Operate and Maintain

 

6.1 Network Security Operator/Specialist


Basic Job Description

  • Develops, creates, integrates, tests, and maintains computer and information system security throughout the systems life cycle, and reports on information system performance;
  • Actively monitoring networks to detect, prevent, and recover from security threats.

Cyber Security Related Tasks

  • Define and review an organization’s networks and computer systems, and ensure security requirements recognize appropriate disaster recovery plans and business continuity functions, including any failover or backup requirements for system restoration;
  • Analyze existing security systems and make recommendations for changes or improvements;
  • Plan, research, implement, and maintain secure networks and computer systems using scientific analysis and mathematical models;
  • Research current and emerging technologies to understand capabilities of required networks or systems;
  • Research and develop a system security context, and define security assurance requirements based on industry standards and cyber security policies and practices;
  • Ensure the acquired or developed systems are consistent with an organization’s cyber security policies and practices;
  • Define, develop, implement, and maintain cyber security policies and procedures;
  • Develop and conduct network testing and validation procedures, programming, and secure coding, and report on functionality and resiliency;
  • Conduct vulnerability testing and security reviews on networks to identify gaps, and examine controls and measures required to protect against irregular/malicious activity and potential threats to networks;
  • Actively monitor and analyze network traffic/systems to identify irregular/malicious activity and potential threats;
  • Provide timely detection, identification, and alerting of irregular/malicious activities and potential threats/attacks and distinguish these incidents and events from benign activities;
  • Document and escalate incidents or threats that may cause ongoing and immediate impact to the organization;
  • Notify management, cyber incident responders/handlers, and colleagues of suspected incidents and threats and potential impact for further action based on the organization’s cyber incident response plan; and
  • Recommend and install and upgrade security measures, controls, and protocols to protect digital files and networks or systems against cyber threats and vulnerabilities.

Commonly Requested Education, Training and Work Experience

  • Post-secondary education in a cyber or IT related field (e.g.; Computer Science, Information Technology, Computer Engineering or equivalent);
  • Certifications an asset: Certified Information Systems Security Professional (CISSP); and
  • Previous training and experience in network security is preferred – 1-3 years of experience for entry-level; 5 years of experience for advanced-level. Requested experience will depend on the organizational need.

Primary Training Requirements – Learning Outcomes

  • Technical knowledge of networks, computer components, power supply technology, system protocols, cyber security-enabled software;
  • Principles in information security, engineering, networking, mathematics;
  • Cryptography and cryptographic key management concepts;
  • Concepts in operating systems, microprocessors, network access, identity and access management, penetration testing;
  • Network protocols and packet analysis tools;
  • Operating systems and system administrations hardening techniques;
  • System design tools, methods, and techniques;
  • Secure coding and configuration techniques;
  • Computer architecture, data structures, and algorithms;
  • Linear/matrix algebra and/or discrete mathematics;
  • C, C++, Java, Python, and similar computer programming languages;
  • System life cycle management principles, including software security and usability;
  • System testing and evaluation methodologies and processes;
  • Intrusion detection system (IDS)/Intrusion prevention system (IPS), penetration and vulnerability testing;
  • System, application and data security threats, risks and vulnerabilities;
  • Incident response and handling methodologies;
  • Designing countermeasures to identified security risks;
  • Risk management policies, requirements, and practices;
  • Business continuity and disaster response planning;
  • A working knowledge of cyber security and privacy principles and methods (e.g., firewalls, demilitarized zones, encryption, virtual private network devices);
  • Industry standards and organizationally accepted analysis principles and methods;
  • Develop and conduct risk assessments and relevant documents; and
  • Current and emerging technology and cyber security technologies.

Key Proficiencies

Research, Analytical, Attention to Detail, Interpersonal, Communication skills

5.2 Industrial Control Systems (Ics) Security Analyst


Basic Job Description

Sets up and maintains networks or specific components of a computer system (e.g.: installing, configuring, and updating hardware, software and networks; monitoring system performance and troubleshooting issues; implementing operational and technical security controls; and adhering to organizational cyber security policies and procedures).

Cyber Security Related Tasks

  • Install, configure, and update hardware, software, and networks;
  • Conduct functional and connectivity testing to ensure continuing operability and efficiency;
  • Manage network servers and technology tools, including performance, capacity, availability, serviceability, and recoverability, and access to systems and workstations;
  • Monitor performance and maintain systems/server configuration according to security requirements;
  • Troubleshoot hardware or software interoperability issues and outages;
  • Diagnose and repair faulty systems and servers;
  • Maintain system security through access controls, backups, and other controls, in accordance to organizational policies and procedures;
  • Implement cyber security policies, network security, application security, access controls and organizational data safeguards; and
  • Develop documentation on system administration standard operating procedures.

