Analyst, IT Security and Risk (Ottawa, Toronto or Montreal)

Join the Security Team where you will assist with developing and delivering a risk-managed, cybersecurity program. The candidate will be involved in defining and managing cyber risks, resolving current and emerging threats, and using your passion to protect CMHC’s internal and external IT environments. You will be part of a team that manages complex issues in a timely manner to identify risks, events and incidents, including security-related events, assess risks and vulnerabilities, as well as applying the appropriate escalation and reporting requirements. 
  
Responsibilities:  
 

• Assist with the assessment of security risk events by gathering evidence to analyze and investigate the potential impacts to the entire corporation from these events. 
• Conduct research to stay abreast of security technologies and the impact of new technologies on security. 
• Develop and maintain a Cybersecurity risk monitoring and incident management protocol to quickly identify and flag current and evolving threats. 
• Assist in the implementation of security improvements by assessing current situations, evaluating trends and anticipating requirements. 
• Maintain and test security processes, procedures and practices to protect and safeguard against security breaches. 
• Identifies security issues and assist in designing solutions for any existing gaps to ensure security principles, policies, practices and customer’s expectations are met. 
• Performing research on emerging security threats, vulnerabilities, trends and industry standards and provision of actionable strategies to address any CMHC-specific risks 
• Respond to client requests and research solution options. 
• Assist with security threat and vulnerability analysis, security testing, security audits and incident response. 

 
Minimum Qualifications: 
 

• Undergraduate degree or College Diploma in a related field such as risk management, business, finance, and information management preferred. A combination of security related experience and education would also be accepted. 
• Minimum of 1 year of experience in information/cyber security. 
• Knowledge of Risk Assessment and Risk Management 
• Knowledge of standards such as NIST CSF, SP 800-53, ITSG-33, ISO 27001, OSFI B13. 
• Knowledge of security technologies such as identity management, computer forensics, application security and network security technologies. 
• Knowledge of IT or network operations. 
• Good communication, facilitation and presentation skills. 
• Good influencing, negotiating, critical thinking skills. 
• Ability to establish and maintain effective working relationships. 

 
Preferred Qualifications:
 

• Successful completion of an IT security certification would be considered an asset. 
• Bilingualism (French and English).
• Financial services background.

Posting closing date: Note, the competition may remain active until filled.

IMPORTANT NOTICE – COVID-19 MEASURES

On June 14, 2022, the Government of Canada announced that as of June 20, 2022, it will suspend vaccination requirements for federal government employees.  This decision followed a review of the current public health situation, including the evolution of the virus and vaccination rates in Canada. As a result, and consistent with the Government of Canada decision, CMHC has suspended its Vaccination Policy, effective June 20, 2022.  

As a result, at this time, CMHC does not require employees to be fully vaccinated as a condition of employment.  CMHC will continue to monitor the public health situation and may at any time make adjustments and adopt or reintroduce measures, including mandatory vaccination, attestation and verification requirements. Any such vaccination measures, as updated from time to time, shall form a term and condition of your employment at CMHC.