Ottawa (Downtown), ON, CA
Vulnerability Management Analyst
Take a central role
The Bank of Canada has a vision to be “a leading central bank—dynamic, engaged and trusted—committed to a better Canada.” No other employer in the country offers you the unique opportunity to work at the very center of Canada’s economy, in a diverse and inclusive organization with significant impact on the economic and financial well-being of all Canadians. You will be challenged, energized and motivated to excel in an environment where we are reinventing central banking, renewing ways of doing business and reinforcing a culture of innovation.
Find out more about the next steps in our Recruitment process.
What you will do
As the Vulnerability Management Analyst, you will help shape the future of IT security standards at the Bank. You will perform vulnerability analyse, hands on security testing and validation, share theoretical knowledge of concepts, and propose solutions to identified security flaws. You will play a central role in educating and collaborating with IT operational teams to ensure the security of the Banking systems is maintained for the financial institutions in Canada.
In addition, you will:
- be responsible for ingesting, validating, and rating new vulnerabilities into a central tracker
- continuously update vulnerabilities as threats and risks evolve
- assist with the coordination, prioritisation of remedial activities working directly with IT operational support teams
- ensure remediations are completed on time and validate vulnerabilities are remediated.
What you need to succeed
A combination of experience and knowledge with OS platforms, applications, databases, cloud, web services, IT Network Infrastructures and Security Zoning (ITSG 22/38). You should have the ability to perform security testing and validation on various platforms and to systematically analyze information, define problems and draw logical conclusions. Hands on experience with vulnerability scanning tools (such as Nexpose, and Nessus) would be ideal.
Nice-to-have
- experience as a third-party assessor or internal or external auditor, providing consultation services to public sector organizations or Crown corporations
- relevant certification (OSCP, OSCE, OSWE, GSSP-Java, GSSP-.NET, GPEN, GWAPT or equivalent)
- familiarity with security risk assessment methodologies and reporting (CSEC-RCMP HTRA preferred)
Your education and experience
The position requires a a university degree or 3-year college diploma in computer science, software or systems engineering, or a related discipline or an equivalent combination of education and experience may be considered.
What you need to know
- Language requirement: English or French essential
- Priority will be given to Canadian citizens and permanent residents
- Security level required: Be eligible to obtain Secret
- Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.
- In response to the COVID-19 pandemic and further to public health guidelines, preventative measures are being taken to ensure health and safety during the recruitment process. All interviews are conducted virtually.
Hybrid Work Model & Remote work
The Bank is moving towards a hybrid working model which allows employees to telework up to 50 percent of the time, balanced over a two-week period. Since this position is temporary it can be staffed remotely from anywhere in Canada for those candidates not within commuting distance to the Bank office.
In the event that the position becomes regular/indeterminate, you will be required to adhere to the hybrid model. Relocation assistance may be offered by the Bank for terms greater than 2 years.
Vaccination Policy
In response to the COVID-19 pandemic that was declared by the World Health Organization, the mandates issued by the federal government, and the direction provided by public health authorities, the Bank of Canada requires all new employees to be fully vaccinated prior to their start date.
Selected candidates will be asked to provide proof of vaccination status at the reference stage. Candidates who are unable to be vaccinated against COVID-19 and require an accommodation for a legitimate medical, religious or other human rights-based grounds will follow a seperate process.
Covid-19 Authorized Vaccines in Canada
We wish to thank all applicants for their interest and effort in applying for this position. Only candidates selected for interviews will be contacted.
What you can expect from us
This is a great opportunity to join a leading organization and be part of a high-performing team. We offer a competitive compensation and benefits package designed to meet your needs at every stage of your life and career. For more information on key benefits please visit A great deal to consider.
- Salaries are based on qualifications and experience and typically range from $72,692 to $85,520 (job grade 15)
- Depending on performance, you may be eligible for performance pay for successfully meeting (5 to 7% of your base salary) or for exceeding expectations (10% of your base salary). Exceptional performers who far exceed expectations may be eligible for higher performance pay.
- Flexible and comprehensive benefits so you can choose the level of health and dental coverage that meets your needs
- Extra vacation days (up to five each year) that you can purchase to add to your vacation entitlement
- Option to join the indexed, defined-benefit pension plan after 24 consecutive months of service #LI-POST