Priority may be given to the following designated employment equity groups: women, Indigenous Peoples* (First Nations, Inuit and Métis), persons with disabilities and racialized persons*.
- The Employment Equity Act , which is under review, uses the terminology Aboriginal peoples and visible minorities.
Candidates are asked to self-declare when applying to this hiring process.
City: Ottawa
Organizational Unit: Knowledge, Information and Technology Services
Classification: CS-3
Tenure: Continuing
Language Requirements: English
Work arrangements:Due to the nature of the work and operational requirements, this position is eligible for a hybrid work arrangement (combination of working onsite and telework). Employees in this position who telework will be required to travel to the designated work site at least three times per week or a minimum of 60% of their regular work schedule at their own expense.
At the NRC, we recognize that Indigenous candidates may have important connections to their communities and you may be eligible for an exception to this work arrangement. Alternative work arrangements may also be considered to accommodate candidates as required. To learn more about these options, please contact the NRC Hiring team using the contact information below.
Discover the possible
Anything is possible at the NRC, named in 2025 one of Canada’s Top Employers for Young People, Top Employer in the National Capital Region and Forbes Canada’s Best Employers!
As Canada’s leading research and technology organization, our world-renowned research pushes the boundaries of science and engineering to make the impossible, possible. Every day we explore new ideas through innovative research and help companies discover possibilities that impact Canada’s future and the world.
At the NRC, you’ll also discover new possibilities. Our supportive workplace fosters a culture of creativity, welcoming fresh perspectives and innovation at all levels. We value teamwork. You’ll collaborate across multiple fields and with the brightest minds to find creative solutions. Most importantly, you’ll discover what’s possible within you as you grow, make valuable contributions and progress in your professional journey. From ground-breaking discoveries to a life-changing career, discover your possible at the NRC.
The role
We are looking for a Security Information and Event Management (SIEM) and XDR Technical Advisor to support our Chief Information Officer Branch. The Security Information and Event Management (SIEM) and XDR Technical Advisor would be someone who shares our core values of Integrity, Excellence, Respect and Creativity.
The key activities for this position are the following:
- Develop, implement, and manage the Security Information and Event Management (SIEM) platform to aggregate and correlate data from multiple security systems;
- Develop, implement, and manage the Extended Detection and Response (XDR) platform to improve the automation of vulnerability, event, and incident management as they relate to Identity, Endpoint, Network, Cloud, etc.;
- Develop, implement, and manage NRC’s Insider Threat and Data Loss Prevention (DLP) program in collaboration with NRC’s Information Management group;
- Coordinate the integration and the evolution of multiple cyber security tools on all NRC-managed assets into a comprehensive and coherent suite of tools;
- Configure dashboards and reports for cyber security events, incidents, and vulnerabilities;
- Establish key performance indicators to evaluate the effectiveness of NRC’s cyber defence strategy and to ensure that the Cyber Defence Team’s objectives are being achieved;
- Ensure the onboarding and integration of new NRC projects into cyber security services;
- Develop operational cyber security instruments (policies, directives, standards, guidelines, and configuration baselines) tailored to the NRC.
- Achieve and maintain industry standard security certification appropriate for the position.
Screening criteria
Applicants must demonstrate within the content of their application that they meet the following screening criteria in order to be given further consideration as candidates:
Education
A University or College degree in Computer Sciences or a College diploma in Computer sciences or an equivalent combination of experience and education
For information on certificates and diplomas issued abroad, please see Degree equivalency
Experience
- Significant experience in the IM/IT field, specifically in roles related to cyber security within a Security Operations Center (SOC) or similar environment;
- Significant experience as a system administrator, particularly with cyber security tools such as antivirus, vulnerability management, detection and response, data loss prevention, etc.;
- Significant experience in event and incident management (i.e. preparation; detection and analysis; containment, eradication, and recovery; post-incident activity);
- Strong experience in scripting or programming;
- General experience in implementing adequate technical and organizational safeguards to protect IT assets, information, and the continuity of IT services;
- Experience in writing various types of documentation such as reports, briefing notes, technical guides, and standard operating procedures;
Condition of employment
Secret clearance
A thorough security clearance process will be applied.
For a Secret Clearance, verification of background information over a period of 10 years is required. Individuals must have lived in Canada for a sufficient period of time to enable the security screening process.
Language requirements
English
Information on language requirements and self-assessment tests
Assessment criteria
Candidates will be assessed on the basis of the following criteria:
Technical competencies
- Extensive knowledge of the general principles of Cyber Security operations;
- Significant knowledge of SIEM/XDR technologies, and specifically Microsoft Sentinel, Microsoft 365 Defender, and Microsoft Defender for Cloud;
- Strong knowledge of query and scripting tools such as Microsoft PowerShell and Kusto as well as reporting tools such as Power BI Report Builder;
- Broad knowledge of activities and technologies relevant to cyber security, including endpoint security, patch management, incident management, change management, network monitoring, malware analysis, vulnerability assessments, data loss prevention technologies etc.;
- Broad knowledge on all aspects of an IT infrastructure including server and workstation hardware and software, Windows and Linux operating systems, Windows Active Directory, TCP/IP networks and network architecture as they apply to IT security (e.g. zoning), encryption and communication technologies, cloud computing, etc.;
- General knowledge of cyber security related policies, directives, standards and guidelines used in the Government of Canada;
- General knowledge of cyber security standards and frameworks from NIST, CSE, ISO, CIS, etc;
Platform specific security certification (e.g. Microsoft, AWS) will be considered an asset;
Current industry standard security certification (e.g. CISSP, CISM, CCSP, CISA) will be considered an asset;
Behavioural competencies
- Technology support - Client focus (Level 3)
- Technology support - Communication (Level 3)
- Technology support - Conceptual and analytical ability (Level 3)
- Technology support - Initiative (Level 3)
- Technology support - Teamwork (Level 3)
- Technology support - Results orientation (Level 3)
Competency Profile(s)
For this position, the NRC will evaluate candidates using the following competency profile: Technology Support
View all competency profiles
Compensation
From $101,874 to $127,511 per annum.
NRC employees enjoy a wide-range of competitive benefits including a robust pension plan, comprehensive health and dental coverage, disability and life insurance, office closure at the end of December, and additional supports to enhance your well-being throughout your career and beyond.
Notes
- In 2025, the NRC was chosen as one of Canada’s Top Employers for Young People, a National Capital Region Top Employer and Forbes Canada’s Best Employer.
- Relocation assistance will be determined in accordance with the NRC's directives.
- A pre-qualified list may be established for similar positions for a one year period.
- Preference will be given to Canadian Citizens and Permanent Residents of Canada. Please include citizenship information in your application.
- The incumbent must adhere to safe workplace practices at all times.
- We thank all those who apply, however only those selected for further consideration will be contacted.
Please direct your questions, with the requisition number (24181) to:
E-mail: NRC.NRCHiring-EmbaucheCNRC.CNRC@nrc-cnrc.gc.ca
Telephone: 343-548-2032
Closing Date: 17 October 2025 - 23:59 Eastern Time
For more information on career tools and other resources, check out Career tools and resources
- If you are currently a term or continuing employee at NRC, please apply through the SuccessFactors Careersmodule from your NRC computer.
