Senior Security Engineer - Ottawa, Ontario, Canada

REQUIRED : Security clearance requirement is must.

Security Clearance (Enhanced Reliability Status) from Government of Canada or the candidate should be a resident of Canada for 5 continuous years.

Must have or be able to qualify for a Government of Canada security clearance (minimum Reliability’ level). A minimum of five years of Canadian residency with no travel outside of Canada longer than one month.

Travel outside Canada is okay if it is less than one month. A clean record is required for a Reliability’ level security clearance.

All applicants will be required to undergo a background check.

Candidates should have NO misdemeanors or felonies on their record in the past seven years. Make certain that you ask each candidate if there will be any problem with the background check including visa status.

Preferred Qualifications :

• Accountable for design, development, implementation of Security controls for cloud-based solutions.
• Support Security Operations functions and Serve as primary contact for information security incidents investigation, coordinate incident response and reporting.
• Responsible for internal / external audit and information security assessments by client.
• Support Development of policies, standards, processes and procedures guidelines and other related documentation for Security Monitoring.
• Lead security controls implementation to comply with regulations and policies and relevant frameworks / standards such as ISO27001, NIST, ITSG-33.
• Monitor and manage security dashboards in Azure Sentinel / Azure Security Center / Office 365, customize dashboards and reports, produce metrics per client needs.
• Monitor health of Security solutions such as Firewall, Intrusion prevention Systems, Identity management, Endpoint Security, etc.

for cloud based and on-premise systems.

• Work with Business and IT Tier2 / Tier3 Support engineers and / or vendor’s / partner technology teams to resolve issues.
• The ability and flexibility to work in shifts when necessary, Prepare Shift turnover and Shift Report to ensure continuous smooth
• Support pre-sales activity for new initiatives and potential opportunities.
• Guide junior Security operations teams in incident response and SOC functions.
• Has minimum of 4 years of experience working with Information Security Engineer or Incident Management / Security Operations roles.
• Hands- on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, content filtering in cloud environments.
• Subject matter level expert knowledge of common information security management frameworks, such as NIST / ISO / COBIT.
• Good Understanding of networking protocols such as IPVPN, TCP / IP, UDP, IPSec, DNS, NTP, Firewalls, ACLs.
• Knowledge of malware operation and indicators, threat landscape (threat actors, APT, cyber-crime, etc.)
• Experience in the producing threat & risk assessment reports.
• Experience in the delivery of IT Security awareness and training.
• Protocol analysis experience using tools such as Wireshark, Gigastor, Net witness, etc.
• Experience with SIEM tools and platforms such as : Splunk, Azure Sentinel
• Good understanding of computer forensic techniques and methodologies.
• Strong understanding of ITSG-33 requirements and Government of Canada Security Assessment process.
• Experience with security assessments and authorization (SA&A) activities for IT systems.
• Proven interpersonal and collaborative skills, with the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels.

Certifications : SANS : GCIH, GCFA

SANS : GCIH, GCFA

Certified Ethical Hacker (CEH).

Certified Information Systems Security Professional (CISSP).

Certified Information Systems Auditor (CISA).

Cloud-specific security certifications in Azure or AWS.

Process Cybersecurity Competency Management Cyber Competency Strategy Planning

Process IT User Management Incident and Request Management