Systems Security Engineer

We are seeking a Systems Security Engineer to join our IT Security Team in Halifax, Nova Scotia supporting Defence
programs for the Canadian Navy.

You will join a high-performing team that prioritizes security, leverages a large suite of powerful tools, and enables
our people to drive improvement across the organization. We empower our people to jump in, take ownership,
and apply critical thinking to apply innovative solutions to complex problems.

As a Systems Security Engineer you will provide guidance and oversight to support IT Operations in the
recommendation, implementation, and validation of security controls. You will be responsible for ensuring that
System Security Engineering principles are considered from project initiation through design, build, operation, and
disposal. Close integration with other teams is a must, working shoulder to shoulder to provide expert advice to
systems engineers, designers, and architects.

You must be prepared to brief senior leaders and distill complex technologies, risks, and systems into executive
level recommendations.

As a senior contributor, you will have direct influence over security strategy, policy, and design. You will mentor
junior Security Analysts and develop the skills and leadership of the team.

The ideal candidate is an independent worker with a passion for security and a deep understanding of engineering
principles. Experience in the Defence Industry is desirable.

Must Have

 University Degree (Computer Science, Engineering), College Diploma (Cybersecurity)

 CISSP, GDSA or similar certification
 10+ years’ experience in complex or enterprise IT environments security, incident response, email threat
protection and data loss prevention performing penetration testing and security incident management
 Proven ability to provide expert security guidance to technical projects from conception to
implementation
 Strong understanding of Security Architecture concepts including:
o Zero Trust Architecture
o Network security zoning
o Air gapped systems
o Trustworthiness
o Security Assurance
o Secure design principles
o System hardening and configuration compliance
 Familiarity with Systems Security Engineering, including NIST SP 800-160 Volume 1 and especially Volume
2
 Strong written and verbal communications, able to produce detailed technical documentation and
comfortable briefing senior leadership on complex and technical topics
 Ability to initiate and pursue independent work
 Proficiency with Microsoft Office, including advanced Word, PowerPoint, and Excel functions
 Able to obtain Canadian Government Security Clearance (SECRET)

Should Have

 Familiarity with industry best practices and security references including:

o ITSG-33 IT Security Risk Management: A lifecycle approach
 o ITSP.80.022 Baseline Security Requirements for Network Security Zones
o NIST SP 800-53 Rev. 5 Security and Privacy Controls for Information Systems and Organizations
o NIST SP 800-53A Rev. 5 Assessing Security and Privacy Controls in Information Systems and
Organizations
o NIST SP 800-171 Protecting Controlled Unclassified Information in Nonfederal Systems and
Organizations
o NIST SP 800-171A Assessing Security Requirements for Controlled Unclassified Information
o NIST SP 800-172 Enhanced Security Requirements for Protecting Controlled Unclassified
Information: A Supplement to NIST Special Publication 800-171
o NIST SP 800-172A Assessing Enhanced Security Requirements for Controlled Unclassified
Information
o NIST’s Cybersecurity Framework (CSF)
o NIST SP 800-160 Volume 1 and especially Volume 2
 Experience with risk management and integrating security into software development life cycle
 Familiarity with SIEM and EDR security solutions
 Experience with Process Development and Process Engineering
 Ability to anticipate trends and develop plans to protect against emerging threats
 Design and implementation of vulnerability management programs
 Experience in building security analytics to guide work prioritization

Could Have

 Scripting and query language abilities

 Interest in identifying and implementing automation opportunities
 Knowledge of Process Control Systems concepts and technology
 Familiarity with DND/CAF security policy such as the Maritime Security Assessment Methodology (MSAM)
and DND SA&A Guide