Selection Process Number:

Division:

Employment Tenure:

Positions Available:

WHO CAN APPLY

Persons residing in Canada and Canadian citizens and Permanent residents abroad.

IMPORTANT INFORMATION

This poster will close at 12:00 AM EST on the postings indicated closing date (note that for those in the Pacific Time Zone this corresponds to 9:00PM PST on the previous day). To be considered your application must be submitted before the specified deadline. If you experience any technical issues submitting your application please email .

We are committed to providing an inclusive and barrier-free work environment starting with the hiring process. If you need to be accommodated during any phase of the evaluation process please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

• Information on assessment accommodation

This poster will be used to staff multiple positions with various security clearance requirements (Secret and Top Secret). In accordance with the new Directive on Security Screening Top Secret security clearances are granted to Canadian citizens only. Some of these positions will require you to obtain and maintain a Top Secret security clearance to be appointed to these positions.

POSITION DETAILS

CLASSIFICATION:

There are multiple positions with various group and levels advertised in this advertisement. The Analyst position is classified at the RE-04 group and level which is roughly equivalent to the IT-02 group and level the Senior Analyst position is classified at the RE-05 group and level which is roughly equivalent to the IT-03 and the IT-04 group and levels and the Specialist position is classified at the RE-06 group and level which is roughly equivalent to the IT-05 group and level.

LOCATION:

The designated worksites for these positions are the Ottawa Ontario and the Toronto Ontario OSFI offices. However the employees may work from the Ottawa (ON) Toronto (ON) Montreal (QC) or Vancouver (BC) office.

OSFIs hybrid model includes telework and mandatory onsite presence. The terms of the employees telework arrangement will be established in accordance with the Directive on Telework and the Guidelines on Hybrid Work. These arrangements must be reviewed annually at a minimum and can be subject to change. OSFI employees are currently required to work in the office at least 12 days per month however this may be subject to change depending on new direction.

PROCESS INTENT

The immediate need is to staff multiple positions at various levels (RE-04 RE-05 and RE-06) with various language requirements (English essential bilingual imperative BBB/BBB and bilingual imperative CBC/CBC) on an indeterminate (permanent) basis.

A pool of qualified or partially qualified candidates may be created to staff similar or identical positions with various linguistic requirements and/or profiles security requirements tenures and/or locations within the Office of the Superintendent of Financial Institutions (OSFI) which may vary according to the position being staffed.

KEY RESPONSIBILITIES:

The Cyber Security Division safeguards the organizations digital assets and information resources. Our teams design implement and operate enterprise-class security controls that protect systems and data from internal and external threats work in areas including (but not limited to):

• Incident Response and Coordination

• Data Loss Prevention and information-protection controls

• Identity and Access Management (IAM)

• Application Endpoint and Cloud Security

• Vulnerability and Patch Management

• Supply Chain Integrity and Third-Party Risk

Cyber security analysts and specialists duties are wide-ranging but could include:

• Implementing maintaining and improving cyber-security controls processes and tools.

• Supporting incident analysis risk assessment and mitigation activities related to enterprise systems and cloud environments.

• Monitoring and triaging security alerts and contributing to the investigation of cyber-security events.

• Collaborating with technical and business teams to strengthen overall cyber resilience.

• Developing or maintaining documentation dashboards and reports to inform decision-making and program improvement.

ESSENTIAL QUALIFICATIONS

Official Language Proficiency:

• English essential

• Bilingual Imperative BBB/BBB

• Bilingual Imperative CBC/CBC

Information on language requirements

In order to be considered your application must clearly explain how you meet each of the following education and experience criteria.

ESSENTIAL EDUCATION:

To be considered for all levels (RE-04 RE-05 and RE-06) you must possess the essential education merit criterion below:

• A degree OR diploma from a recognized post-secondary institution with specialization in computer science computer engineering cyber security information security or a related field.

• Information on degree equivalency

ESSENTIAL EXPERIENCE:

This process will be used to staff multiple positions across various cybersecurity domains. As part of the application candidates will select the domain(s) in which they have relevant experience and indicate the approximate number of years of experience for each.

The experience selected in the application must be clearly demonstrated in the résumé. Résumés should clearly outline duties responsibilities key achievements and timelines (month/year to month/year) related to each selected domain.

Years of experience will be used to determine the group and level for which candidates may be considered.

Experience Requirements by Group and Level:

• RE04: 24 years (but less than 5) of experience in an enterprise environment

• RE05: 56 years (but less than 7) of experience in an enterprise environment

• RE06: 7 or more years of experience in an enterprise environment

Experience Domains/Area:

• Incident Response & Digital Forensics

• Vulnerability Management & Penetration Testing

• Endpoint & Network Security Monitoring

• Cloud & Platform Security

• Application Security

• Data Loss Prevention & Insider Risk

• Threat Intelligence & Threat Hunting

• Identity & Access Management (IAM)

• Supply Chain & Third-Party Cyber Risk

• Governance Risk Compliance & Security Assessment (GRC SA&A)

• Cyber Security Engineering

The following essential knowledge competencies and abilities will be assessed at a later date.

ESSENTIAL KNOWLEDGE:

To be considered for all levels (RE-04 RE-05 and RE-06) you must possess the essential knowledge merit criteria below:

• Knowledge of cyber security best practices standards and architectural principles used to protect enterprise IT environments.

• Knowledge of cyber security threat and risk event management processes and procedures.

