INTRO

The purpose of this position is to support the implementation and effective delivery of CNL’s Cyber Security Program and is essential to delivering on APWB, CNSC Regulatory, and CNL/AECL Contractual obligations. This position reports to the Manager, Information Security Solutions (ISS) and is directly involved with Cyber Security audit and oversight functions to support both the operational aspects of the ISS department and Cyber Security Program and the planning and implementation of CNL Capital Projects. This senior level position includes additional responsibilities related to the complex tasks found within security investigations and auditing, along with a high degree of ‘sole contributor’ work that supports the development and improvement of the Cyber Security Program at CNL.

DUTIES
• Leads the development, implementation, and ongoing operation of CNL’s Cyber Security Program (based on NIST 800-53 and CSA N290.7-14 Standards).
• Coordinates and conducts audits of IT... systems and infrastructure (hardware/software compliance, user accounts, application access, etc.), ensures action items are identified, defined, and monitored for completion.
• Provides support to external auditors who are conducting audits and assessments against CNL systems and information.
• Assists in the design and execution of vulnerability assessments, penetration tests and security testing exercises.
• Participates in the execution of vulnerability assessments, penetration tests and security testing exercises.
• Monitors IT security toolset and enforce IT security policies and procedures, e.g. password policy compliance, approval of external users, ensure server configuration compliance, etc.
• Provide 2nd level Operational Support in assisting our customers and support teams in the response, assessment and containment of security-related activities.
• Creates reports on activities such as Internet usage, Email usage, and Malware/Virus Alerts. May be engaged in highly sensitive investigations and audits.
• Researches emerging threats, products, services, protocols, and standards in support of CNL’s Cyber Security Program, e.g. assess need for any security reconfigurations (minor to moderate) and works with appropriate groups to implement changes to services, .e.g. wireless, remote computing, encryption, etc.
• Makes formal and informal recommendations on to IT Leadership on long-term direction of the Cyber Security tools, infrastructure and Program.
• Participates in resolving identified Cyber Security Incidents and accurately document and report the details of Cyber Security Incidents. This includes participation in an on-call rotation for IT Incident Response.
• Recommends hardware/software security patches and any other security measures required in the event of a security breach.
• Provides input to Cyber Security Requirements for new projects, ensuring adequate Cyber Security engagement throughout the life of the project, e.g. contributes and reviews project proposals and solutions, conduct risk assessments to ensure risk levels are managed, and compliance with Cyber Security Program, Privacy, and Protection of Information requirements.
• Works collaboratively with other departments within CNL IT and our business partners (Security, HR, Legal, etc.) to deliver on CNL’s APWB commitments and interacts with external agencies on IT security issues, e.g. (AECL, TBS, PWGSC, RCMP, CSIS, etc.)

QUALIFICATIONS

Education
• Graduation from a 3 year College program from a recognized educational institution in Information Technology (focus on Network Technology and/or Security is desirable).
• Or graduation from an equivalent formal educational program and relevant IT experience.

Experience
• 7 years of experience in an IT position, with demonstrated 5 years’ experience related to IT security, auditing and compliance functions.

Abilities & Skills
• Demonstrated capability to conduct security and compliance audits.
• Demonstrated knowledge of computer operating systems and networks. (Windows/Linux/Cisco/wireless).
• Demonstrated knowledge of hacking techniques, investigative process and attack methods.
• Demonstrated investigative mindset with the ability to discover, identify, capture and document relevant information into a cohesive report.
• Consistently demonstrated analytical skills in security analysis and requirements to identify appropriate solutions.
• Self-motivated and demonstrates initiative when performing duties.
• Effective customer service orientation with ability to deal effectively with end users experiencing high levels of frustration.
• May on occasion be required to work overtime or address high stress situation with no advance warning, e.g. virus outbreak, malware infection or conduct investigations requiring immediate response.

Job/Industry Specific Knowledge
• Relevant training and experience in COBIT 5 and ITIL V3 frameworks is desirable.
• Relevant technical training, experience, and certification(s), such as, CISSP, SSCP (ISC2) or CISM, CISA (ISACA) or equivalent is highly desirable.

Why CNL?

Does working with a team across Canada to advance nuclear science and technology for a clean and secure world speak to you? We're reinventing ourselves to be the pace setters, so we can lead the charge in solving the problems that matter, like building the next generation of clean nuclear and hydrogen energy solutions, developing new and better-targeted cancer treatments, and continuing to lead the world in environmental remediation.

We offer a complete total rewards package:

o paid time off (vacation, sick, floater & personal);

o benefits effective day one, that’s right no waiting period;

o tuition support

o and a pension!

Location:

CNL works with employees across Canada to enable a remote workforce where possible. Our Work from Home employees are provided with the equipment required to be successful: laptop, monitor, external etc. Of course, we always love a visit to site when possible!

About CNL:

CNL is Canada's premier nuclear science and technology organization and a world leader in developing nuclear technology for peaceful and innovative applications. Using our unique expertise, we are restoring and protecting the Environment, we are advancing clean energy technology, and our medical breakthroughs continue to improve the health of people around the world.

Our Priorities:
• Clean energy for today and tomorrow.
• Restore and protect the Environment.
• Contribute to the health of Canadians.

CNL is committed to providing an atmosphere free from barriers that promotes equity, diversity and inclusion in achieving our mission. CNL welcomes and celebrates employees, stakeholders and partners of all racial, cultural, and ethnic identities.

CNL also supports a workplace environment and a corporate culture that is built on our Core Values: Respect, Teamwork, Accountability, Safety, Integrity and Excellence which encourage equitable employment practices and career prospects inclusive of accommodations for all employees.

CNL is committed to being an equal-opportunity employer. If you require accommodation measures during any phase of the hiring process, please indicate via our ATS when applying. All information received in relation to accommodation requests will be kept confidential.

The Chalk River Laboratories site is located on the unceded and unsurrendered territory of the Algonquin Anishinaabe people. As an organization, CNL recognizes and appreciates their historic connection to this place. CNL also recognizes the contributions that First Nations, Métis, Inuit and other Indigenous Peoples have made, both in shaping and strengthening this community in particular, and this province and country as a whole
Canada

Salary Criteria