Job Description

Cyber Security Analyst (Open to Recent Graduates)

Take a central role
The Bank of Canada has a vision to be \xe2\x80\x9ca leading central bank-dynamic, engaged and trusted-committed to a better Canada.\xe2\x80\x9d No other employer in the country offers you the unique opportunity to work at the very center of Canada\'s economy, in a diverse and inclusive organization with significant impact on the economic and financial well-being of all Canadians. You will be challenged, energized and motivated to excel in an environment where we are reinventing central banking, renewing ways of doing business and reinforcing a culture of innovation.

Find out more about the next steps in our .

About the position
The Bank of Canada is seeking candidates (and encouraging recent graduates to apply) to join its Cyber Security team within Information Technology Services (ITS). This is an excellent opportunity where you will be provided with additional time to grow into your role and develop the skill set necessary to evolve in the position.

Our Cyber team is always keeping an eye out for candidates who can contribute to our mission of keeping Canada\'s economy safe & secure. To learn more about our mission, feel free to review our available to the public. There may be opportunities for temporary or full-time positions following the completion of this developmental assignment.

The ITS Department offers

• a fast-paced, dynamic culture
• a superior work environment that will challenge and motivate you
• opportunities to work on interesting projects
• the ability to dive deep into the technology of custom applications that are central to the financial infrastructure of the country
• opportunities for mentoring, professional development, and advancement

Eligibility
For this position we are open to recent graduates of a bachelor\'s degree or college diploma in computer science, engineering, cyber security or a relevant field. The completion date for your relevant diploma or degree would ideally be between December 2020 to September 2023.

NOTE - Positions will be filled throughout the year, from January to September 2023, based on operational needs. We may also offer a rotational program, meaning that the successful candidate could work 9 months with one team and the other 9 months with another team. This would allow for more exposure to the different areas of our Cyber team. This rotational program is based on interest and availability.

Interviews will be scheduled as early as February 1, 2023.

What you will do
We have a variety of recent graduate\'s roles in our Cyber Security Division, within the following cyber domains:

• Security Architecture & Assurance

Our Security Architecture & Assurance group is responsible for developing and implementing collaborative measures to increase cyber security resilience. This includes to perform vulnerability analysis, hands on security testing and validation, share theoretical knowledge of concepts, and propose solutions to identified security flaws. Further, this role will be responsible for ingesting, validating, and rating new vulnerabilities into a central tracker. Continuously update vulnerabilities and risks registries and assist with the coordination, prioritisation of remedial activities working directly with IT operational support teams, and ensure remediations are validated before closing.

2. Identity & Access Management (IAM)

Our Identity & Access Management team is responsible to strengthen the identity and access management controls to secure internal and external access to the Bank\'s digital resources. This includes adopting a zero trust architecture in our technical integration and secure development activities and advancing the IAM use cases to reduce the attack surface. Further, this group is focused on introducing automation within its identity administration activities to further enhance its ability to respond to cyber events and incidents.

3. Monitoring & Response
Our Monitoring & Response team (known as Security Operations - SOC team) is responsible for strengthening our systems to detect and identify cyber security events. This includes advancing the integration of threat intelligence, detection engineering and automating/integrating into our cyber monitoring function. Further, this group is tasked with improving measures to limit the impact of a potential cyber incident and improving our ability to assess, triage, and respond to cyber events and incidents.

4. Cyber Strategy, Risk & Awareness
Our Cyber Strategy, Risk, and Awareness team is tasked with setting the strategic direction for cyber security at the Bank as well as enhancing cyber partnerships and collaboration within the Bank and with external partners to ensure that cyber security risks to Canada\'s financial ecosystem are understood, communicated and managed effectively. We also enhance the Bank\'s cyber security posture through the cyber security awareness program. We create and deliver awareness/training activities in alignment with the threat landscape, promote cyber safe behaviours and ensure our cyber risk posture in aligned with the Enterprise Risk Management framework.

