Share this Job
Requisition Number:  2808
Position Type:  Permanent
Position Length:  Indeterminate

Ottawa (Downtown), ON, CA

Closing Date:  August 28, 2019 11:59 EST

Diversity and Inclusion
As one of Canada’s Top 100 Employers, we offer you a superior work environment that allows you to reach your full potential both professionally and personally. We make career growth and professional development a priority. We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce.

Let our team know if you need accommodation or support during the recruitment process due to a disability or other reason. We can provide support in multiple ways, from using this site and submitting your application, right through to the interview process. If you are the successful candidate, you can also discuss accommodation needs when you receive your offer.

Contact to discuss how.

Technical Team Lead, Security Monitoring



Take a Central Role at the Bank of Canada
The Bank of Canada cyber security vision is “To strengthen the cyber resilience of the Canadian financial system against an evolving threat environment.” A career in cyber security at the Bank is an opportunity to defend a key component of Canada’s critical national infrastructure against cyber security threats. Our work keeps the technical backbone of Canada’s complex financial systems operating smoothly and predictably day in and day out. We have unique business processes, systems and in-house applications that make every day challenging and interesting.

Be part of a dynamic and highly skilled team of cyber specialists working in a fast-paced environment enabling the Bank to operate and innovate securely. With the increased sophistication and frequency of cyber-attacks, our cyber resilience continues to be a top priority.

The Bank recently released its updated cyber security strategy and a key part of this role will be to
contribute to the execution of that strategy through cyber security operations and real-world experiences of your team.

About the position
As part of the cyber division, you report to the Assistant Director cyber security operations and provide technical leadership in the day-to-day operations of the Bank’s cyber security monitoring team. This role is also the technical lead for the Bank’s cyber security incident management process.  

Your future responsibilities

As the Technical Team Lead (TTL) within the cyber security monitoring team, you:

  • Provide expert knowledge and guidance on matters relating to cyber security, Endpoint Detection and Reponse (EDR), Security Information Event Management (SIEM), and security incident management.
  • Function as a subject-matter expert in cyber intrusion detection and response, providing advice to Bank employees, Bank management on appropriate response options;
  • Guide the technical coordination and management of action necessary to remediate cyber security incidents, threats and vulnerabilities;
  • Effectively communicate IT security incidents to all stakeholders and help inform decision makers in a timely and consistent manner and guide the sharing of information regarding cyber security incidents, threats and vulnerabilities with various stakeholders;
  • Minimize the impacts of cyber incidents to Bank information and operations by:
    • Utilizing the Bank’s Endpoint Detection and Reponse (EDR) tool to proactively hunt for anomalies indicating a security issue or compromise, take appropriate containment actions and draft reports detailing the incident;
    • Utilizing the Bank’s Security Information Event Management (SIEM) tools to review alerts/events from different IT security tools to determine their severity, take appropriate containment actions and draft reports detailing the incident.
  • Analyze host-based or network-based Indicators of Compromise (IOC) to assist in detection and/or generate new IOCs;
  • Perform detailed technical analyses of endpoints and threats, including malware and viruses;
  • Analyze network forensics utilizing various log sources and network packet analyzers;
  • Work with Bank stakeholders to develop cyber security defensive techniques and best practices in order to improve the Bank’s safeguards;
  • Help establish processes and procedures for the security monitoring team to automate/orchestrate routine Security Operation Centre tasks 
  • Help develop and maintain effective and collaborative business relationships with internal and external entities to effectively conduct cyber security business 

Your education and experience

  • University degree in computer science or engineering and seven or more years of experience in the information and technology security field, with a concentration on security incidents investigations and/or security operations centre 


  • An equivalent combination of education and experience may be considered


  • Recent experience leading a technical team in cyber security investigations and working with a broad range of tools and capabilities.
  • Relevant certification (CISSP, CEH, GIAC)

Your knowledge and skills 
You have excellent cyber security technical skills along with good communication and interpersonal skills which enables you guide a technical response to complex IT incidents. You have good with enterprise security incident response familiarity as well as Security Operations Centre tasks. You have demonstrated experiences in the following areas: 

  • EDR and SIEM solutions
  • Network and operating system security features (e.g., Kerberos, Windows, Linux)
  • Network security technologies (e.g., network firewalls, system hardening)
  • Cyber security frameworks (e.g., MITRE ATT&ACK, CIS CSC, NIST SP 800-53)


Language requirement
English or French essential


What you can expect from us
This is a great opportunity to join a leading organization and be part of a high-performing team. We offer a competitive compensation and benefits package designed to meet your needs at every stage of your life and career.

  • Salaries are based on qualifications and experience and typically range from $82,400 to $108,100 (job grade 17)
  • Depending on performance, you may be eligible for performance pay for successfully meeting (7 to 10% of your base salary) or for exceeding expectations (15% of your base salary). Exceptional performers who far exceed expectations may be eligible for higher performance pay.
  • Flexible and comprehensive benefits so you can choose the level of health, dental disability and life and/or accident insurance coverage that meets your needs
  • Extra vacation days (up to five each year) that you can purchase to add to your vacation entitlement
  • Indexed, defined-benefit pension


For more information on key benefits, please visit
Additional information

  • Priority will be given to Canadian citizens and permanent residents
  • Security level required: Secret 
  • Relocation assistance may be provided, if required


We wish to thank all applicants for their interest and effort in applying for this position; however, only candidates selected for interviews will be contacted.

Find similar jobs: