Experience in cyber defence rewarded
Develop, implement, test and supervise tactics to protect FCC from cyber crime, and know when to escaltate anomalies for advanced analysis.
- Job DescriptionJob Description
Key accountabilities
Vulnerability assessment and management
- conducts assessments of threats and vulnerabilities
- determines deviations from acceptable configurations, and from enterprise or local policy
- assesses the level of risk
- develops and/or recommends appropriate mitigation countermeasures in operational and non-operational situations
Cyber defence analysis
- uses defensive measures and information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network, to protect information, information systems and networks from threats
- performs real-time cyber defence incident handling (e.g. forensic collections, intrusion correlations and tracking, threat analysis, and direct system remediation) tasks to support deployable Incident Response Teams (IRTs)
Cyber operations
- analyzes threat information from multiple sources, disciplines, and agencies across the Intelligence Community
- synthesizes and places intelligence information in context, and draws insights about the possible implications
- conducts research and analysis, and correlates across a wide variety of all source data sets (indications and warnings)
Cyber investigations
- identifies, collects and seizes documentary or physical evidence
- gathers digital media and logs associated with cyber intrusion incidents, investigations, and operations
- conducts analysis of log files, evidence, and other information to determine best methods for identifying the perpetrators(s) of a network intrusions or other crimes
Digital forensics
- creates forensically sound duplicates of evidence (I.e. forensic image) that ensures the original evidence is not unintentionally modified during analysis processes
- performs timeline analysis
- reviews forensic images and other data sources (e.g. volatile data) for recovery of potentially relevant information
Decision making authority
- makes decisions related to the day-to-day implementation and development of the cyber security function
- in consultation with the Manager, IT Product:
- makes decisions on security requirements to protect FCC's assets
- makes decisions on the appropriate approach to continue operating and efficiently recover critical business functions after a disaster
- decides the appropriate strategic and tactical enterprise security controls to invest in
Reporting relationships
- reports to Manager, IT Product
- no formal direct reports but provides coaching and mentorship to peers in the cyber security disciplines
Knowledge and skill
- strong interpersonal skills and the ability to communicate technical information in easy to understand language
- ability to use security event correlation tools
- ability to recognize and categorize types of vulnerabilities and associated attacks
- ability to conduct cyber forensic investigations, including collection of intrusion artifacts (e.g. source doe, malware) and using discovered data to enable mitigation of potential cyber events
- knowledge of penetration testing principles, tools, and techniques
- ability to perform assessments of systems and networks to identify vulnerabilities
Knowledge is generally acquired by having completed:
- bachelor’s degree in Computer Science, Mathematics or Engineering
- 6 to 8 years of cyber security experience
- or an equivalent combination of education and experience
Working conditions
- work is performed under normal office conditions with limited auditory strain consisting of normal office sounds
- visual requirements and exertion may consist of in excess of 5 to 8 hours a day of computer usage
- travel may be required overnight up to 10 days per year for training purposes
