Flexible Work Agreement TypeHybrid / Hybride

Posting End Date2025-02-23

Job GradePIPSC-3

Pay Range$107,682 - $135,272

Job SummaryThis role supports the Cybersecurity Operations Team with a focus on developing and maturing the Microsoft Azure Sentinel platform, processes and capabilities. The ideal candidate will have experience in cloud security, with a focus on Azure Sentinel and related Microsoft security technologies.

Job Description

What NAV CANADA offers you:

• Challenging, team-oriented work environment
• Competitive compensation and benefits
• Defined benefit pension plan
• Opportunities for growth and development
• Flexible work arrangements
• Diverse and inclusive workforce 

Key Accountabilities:

• Design, implement, and manage Azure Sentinel deployments.
• Develop and tune correlation rules and KQL queries for threat detection.
• Integrate Azure Sentinel with other Microsoft security tools.
• Conduct security assessments and vulnerability scans.
• Respond to and investigate high-severity security incidents.
• Create and optimize security dashboards and reports.
• Developing and implementing automated workflows and playbooks for security orchestration and response (SOAR).
• Continuously assessing data coverage and identifying areas for improving Azure Sentinel&39;s effectiveness.
• Leveraging threat intelligence feeds in Sentinel analytics and integrating them into the SOAR capabilities.
• Monitoring the health of core components, including Azure Active Directory, data collection servers, and the overall Azure platform.
• Reviewing and optimizing data ingestion trends and conducting cost analysis to ensure efficient operations.
• Staying updated with Microsoft and third-party announcements to adapt to potential changes in the platform and integrated solutions.

Job Requirements

Education:

• Graduation from a recognized postsecondary institution with specialization in cyber security, computer science, systems engineering, data analytics; or an acceptable combination of education, training and/or experience.

Experience:

• 4&43; years of experience in operational security, including SIEM platforms.
• 2&43; years of experience developing SIEM content.
• 2&43; years of experience using Azure Sentinel.
• 4&43; years of experience using scripting languages such as python or PowerShell.
• Experience in setting up and managing monitoring and logging solutions for cloud-based infrastructure.

Knowledge:

• Comprehensive knowledge of Azure services across networking, security, cloud landing zones compute & storage.
• Strong proficiency in Azure cloud security technologies.
• Working knowledge of KQL (Kusto Query Language).
• Familiarity with MITRE ATT&CK framework and threat intelligence feeds.
• Knowledge of Jupyter notebooks.
• Knowledge of Microsoft Defender

Abilities:

• Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or for which no precedent exists.
• Ability to prepare and present briefings.
• Ability to work with customer in a respectful manner, regardless of the circumstance; balances both client needs and project goals.
• Ability to contribute to planning, providing estimations and timelines for when activities shall be completed.
• Ability to participates in the research of industry standards to improve internal standards, policies, and procedures.

Personal Suitability:

• Responds to customer inquiries in a timely manner; takes responsibility for meeting customer requirements and solving applicable problems.
• Demonstrates an understanding of how customers affect the development of decision-making processes in the company.
• Assist in guiding and developing junior team members.

Working conditions:

• This position is based at Ottawa Logistics center but may be eligible for a flexible work arrangement.
• Typically conducted in a cubicle and/or open office and/or meeting room and/or lab environments using computer-based tools.
• Participation in one or more active projects / assignments where multi-tasking is required.
• Time pressures are tight with multiple deadlines, but the Specialist has control over the sequencing of work schedule.
• Travel may be required.
• Requirement for onsite work in event of security events

NAV CANADA is committed to building a skilled, diverse workforce reflective of Canadian society. If you do not believe that you match every job requirement listed on this job posting, we still encourage you to apply. NAV CANADA encourages a culture of learning and growth, and recognizes that although some technical skills are mandatory, many others can be taught.

Our Company strives to create an inclusive and barrier-free selection process and work environment. If you require accommodations during this competition process, please ensure that you inform the interview coordinator or hiring manager of any accommodation measures you may require. NAV CANADA will provide accommodations throughout the recruitment and selection process to applicants with disabilities as required.

The successful candidate must meet the security requirement of the position and be legally able to work in Canada.

We thank all applicants for their interest; only those selected for an interview will be contacted.

-