Your knowledge and skills

• Ability to systematically analyze information, define problems and draw logical conclusions.
• Strong communication, interpersonal and organizational.
• Ability to work effectively, independently or as part of a team.
• Self-starter and innovative problem solver who enjoys working in a dynamic work environment.
• Excellent report writing skills.
• Data analysis or data analytics experience to assess and present complex technical data

What you will learn and gain in experience

• A combination of knowledge in OS platforms, applications, databases, cloud, web services, IT Network Infrastructures.
• Ability to discuss status with technical experts and perform security testing and validation on various platforms.
• Obtain experience in developing, testing and maintaining automation scripts.
• Get better understanding of TCP/IP fundamentals, security event analysis & correlation.
• Obtain experience in gathering and documenting business and functional requirements toward the implementation of infrastructure security access controls & technologies and configuration and optimization of security tools.
• Gain additional understanding in Cyber Security and Identity and Access Management industry and trends.
• A chance to design and deliver cyber security awareness training, testing or other awareness related activities.
• Gain better understanding of Cyber risks management and the Bank risk management framework through the development and monitoring of the Cyber risks and build a compelling cyber division risk story to support tactical and strategic decision making.

Nice to have

• Basic knowledge of the Cyber Security, Identity and Access Management industry and trends.
• Participation in ethical hacking competitions, capture-the-flag events, bug bounty programs or other activities related to cyber security assessment and controls.
• Understanding of information security concepts (e.g., vulnerability, threat, asset, safeguard, risk, Common Vulnerability Scoring System, disaster recovery, etc.) or cyber risk frameworks.
• A combination of knowledge in OS platforms, applications, databases, cloud, web services, IT Network Infrastructures.
• Experience in developing, testing and maintaining automation scripts.
• Understanding of TCP/IP fundamentals, security event analysis & correlation.

Application process
All applicants must submit a completed online application that includes the following documentation to support their candidacy:

• a resume
• cover letter (including information such as reasons for pursuing a specific field of study, research and career)
• official or unofficial transcripts of your academic record. (Relevant courses you have attended must be clearly identified by their course titles)

What you need to know

• Language requirement: English or French essential
• Priority will be given to Canadian citizens and permanent residents
• Security level required: Be eligible to obtain Secret
• Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
• In response to the COVID-19 pandemic and further to public health guidelines, preventative measures are being taken to ensure health and safety during the recruitment process. All interviews are conducted virtually.

Remote work / Hybrid Work Model #LI-Remote

The Bank is conducting a trial of a hybrid working model which provides employees with the flexibility to telework for significant portions of each month. During the trial, employees will be expected to come onsite on those days when they are involved in activities that they or their leader feel are better conducted in person and to build connections with colleagues. For the majority of employees, it is expected that onsite time will range from 5 to 10 days per month, depending on your role. You must live in Canada, and within reasonable commuting distance of the office. For this position, should you not live within reasonable commuting distance of the office, you will be able to work 100% remote (within Canada) for the duration of this term.

Vaccination Policy

Please note that the application of the Bank\'s Covid-19 Vaccination policy has been temporarily suspended, effective June 20, 2022. As a result, you will not be required to submit verification of your vaccination status before starting employment with the Bank. However, please note that the Bank reserves the right to reintroduce vaccination requirements in the future if necessary to respond to changing public health advice and\\or government direction.

We wish to thank all applicants for their interest and effort in applying for this position. Only candidates selected for interviews will be contacted.

What you can expect from us
This is a great opportunity to join a leading organization and be part of a high-performing team. We offer a competitive compensation and benefits package designed to meet your needs at every stage of your life and career. For more information on key benefits please visit .

• Salaries are based on qualifications and experience and typically range from $65,998 to $77,645 (job grade 14)
• Depending on performance, you may be eligible for performance pay for successfully meeting (5 to 7% of your base salary) or for exceeding expectations (10% of your base salary). Exceptional performers who far exceed expectations may be eligible for higher performance pay.
• Flexible and comprehensive benefits so you can choose the level of health and dental coverage that meets your needs
• Extra vacation days (up to five each year) that you can purchase to add to your vacation entitlement
• Option to join the indexed, defined-benefit pension plan after 24 consecutive months of service #LI-POST

Bank of Canada