Cyber Security Incident Handler

---

About Us
The Cyber Security Operations team at the Ontario Public Service (OPS) is a carefully assembled group of passionate and diverse individuals. The team proudly believes in our mission to protect the Ontario government, public services and clients from a diversity of cyber threats. We are looking for cyber security specialists with an in-depth understanding of existing security tools and applied practices.

Join Our Team
This is a technical and creative role, for a person who enjoys being methodical in exploring new opportunities. Along with strong technology acumen and keen analytical skills, you'll have the ability to think strategically and creatively, with the capacity to push conventional boundaries, aiming to deliver best in class cyber protection services.

The positions operate in a 24 hours a day, 7 days a week, 365 days per year environment.

Information Session:
To learn more about these roles, the ministry, and the recruitment process, we welcome you to attend our information session on November 14 at 1:00 PM. This session will be held on Microsoft Teams. Download the Microsoft Teams app now to ensure you can join on event day.

Attendance is optional and will not influence the screening and selection process.

---

How we support diversity, inclusion and accessibility

We are committed to build a workforce that reflects the communities we serve and to promote a diverse, anti-racist, inclusive, accessible, merit-based, respectful and equitable workplace.

We invite all interested individuals to apply and encourage applications from people with disabilities, Indigenous, Black, and racialized individuals, as well as people from a diversity of ethnic and cultural origins, sexual orientations, gender identities and expressions.

Visit the OPS Anti-Racism Policy and the OPS Diversity and Inclusion Blueprint pages to learn more about the OPS commitment to advance racial equity, accessibility, diversity, and inclusion in the public service.

We offer employment accommodation across the recruitment process and all aspects of employment consistent with the requirements of Ontario's Human Rights Code. Refer to the "How to apply" section if you require a disability-related accommodation.

---

About the job

As a Cyber Security Incident Handler, you will:

• Provide technical expertise in the monitoring of newly discovered threats and attacks
• Lead a range of highly specialized and complex security initiatives, including enhanced monitoring, threat intelligence, and threat hunting
• Conduct and/or lead the research, analysis, and evaluation of leading-edge cyber defense methods/technologies
• Provide technical expertise, consultation, and training in areas of incident response and advanced threat monitoring, to the team members and customers
• Provide technical expertise in the development, maintenance, and enhancement of corporate security operating procedures, standards and best practices

---

What you bring to the team

Information Technology Knowledge Skills:

• you have proven hands-on experience in the information security field, including risk management, security engineering, security monitoring, or incident response
• you have demonstrated interest in open-search research, as well as practical knowledge using open source tools for Incident Response and Threat Intelligence
• you have the ability to continuously analyze and correlate incidents artifacts to discover new attack techniques, tool used, and footprint
• you have proven hands-on experience in administering *nix and Windows systems or Security technologies like IPS, SIEM, Malware Protection and others
• you have practical experience in differentiating between deferent types of cyber attacks and threat agents and the ability to formulate sound defense mitigations

Communication and Interpersonal Skills:

• you can provide specialized expert advice to clients on security issues and make presentations to senior management
• you can document technical findings, develop incident response remediation recommendations, and present both oral and written reports to clients

Analytical and Problem-Solving Skills:

• you have demonstrable problem-solving and analytical skills to resolve highly technical issues with critical impact on the functioning of the OPS
• you can communicate technical details in a clear manner and have the ability to manage multiple assignments

Leadership Skills:

• you have project leadership and technical expertise in the development, implementation and communication of cyber security systems, processes and services

---

Additional information:

Note:

• In accordance with the Ontario Public Service (OPS), Employment Screening Checks Policy (ESCP), the top candidate(s) may be required to undergo a security screening check. Refer to the above to determine the screening checks that are required for this position.
  
  Required security screening checks along with your written consent, will be sent to the Transition and Security Office (TSO), Corporate Talent Programs Branch, Talent and Leadership Division to evaluate the results. If applicable, the TSO, with your written consent, will request and obtain any additional employment screening checks that were not obtained directly by you.
  
  A record under the Criminal Code and/or other federal offence record(s) does not automatically mean you will be ineligible for the position. The employment screening check(s) will only be reviewed and evaluated by the TSO for the purpose of making a security clearance decision. The details of an individual's employment screening check(s) will be considered in specific relation to the duties and responsibilities of the position being filled. Employment screening check records will be maintained by the TSO and kept strictly confidential.
• W-MG-220809/24(3)

---

Language requirements and assessment:
All external Ontario Public Service (OPS) job ads are posted in English and French. Check the "position(s) language" section at the top of each job ad for the language requirements. For all roles, candidates are assessed in English, the business language of the OPS. If the position is bilingual (English/French), you'll also need to pass a French-language proficiency test.

Exigences en matière de langue et évaluation:
Toutes les offres d'emploi externes de la fonction publique de l'Ontario (FPO) sont affichées en français et en anglais. Consultez la section « Langue du ou des postes » en haut de chaque offre d'emploi pour connaître les exigences linguistiques. Pour tous les postes, les candidats sont évalués en anglais, la langue d'affaires de la FPO. Si le poste est bilingue (anglais/français), vous devrez également passer un test de compétences linguistiques en français.