Career Opportunities: Information Security Officer 2 - Cyber Threat Intelligence Analyst (69706)

Role Responsibilities

Join Our Team as a Cyber Threat Intelligence Analyst in Cybersecurity!

Are you ready to thrive in a fast-paced environment? Do you excel at problem-solving and uncovering patterns from diverse intelligence sources? Are you passionate about staying ahead of cyber threats and providing valuable insights into risks and vulnerabilities? 

If you answered "yes" to these questions, we want to hear from you! Apply now and become a key player in our Cybersecurity division.

Overall, as the Information Security Officer 2 – Cyber Threat Intelligence Analyst, you are tasked with the protection of the GoA's information assets from a confidentiality, integrity, and availability perspective. You will support the GoA's Information Security Management Directives (ISMDs) and contribute to the safe operation of the GoA's computing environment. 

As part of our growing GoA threat intelligence practice, you will collect and analyze threat intelligence information from various data sources, track emerging cyber threats, and provide actionable information to guide operations and make insightful decisions. You will be a key source of knowledge in information security and intelligence matters supporting the division, ministry, and GoA stakeholders.

The responsibilities of this role include:

• Conducting in-depth research and threat analysis using all source collection.
• Reviewing network and system logs and performing trend, temporal, link, and data analysis.
• Performing intrusion analysis and clustering. 
• Performing threat profiling by analyzing and synthesizing internal and external data.
• Collaborating with cross-functional teams to triage threats and develop proactive defense strategies.
• Delivering written and verbal reports or briefs for a variety of stakeholders on cyber threats, operational metrics, and trends.
• Assessing and enhancing threat intelligence processes, tools, and methodologies to improve effectiveness and efficiency.
• Supporting the GoA Cybersecurity Division activities by providing actionable intelligence.
• Developing, collecting, and meeting the intelligence requirements of the Government of Alberta and the wider province.

To be successful in this position, you will:

• Excel at applying research principles and structured analytic techniques, combating and identifying biases and fallacies to derive clear and fair analytic judgements. 
• Demonstrate an understanding of adversaries, their trade craft, and tactics, techniques, and procedures (TTPs), as well as cyber threat intelligence (CTI) frameworks and CTI tools.
• Clearly convey unbiased analytical judgements to tactical, operational, and strategic audiences.
• Adapt to dynamically changing priorities.

Please click on this link to view the job profile for this position
 

APS Competencies

Competencies are behaviors that are essential to reach our goals in serving Albertans. We encourage you to have an in depth understanding of the competencies that are required for this opportunity and to be prepared to demonstrate them during the recruitment process.

This link will assist you with understanding competencies:
https://www.alberta.ca/system/files/custom_downloaded_images/psc-alberta-public-service-competency-model.pdf.

Agility: Ability to anticipate, assess, and readily adapt to changing priorities, manage resilience in times of uncertainty and effectively work in a changing environment.

Drive for Results: Knowing what outcomes are important and maximizing resources to achieve results that are aligned with the goals of the organization, while maintaining accountability to each other and external stakeholders.

Develop self and others: A commitment to lifelong learning and the desire to invest in the development of the long-term capability of yourself and others.

Build Collaborative Environments: Leads and contributes to the conditions and environments that allow people to work collaboratively and productively to achieve outcomes.

Develop Networks: Proactively building networks, connecting, and building trust in relationships with different stakeholders.

Systems Thinking: The work done within the APS is part of a larger integrated and inter-related environment. It is important to know that work done in one part of the APS impacts a variety of other groups/projects inside and outside the APS. Systems thinking allows us to keep broader impacts and connections in mind.

Creative Problem Solving: Ability to assess options and implications in new ways to achieve outcomes and solutions.
 

Qualifications

Requirements:

• A university degree in Computer Science, Information Technology or related field, supplemented by at least two (2) years of related experience. See below for equivalencies. 
• Related experience may include experience in an information technology or related role with an emphasis in threat intelligence, threat hunting, vulnerability management, security risk management, or security operation centre.

Equivalencies:

• A related two-year diploma in a related field from a recognized postsecondary institution and four (4) years related experience; or
• A related one-year certificate from a recognized post-secondary institution and five (5) years related experience.

Assets:

• Experience conducting research using open sources. 
• Knowledge of network protocols and how adversaries utilize them to facilitate intrusions.
• Experience attributing malicious activity to known threat actors and uncovering their motivations, affiliations, and any further context.
• Proficient in one or more programming language (e.g., Python, C, C++), and one or more query language (e.g., KQL, SQL).
• Strong critical thinking, analytical and problem-solving skills, including the ability to deal with large amounts of information in a limited time.
• Excellent communication skills, both written and verbal. Ability to communicate technical information to diverse audiences – both technical and non-technical – in a clear and concise manner.
• Familiarity with Microsoft PowerBI and the Azure suite of products, including Microsoft Sentinel and Microsoft 365 Defender.
• Possession of a cybersecurity certification, such as CISSP, CISM, CISA, CEH, GPEN, or equivalent.

Minimum recruitment standards outline the minimum education and experience required for appointment to a job classification.
Refer to https://www.alberta.ca/alberta-public-service-minimum-recruitment-standards.
 

Notes

Term of Employment: Permanent, Full-time position    

Hours of Work: 7.25 hours daily / 36.25 weekly – Monday to Friday

Location: Remote across Alberta

This position is eligible for remote work. You must reside in Alberta to work remotely.

Final candidates will be required to undergo a security screening.

This competition may be used to fill future vacancies, across the Government of Alberta, at the same or lower classification level. 

Applicants are advised to provide a cover letter summarizing information that clearly and concisely demonstrates how their qualifications meet the advertised requirements, including education, experience, and relevant examples of required competencies. 

Additional Information:
In your resume, please include dates (including months and years) associated with all education and work experience. Additionally, please indicate:

• whether your work experience is casual, part-time, or full-time. For example, January 15, 2006 - June 25, 2009: Assistant (PT three 8 hrs. shifts/week).
• Your major (and minor) and length of program and the year you graduated. For example: Bachelor of Science, 4-year Degree (Graduated 2017)
• the year certification(s) were obtained. For example:  CISSP – 2021.

Any costs associated with obtaining the required documents/checks as noted or interview travel expenses, will be the responsibility of the candidate. Out-of-province applicants can obtain the required documents/checks from the province they currently reside in.
 

Links and information on what the GoA have to offer to prospective employees.

• Working for the Alberta Public Service - https://www.alberta.ca/advantages-working-for-alberta-public-service.aspx.
• Public Service Pension Plan (PSPP) - https://www.pspp.ca.
• Alberta Public Service Benefit Information - https://www.alberta.ca/alberta-public-service-benefits.
• Professional learning and development - https://www.alberta.ca/professional-development-support-directive.
• Research Alberta Public Service Careers tool – https://researchapscareers.alberta.ca.
• Positive workplace culture and work-life balance.
• Opportunity to participate in flexible work arrangements such as working from home up to two days per week and modified work schedule agreement.
• Leadership and mentorship programs.