Commonly Requested Education, Training and Work Experience

  • Post-secondary education in a cyber or IT related field (e.g.; Computer Science, Information Technology or equivalent);
  • Certifications an asset: Certified Information Systems Security Professional (CISSP); Computing Technology Industry Association (CompTIA) Security+; and
  • Previous training and experience in network security is preferred – 1-3 years of experience for entry-level; five years of experience for advanced-level. Requested experience will depend on the organizational need.

Primary Training Requirements – Learning Outcomes

  • Technical knowledge, security principles, and methods (e.g., firewalls, encryption), and the functional and technical design of networks and system, and cyber security solutions;
  • System life cycle management principles, including software security and usability;
  • Measures or indicators of system performance, availability, capacity, or configuration problems;
  • Analysis tools and network protocols;
  • System administration, network, and operating system hardening techniques;
  • Server and client operating systems;
  • Systems administration concepts;
  • Configuring and optimizing software, systems or servers;
  • System security and data backup/recovery; and
  • Diagnostic tools and fault identification techniques.

Key Proficiencies

Problem-solving, Attention to Detail, Organizational, Time Management, Interpersonal, Communication skills

6.3 Cryptographer/Cryptanalyst


Basic Job Description

  • Develops algorithms, ciphers, and security systems to encrypt information.
  • Analyzes coding systems and decodes messages.
  • Code makers and code breaker protecting the privacy of organizations and individuals by supervising the online security of data systems.

Cyber Security Related Tasks

  • Protect important information from interception, access and modification;
  • Evaluate, analyze and target weaknesses in security systems and algorithms;
  • Develop robust security systems to prevent vulnerabilities;
  • Develop statistical and mathematical models to analyze data and troubleshoot security problems;
  • Test computational models for reliability and accuracy;
  • Identify, research and test new cryptology theories and applications;
  • Decode cryptic messages and coding systems for organization;
  • Develop and update methods for efficient handling of cryptic processes;
  • Prepare technical reports that document security processes or vulnerabilities; and
  • Provide guidance to management and personnel on cryptical or mathematical methods and applications.

Commonly Requested Education, Training and Work Experience

  • Post-secondary University degree in Computer Engineering, Computer Science, or Mathematics. A Master’s of Science or Doctorate is strongly preferred;
  • Previous training and experience in cyber security or IT security infrastructure is preferred – 3 years of experience for entry-level; 5-10 years of experience for advanced-level. Requested experience will depend on the organizational need.

Primary Training Requirements – Learning Outcomes

  • Computer architecture, data structures, and algorithms;
  • Linear/matrix algebra and/or discrete mathematics;
  • Probability theory, information theory, complexity theory and number theory;
  • C, C++, Java, Python, and similar computer programming languages;
  • Cryptography and cryptographic key management concepts;
  • Principles of symmetric cryptography (e.g., symmetric encryption, hash functions, message authentication codes, etc.);
  • Principles of asymmetric cryptography (asymmetric encryption, key exchange, digital signatures, etc.); and
  • Applicable laws, legal codes, regulations, policies and ethics as they relate to cyber security.

Key Proficiencies

Analytical, Problem-solving, Time Management, Interpersonal, Communications skills

6.4 Technical Support Specialist


Basic Job Description

Provides technical support to an organization based on established or approved process components, systems, and protocols.

Cyber Security Related Tasks

  • Actively monitor computer system performance and health, and troubleshoot and resolve hardware or software interoperability issues, and system outages and faults;
  • Install, configure, and maintain operating system software, hardware, and peripheral equipment based on organizational policies, standards, and procedures;
  • Develop, conduct, and maintain incident reports and vulnerability and impact assessments;
  • Develop and maintain tracking and solution database;
  • Analyze and recommend improvements and changes to computing environments;
  • Administer user accounts, network privileges, and access to systems and equipment;
  • Conduct asset management or inventory control of system and equipment resources; and
  • Develop, deliver, and oversee training material and educational efforts.

Commonly Requested Education, Training and Work Experience

  • Post-secondary education in a cyber or IT related field (e.g.; Computer Science, Information Systems or equivalent); and
  • Previous training and experience in technical support is preferred – 1-3 years of related work experience for entry-level; 5-7 years of experience for advanced-level. Requested experience will depend on the organizational need.

Primary Training Requirements – Learning Outcomes

  • Technical knowledge of networks, computer components, system protocols, cyber security-enabled software, cloud technology;
  • System administration, operating system, microprocessor, and identity and access management concepts;
  • System life cycle management principles, including software security and usability;
  • Measures or indicators of system performance, usability, and availability;
  • A working knowledge of cyber security principles and elements;
  • Operations and processes for incident, security problems, and event management;
  • Industry standards and organizationally accepted analysis principles and methods; and
  • Develop, update, and maintain standard operating procedures, and incident, security problem or event reports.

Key Proficiencies

Analytical, Problem-solving, Interpersonal, Communication skills

Date modified: