Security Information and Event Management (SIEM) and XDR Technical Advisor
Security Information and Event Management (SIEM) and XDR Technical Advisor
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
Priority may be given to the following designated employment equity groups: women Indigenous Peoples* (First Nations Inuit and Métis) persons with disabilities and racialized persons*.
* The Employment Equity Act which is under review uses the terminology Aboriginal peoples and visible minorities.
Candidates are asked to self-declare when applying to this hiring process.
City:Ottawa
OrganizationalUnit:Knowledge Information and Technology Services
Classification:CS-3
Tenure:Continuing
Language Requirements:English
Work arrangements:Due to the nature of the work and operational requirements this position is eligible for a hybrid work arrangement (combination of working onsite and telework). Employees in this position who telework will be required to travel to the designated work site at least three times per week or a minimum of 60% of their regular work schedule at their own expense.
At the NRC we recognize that Indigenous candidates may have important connections to their communities and you may be eligible for an exception to this work arrangement. Alternative work arrangements may also be considered to accommodate candidates as required. To learn more about these options please contact the NRC Hiring team using the contact information below.
Discover the possible
Anything is possible at the NRC named in 2025 one of Canadas Top Employers for Young People Top Employer in the National Capital Region and Forbes Canadas Best Employers!
As Canadas leading research and technology organization our world-renowned research pushes the boundaries of science and engineering to make the impossible possible. Every day we explore new ideas through innovative research and help companies discover possibilities that impact Canadas future and the world.
At the NRC youll also discover new possibilities. Our supportive workplace fosters a culture of creativity welcoming fresh perspectives and innovation at all levels. We value teamwork. Youll collaborate across multiple fields and with the brightest minds to find creative solutions. Most importantly youll discover whats possible within you as you grow make valuable contributions and progress in your professional journey. From ground-breaking discoveries to a life-changing career discover your possible at the NRC.
The role
We are looking for a Security Information and Event Management (SIEM) and XDR Technical Advisor to support our Chief Information Officer Branch. The Technical Advisor Cloud and Data Security would be someone who shares our core values of Integrity Excellence Respect and Creativity.
The key activities for this position are the following:
- Develop implement and manage the Security Information and Event Management (SIEM) platform to aggregate and correlate data from multiple security systems;
- Develop implement and manage the Extended Detection and Response (XDR) platform to improve the automation of vulnerability event and incident management as they relate to Identity Endpoint Network Cloud etc.;
- Develop implement and manage NRCs Insider Threat and Data Loss Prevention (DLP) program in collaboration with NRCs Information Management group;
- Coordinate the integration and the evolution of multiple cyber security tools on all NRC-managed assets into a comprehensive and coherent suite of tools;
- Configure dashboards and reports for cyber security events incidents and vulnerabilities;
- Establish key performance indicators to evaluate the effectiveness of NRCs cyber defence strategy and to ensure that the Cyber Defence Teams objectives are being achieved;
- Ensure the onboarding and integration of new NRC projects into cyber security services;
- Develop operational cyber security instruments (policies directives standards guidelines and configuration baselines) tailored to the NRC.
- Achieve and maintain industry standard security certification appropriate for the position.
Screening criteria
Applicants must demonstrate within the content of their application that they meet the following screening criteria in order to be given further consideration as candidates:
Education
A University or College degree in Computer Sciences or a College diploma in Computer sciences or an equivalent combination of experience and education
For information oncertificates and diplomas issued abroad please see Degree equivalency
Experience
- Significant experience in the IM/IT field specifically in roles related to cyber security within a Security Operations Center (SOC) or similar environment;
- Significant experience as a system administrator particularly with cyber security tools such as antivirus vulnerability management detection and response data loss prevention etc.;
- Significant experience in event and incident management (i.e. preparation; detection and analysis; containment eradication and recovery; post-incident activity);
- Strong experience in scripting or programming;
- General experience in implementing adequate technical and organizational safeguards to protect IT assets information and the continuity of IT services;
- Experience in writing various types of documentation such as reports briefing notes technical guides and standard operating procedures;
Condition of employment
Secret (II)
A thorough security clearance process will be applied.
For a Secret Clearance verification of background information over a period of 10 years is required. Individuals must have lived in Canada for a sufficient period of time to enable the security screening process.
Language requirements
Assessment criteria
Candidates will be assessed on the basis of the following criteria:
Technical competencies
- Extensive knowledge of the general principles of Cyber Security operations;
- Significant knowledge of SIEM/XDR technologies and specifically Microsoft Sentinel Microsoft 365 Defender and Microsoft Defender for Cloud;
- Strong knowledge of query and scripting tools such as Microsoft PowerShell and Kusto as well as reporting tools such as Power BI Report Builder;
- Broad knowledge of activities and technologies relevant to cyber security including endpoint security patch management incident management change management network monitoring malware analysis vulnerability assessments data loss prevention technologies etc.;
- Broad knowledge on all aspects of an IT infrastructure including server and workstation hardware and software Windows and Linux operating systems Windows Active Directory TCP/IP networks and network architecture as they apply to IT security (e.g. zoning) encryption and communication technologies cloud computing etc.;
- General knowledge of cyber security related policies directives standards and guidelines used in the Government of Canada;
- General knowledge of cyber security standards and frameworks from NIST CSE ISO CIS etc;
Platform specific security certification (e.g. Microsoft AWS) will be considered an asset;
Current industry standard security certification (e.g. CISSP CISM CCSP CISA) will be considered an asset;
Behavioural competencies
- Technology support - Client focus (Level 3)
- Technology support - Communication (Level 3)
- Technology support - Conceptual and analytical ability (Level 3)
- Technology support - Initiative (Level 3)
- Technology support - Teamwork (Level 3)
- Technology support - Results orientation (Level 3)
Competency Profile(s)
For this position the NRC will evaluate candidates using the following competency profile:Technology Support
View all competency profiles
Compensation
From $101874to $127511per annum.
NRC employees enjoy a wide-range of competitive benefits including a robust pension plan comprehensive health and dental coverage disability and life insurance office closure at the end of December and additional supports to enhance your well-being throughout your career and beyond.
Notes
- In 2025 the NRC was chosen as one of Canadas Top Employers for Young People a National Capital Region Top Employerand Forbes Canadas Best Employer.
- Relocation assistance will be determined in accordance with the NRCs directives.
- A pre-qualified listmay be established for similar positions for a one year period.
- Preference will be given to Canadian Citizens and Permanent Residents of Canada. Please include citizenship information in your application.
- The incumbent must adhere to safe workplace practices at all times.
- We thank all those who apply however only those selected for further consideration will be contacted.
Please direct your questions with therequisition number (24181) to:
Telephone:
Closing Date: 17 October 2025 - 23:59 Eastern Time
For more information on career tools and other resources check outCareer tools and resources
*If you are currently a term or continuing employee at NRC please apply through the SuccessFactors Careers module from your NRC computer.
Required Experience:
Unclear Seniority
Employment Type
Temp
