Service New Brunswick
Corporate Security Officer
Open Competition
Pay Band 7
Flexible Location
The Technology Services Division of Service New Brunswick is searching for an individual who would enjoy a meaningful and challenging career in the rapidly growing area of Cybersecurity. We are seeking a senior resource to take on the role of Corporate Security Officer for the Agency.
In this dynamic role, you will provide hands-on support and guidance to the Director IT Security, acting as the senior technical resource on the operational security team. This team works closely with many other groups within Technology Services, Finance, and Procurement to ensure that Cybersecurity and Risk Management best practices are observed and maintained. You will participate in cyber incident response, work closely with audit and compliance to ensure PCI DSS and other regulatory requirements are met, lead risk assessments, and present to executive management on enterprise IT risk and cybersecurity areas of focus.
If you are a team player, who works well under pressure, enjoys critical thinking / problem solving, have strong technical, communications and presentation skills, you are an ideal candidate for this role.
As an integral member of the IT Security and Risk Management team, your responsibilities may include but are not limited to:
- Threat analysis and risk assessments in conjunction with vulnerability analysis to determine relevant risks and their impact on business operations
- Managing risk lifecycle, including mitigation / response activities, and re-assessment of residual risks
- Penetration testing by utilizing various tools to perform invasive and non-invasive, black-box and white-box testing of websites, web services, login interfaces and other user-facing services
- Vulnerability assessment by examining interfaces for vulnerabilities to known exploits due to lack of updates, patching, etc.
- Providing security solutions delivery by evaluating business requirements and suggesting secure solutions to meet those requirements
- Working with various groups within IT infrastructure and applications in the application of security technologies and processes to improve security posture and reduce IT Risk within the organization
- Providing coordination and direction in regards to operational security incidents – working with desktop operations, network team, messaging team and others in providing a coordinated response to security incidents
- Working in conjunction with other government bodies on the development of GNB security policies, as well as extending those policies for specific use cases within SNB
- Researching security best practices and determining preferred approaches to security issues
- Researching and keeping abreast of the latest developments in the security space, in order to provide executive management and IT clients with expert opinions on security and risk decision-making
- Working with development teams to provide education concerning secure coding guidelines, as well as assisting in the application of static and dynamic code analysis tools to enforce these guidelines
- Responsibility for assisting other SNB business lines and departments in maintaining security compliance (PCI compliance, internal policy compliance, etc.)
ESSENTIAL QUALIFICATIONS: A university degree in computer science or a related field, and a minimum of eight (8) years of progressive IT industry experience with the primary focus in CyberSecurity strategy and/or operations. Subject to the response to this competition, an equivalent combination of education, training and experience may be considered, or the required years of experience may be increased.
Written and spoken competence in English is required.
Applicants must clearly demonstrate the essential qualifications to be given further consideration. Please state your language capability on your application and ensure that preferred language for assessment is clearly identified.
ASSET QUALIFICATIONS: Preference may be given to candidates who demonstrate they have training or experience in one or more of the following areas:
- Work experience of Risk Assessment methodologies, including NIST 800 Series, RCMP Harmonized Threat Risk Assessment
- Certification in Risk Management and/or Cybersecurity, including (but not limited to) CERA, CRM, CRISC, CISSP, CISA, CISM, SANS courses, etc.
- Work experience in cybersecurity incident management / problem management
- Work experience of Payment Card Industry Data Security Standard (PCI DSS) processes, requirements and audit.
- Working experience with physical and logical security controls and audit frameworks (ISO 27001, NIST 800-53, AICPA SOC 2 Type II)
- Working knowledge of CDN / NB legislation governing privacy and security (PIPEDA, RTIPPA, PHIPAA)
- Written and/or spoken competence in French
Subject to the response to this competition, candidates may be required to demonstrate on their application one or more of the asset qualifications in addition to the essential qualifications in order to be given further consideration.
OPERATIONAL REQUIREMENTS: On occasion, travel may be required within the Province for meetings and very occasionally outside of the Province for conferences and/or training.
On rare occasions, some weekday evenings and weekend work hours may be required (security incident response, etc.)
Candidates will be required to undergo a Criminal History Clearance prior to appointment and must be willing to obtain a security clearance.
BEHAVIOURAL COMPETENCIES: The successful candidate will possess the following behavioral competencies:
- Analytical Thinking/Judgment
- Client Service Orientation
- Effective Interactive Communication
- Information Seeking
- Initiative
- Results Orientation
- Teamwork and Cooperation
TECHNICAL COMPETENCIES: The successful candidate will possess the following technical competencies:
- Records and Information Management
- Consulting Skills
- Presentation Skills
- Specialized Subject Matter Expertise and Knowledge
Resumes should be in chronological order specifying education and employment in months and years including part-time and full-time employment.
Salary : $77,194- $93,366 annually – Pay Band 7 - Management and Non-Union Pay Plan
We encourage applicants to apply on-line, by email at HR-RH@snb.ca, or by mail at the following address by October 14, 2018 indicating competition number 2018-SNB-496. This competition may be used to fill future vacancies at the same level.
Service New Brunswick
Human Resources
Westmorland Place
P.O. Box 1998
Fredericton, NB E3B 5G4
Telephone: (506) 476-7572
We thank all those who apply, however, only those selected for further consideration will be contacted.
Candidates registered with the Equal Employment Opportunity Program and veterans, who demonstrate they are among the most qualified, shall be given preference at the time of appointment.
We promote a scent-reduced environment.
We are an Equal Opportunity Employer.
The New Brunswick Public Service: Improving the lives of New Brunswickers every day!