the Incident Management Specialist Level 3 include, but are not limited to the following tasks:

-Review, analyze, and/or apply:

  • Network scanners and vulnerability analysis tools such as SATAN, ISS, Portscan, and NMap; 
  • Reporting and resolution procedures for IT Security incidents (for example DOS attacks) and International IT Security incident advisory services; 
  • Networking Protocols such as HTTP, FTP, Telnet; 
  • Internet security protocols such as SSL, S-HTTP, S-MIME, IPSec, SSH; 
  • TCP/IP, UDP, DNS, SMTP, SNMP; 
  • Intrusion detection systems, firewalls, content checkers and antivirus software; and 
  • Network infrastructure components, such as multiplexers, routers/hubs, switches. 

 –Provide incident analysis support, including:

  • Response mechanisms; 
  • Co-ordination of all prevention and response plans; 
  • Emergency Operations Centre (EOC) activities; 
  • Co-ordination with the national Integrated Threat Assessment Centre and Government Operations Centre; and 
  • Participation in the Integrated National Security Framework and National Cyber Security Strategy. 

Collect, collate, analyze and disseminate public domain information related to networked computer threats and vulnerabilities, security incidents and incident responses;

-Conduct on-site reviews and analysis of system security logs; 

-Produce system activity reports, logs and incident analysis4; 

-Assist in managing and running an incident response centre; 

-Complete tasks directly supporting the departmental IT Security and Cyber Protection Program; and 

-Develop and deliver training material relevant to the resource category. 

 Specialties could include but are not limited to: SSL, S-HTTP, HTTP, FTP, Telnet, S-MIME, IPSec, X.400/X.500 Directory Standards, X.509 Certificate Protocols, TCP/IP, UDP, DNS, SMTP, and SNTP. 

Knowledge, Skills and Abilities Required:

A minimum of five years of cumulative experience in the last 10 years in implementing and/or operating a CIRT and/or responding to and resolving IT Security incidents

Hold a valid IT security certification such as:

  • Registration/licence to practice professional engineering in Canada;
  • CISSP from (ISC)2;
  • CISSP / ISSEP from (ISC)2;
  • CISSP / ISSAP from (ISC)2;
  • CISSP / ISSMP from (ISC)2;
  • CISM from ISACA;
  • CPP from ASIS;
  • GIAC / Any Silver Sec. adm. Certification; and
  • GIAC / Any Gold Sec. adm. Certification.

If you are interested in this opportunity, please submit your résumé.

Retour en haut

eNEWS Signup