Information Systems R27
An eligibility list may be established.
Contribute your valued expertise
In the role of Senior Security Analyst, you will:
- deliver an information technology and operational technology security program, ensuring all systems conform to corporate security policy and security best practices.
- carry out vulnerability assessments on a variety of information technology and operational technology applications, networks and IoT devices at the Ministry’s Regional Transportation Management Centre in Coquitlam, BC.
- work closely with engineering staff, Information Management Branch staff and the Network Communications Architect to provide security recommendations on the configuration of technology deployments in the field.
- research, investigate and respond to incidents, threats, and exposures, identify root cause, and implement controls and risk-reducing measures to mitigate future threats.
- perform on-demand web application security assessments using various open source tools, gather and interpret the results, effectively communicate the findings to stakeholders in various formats (e.g., presentations, reports, and meetings), and work with stakeholders to identify and implement solutions.
- perform internal reviews to monitor compliance with government’s security and privacy policies and advocate for alignment with industry best practices.
The Ministry of Transportation and Infrastructure plans transportation networks, provides transportation services and infrastructure, develops and implements transportation policies, and administers many related acts and regulations as well as federal-provincial funding programs, including the Building Canada Fund. The Ministry opens up B.C. through innovative, forward-thinking transportation strategies that move people and goods safely, and fuel out provincial economy. Improvement of vital infrastructure is a key goal, along with enhancing the competitiveness of B.C.’s transportation industries, reducing transportation-related greenhouse gas emissions and providing B.C. with a safe and reliable highway system.
With over 200 different occupations available in 280 communities across the province, we offer exciting opportunities for your career. Come be a part of the BC Public Service, a Top 100 Employer that embraces diversity, health and career growth. For more information, please see What We Offer.
The BC Public Service is committed to creating a diverse workplace to represent the population we serve and to better meet the needs of our citizens. Consider joining our team and being part of an innovative, inclusive and rewarding workplace.
For complete details about this opportunity, including accountabilities, please refer to the attached job profile. For specific position related enquiries, please contact Janelle.Heron@gov.bc.ca. DO NOT SEND YOUR APPLICATION TO THIS EMAIL ADDRESS. For more information about how to complete your job application, add/edit your resume and for more useful tips when applying for jobs, please refer to the Your Job Application page on the MyHR website.
NOTE: Applications will be accepted until 11:00 pm Pacific Standard Time on the closing date of the competition.
In order to be considered for this position, your application must clearly demonstrate how you meet the education and experience as outlined below:
- Degree in computer science field or equivalent and four years related experience; OR
- Diploma in computer science field or equivalent and five years related experience; OR
- Secondary school graduation or equivalent and seven years related experience.
- Certified Information Systems Security Professional designation or Certified Ethical Hacker designation, or equivalent.
- Experience with the use of vulnerability discovery tools, such as NMAP, Burp Suite, or Open Web Application Security Project Zed Attack Proxy (OWASP ZAP), or equivalent.
Preference may be given to applicants with any of the following:
- Experience working with Operational Technology (OT).OT is defined as hardware and software that detects or causes a change through the direct monitoring and/or control of physical devices, processes and events in the enterprise.
- Experience with industrial control systems security.
- Experience conducting security threat risk assessments or web application security assessments.
Applicants selected to move forward in the hiring process may be assessed on the Knowledge, Skills, Abilities and Competencies as outlined in the attached Job Profile located in the Additional Information section at the bottom of the posting.
A Criminal Record Check (CRC) will be required.
Cover Letter: NO – Please do not submit a cover letter as it will not be reviewed.
Resume: YES – Ensure your resume includes your educational accomplishments, employment history including start and end dates (month and year) of your employment, and any relevant information that relates to the job to which you are applying. A resume is required as part of your application, however, it may not be used for initial shortlisting purposes.
Questionnaire: YES (COMPREHENSIVE) – As part of the application process, you will be prompted to complete a comprehensive online questionnaire to demonstrate how you meet the job requirements. Please allot approximately 60 minutes to complete the questionnaire.
IMPORTANT: Comprehensive questionnaire responses will be used to shortlist applicants against the job requirements. Please ensure you include all relevant information about your educational accomplishments and employment history including job titles, start and end dates (month and year) of your employment, and your accountabilities and accomplishments.