• Knowledge of cybersecurity tools technologies and platforms relevant to one or more domains (e.g. monitoring assessment analysis detection investigation or protection tools) including their purpose capabilities and role in supporting secure operations.

ESSENTIAL COMPETENCIES:

To be considered for all levels (RE-04 RE-05 and RE-06) you must possess the essential competency merit criteria below:

• Critical Thinking

• Collaboration

• Results Orientation

To be considered for the RE-06 level (Specialist) you must also possess the essential competency merit criterion below:

• Innovation

ESSENTIAL ABILITIES:

To be considered for all levels (RE-04 RE-05 and RE-06) you must possess the essential abilities merit criteria below:

• Ability to communicate effectively in writing.

• Ability to communicate effectively verbally.

ASSET QUALIFICATIONS

If you possess any of the following education or experience criteria your application must clearly explain how you meet them (may be needed for the job).

ASSET EDUCATION:

• A relevant graduate degree from a recognized post-secondary institution.

• One or more industry-recognized cyber certifications such as CISSP CISA CISM or CEH.

ASSET EXPERIENCE:

• Experience applying Government of Canada procurement investment or project management policies to IM/IT or cyber security initiatives (e.g. Directive on the Management of Procurement).

The following asset knowledge may be assessed at a later date.

ASSET KNOWLEDGE:

• Knowledge of Government of Canada security IT and digital policy instruments and related guidance (e.g. Policy on Government Security Directive on Security Management Government of Canada Cloud or Digital Guardrails etc.).

OPERATIONAL REQUIREMENTS

• Ability and willingness to work overtime.

• Ability and willingness to travel within Canada when required.

• Ability and willingness to travel internationally when required.

CONDITIONS OF EMPLOYMENT

• Security Secret or Top Secret*

• In our hybrid workplace environment the ability to work remotely from home within Canada with access to the Internet in ones residence is a condition of employment.

*In accordance with the new Directive on Security Screenings Top Secret security clearances are granted to Canadian citizens only. This position requires you to obtain and maintain a Top Secret security clearance to be appointed to the position.

ORGANIZATIONAL NEEDS

• OSFI is committed to having a skilled and diverse workforce representative of the Canadian order to meet our employment equity objectives selection for this position may be made from among qualified candidates who self-declare as belonging to one or more of the following Employment Equity groups: Persons with a disability Aboriginal people Members of a Visible Minority or Women. OSFI is committed to diversity and inclusion and we strongly encourage candidates to self-declare if they belong to one of these designated employment equity groups.

• Placing OSFI employees affected by workforce adjustments who have an affected opting or surplus priority status.

OTHER INFORMATION

• The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply: Employment equity -

• Preference will be given to veterans first and then to Canadian citizens and permanent residents with the exception of a job located in Nunavut where Nunavut Inuit will be appointed first. Information on the preference to veterans

• We thank those who applied; however only candidates selected for further consideration will be contacted.

• Eligible candidates may be considered and offered a deployment or Interchange before considering other applicants.

• The useof generativeartificial intelligence (AI) tools sites and applications based on large language models (e.g. ChatGPT Dall-E Microsoft Copilot) is permitted for this application. You must cite any AI tool used by identifying the AI-generated content and its source.

• OSFI is a separate agency with its own classification and compensation system. OSFIs staffing is subject to the Public Service Employment Act (PSEA).

• All written and verbal communication obtained throughout the staffing process from the time of application to close of process may be used to evaluate the candidate.

• Candidates must meet all of the essential qualifications to be appointed; however depending on the requirements of the specific position(s) being staffed one or more asset criteria or organizational need may be invoked at any stage of the process.

• Staffing strategies such as random selection top-down approach and/or establishing cut-off scores to determine who will continue in the staffing process may be used for the purpose of managing applications.

• Please note that although you may attain the established pass mark on any of the assessments used in this staffing process management may decide to use a higher cut off score.

• During the staffing process various assessment methods can be utilized including but not limited to written exams and interviews. These assessments may be conducted either remotely or in-person at one of our OSFI offices (Toronto Ottawa Montreal or Vancouver).

• Candidates are entitled to participate in the appointment process in the official language of their choice.

• Email correspondence will be the primary method of communication with candidates for this selection process. Ensure you check your spam folder for any communications from OSFI (). You must provide valid and updated contact information.

• All job applications must be submitted through Workday: OSFIs recruiting platform. Do not email your application as it will not be accepted. To submit an application online please click on the Submit button.

• If you have a limitation that may impact your performance at any step of the assessment process (such as submitting the application written test or an interview) you may request an accommodation. Assessment accommodations are designed to remove barriers and to ensure that candidates with limitations can fully demonstrate their abilities. Should you wish to be accommodated please inform us by sending an e-mail to the following address: . All information received in relation to accommodation will be kept confidential.

• Please note that due to weekly system maintenance our staffing platform Workday will be down for 3 hours every Friday from 11pm to Saturday 2am EST.

• You are responsible for ensuring that the personal information provided in your candidate profile in Workday is accurate and up to date (e.g. contact information status of any priority entitlements veteran/mobility status citizenship etc.). If your personal information needs to be updated after you have submitted your application you must contact us at . Failure to do so may mean that you are either not considered or eliminated from the process.

CONTACT INFORMATION

OSFI Staffing Team

• EMAIL:

PLEASE DO NOT APPLY TO THIS EMAIL ADDRESS USE THE APPLY BUTTON.