Senior Cyber Threat Intelligence Analyst

Important messages

We are committed to providing an inclusive and barrier-free work environment, starting with the hiring process. If you need to be accommodated during any phase of the evaluation process, please use the Contact information below to request specialized accommodation. All information received in relation to accommodation will be kept confidential.

Assessment accommodation

❗❗ FINTRAC is a separate agency, and has its own classification system. This position is classified as FT-04, which is equivalent to the following groups and levels: IT-03, CS-03.

🤫 Discretion is KEY!

Due to the nature of our work, we ask that you limit whom you tell about your application to FINTRAC – especially on social media. Please limit any discussions with your partner, or close family members and ensure they understand the need to be discreet.

Duties

The Senior Cyber Threat Intelligence Analyst plays a critical role in protecting FINTRAC’s IT systems and infrastructure. Responsibilities include monitoring emerging cyber threats, analyzing vulnerabilities, and delivering actionable intelligence to enhance the Centre’s security posture. The role involves collaborating with incident response teams and external partners and vendors, as well as engaging with internal stakeholders to communicate threat research findings.

This position also includes maintaining and optimizing threat intelligence tools and advancing existing service offerings by creating improvised processes and procedures. A key responsibility is providing expert guidance on a weekly, monthly, and on-demand basis through detailed reports, formal briefings, and training sessions.

Additional responsibilities include triaging and analyzing threat data from various intelligence sources and conducting targeted research into cyber related issues such as cybercrime and espionage operations, vulnerability and data breach disclosure, and malware and adversary TTPs. The role also involves performing malware analysis, including hacking tools and crimeware.

Work environment

At FINTRAC, we help to combat money-laundering; terrorist activity financing and threats to the security of Canada.

As a separate employer in the Government of Canada (GoC), we embrace FLEXIBILITY, VALUE our TALENT, INNOVATION and DIVERSITY! We are proud of our excellence-driven culture bolstered by our commitment to a respectful, healthy, diverse and inclusive workplace.

We have our own unique classification system and unique group (FTs) with relevant equivalencies noted above. As a FINTRAC employee, you benefit from:

► Competitive salary;
► Eligibility for performance pay at all classification levels within the organization;
► Comprehensive benefits package including: Health and Dental Plan; Disability benefits; Life insurance;
► Minimum of three (3) weeks of vacation leave per year. In addition to vacation, FINTRAC employees receive two (2) personal days, and five (5) days of Family Related Leave with Pay every year, among other various types of paid and unpaid leaves;
► Flexible work arrangements, as part of our Hybrid Workplace*;
► Broad range of learning opportunities to encourage employee innovation; and,
► Strong support for employee wellness and mental health including access to the confidential employee assistance program.

*Where operationally feasible.

📍 This position requires onsite presence at our headquarters located in downtown Ottawa (234 Laurier Avenue West, Ottawa, Ontario) 3 days per weeks or as operationally required.

Intent of the process

Anticipatory Staffing: The intent of this process is to fill one (1) indeterminate position and use this process to staff similar term and/or indeterminate positions, with various language requirements, that may become available.

Positions to be filled: 1

Information you must provide

Your résumé.

In order to be considered, your application must clearly explain how you meet the following (essential qualifications)

EDUCATION:

ED1 - Graduation from a two-year program of study from a recognized post-secondary institution with acceptable specialization in computer science, information technology, information management or another specialty relevant to the position to be staffed.

Note:
- Indeterminate incumbents in the IT group on December 9, 2021 who do not possess the education prescribed above, are deemed to meet the minimum education standard based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the IT group.

Indeterminate incumbents of positions in the CS group on May 10, 1999, who do not possess the education prescribed above, are deemed to meet the minimum education standard based on their education, training and/or experience. They must be accepted as having met the minimum education standard whenever this standard is called for when staffing positions in the IT group.

At the manager’s discretion, an acceptable combination of education, training and/or experience may serve as an alternative to the minimum education stated above. Whenever the minimum education is met using this alternative, it is met for the specific position only and must be re-assessed for other positions for which this alternative has been specified by the manager..

Degree equivalency

EXPERIENCE:

EXP1 - Significant* experience in collecting, analyzing, and disseminating cyber threat intelligence to support organizational security objectives.

EXP2 - Experience in monitoring and assessing emerging cyber threats, vulnerabilities, and adversarial tactics, techniques, and procedures (TTPs).

EXP3 - Experience in collaborating with incident response teams and supporting the analysis and investigation of IT security incidents or vulnerabilities.

EXP4 - Experience in maintaining and utilizing cyber threat intelligence tools, databases, and platforms.

EXP5 - Experience providing skilled guidance, training, or briefings to internal stakeholders on cybersecurity threats and intelligence.

EXP6 - Significant* experience as a cyber intelligence analyst, incident responder, threat hunter, malware reverse engineer, or similar role.

*Significant experience is defined as experience that is comprehensive (covering a wide range of responsibilities), deep (showing thorough involvement), and complex (involving challenging tasks), normally associated with having performed such duties for a minimum of five (5) years.

If you possess any of the following, your application must also clearly explain how you meet it (other qualifications)

ASSETS:

AS1 - Graduation with a degree from a recognized post-secondary institution with acceptable specialization in computer science, Security or another specialty relevant to the position to be staffed.

Degree equivalency

ASSETS:

AS2 - Industry certifications such as CISSP, GIAC, CEH, or equivalent.

AS3- Experience with threat intelligence platforms (TIPs) and Security Information and Event Management (SIEM) tools.

AS3 - Experience in investigative journalism.

AS4 - Experience working in large-scale security operations especially for large corporations, military, or government organizations.

AS5 - Experience with static and dynamic malware analysis of Windows binaries, using tools such as Ghidra, IDA Pro, x64dbg, dnSpy and Wireshark.

The following will be applied / assessed at a later date (essential for the job)

Bilingual - Imperative (BBB/BBB)

Information on language requirements

KNOWLEDGE:

K1 - Knowledge of cybersecurity principles, threat intelligence methodologies, and tools.

K2 - Knowledge of adversarial tactics, techniques, and procedures (TTPs) and their application in securing systems and infrastructure.

K3 - Knowledge of Cloud technologies, AI/ML technologies and OWASP frameworks.

ABILITIES:

A1 - Ability to communicate effectively in writing and orally;

A2 - Ability to communicate technical information effectively to diverse audiences, including non-technical stakeholders;

A3 - Ability to collaborate effectively across multidisciplinary teams in high-pressure situations; and

A4 – Ability to manage, prioritize, and execute with minimal direction or oversight in a high-pressure environment.

LEADERSHIP COMPETENCIES:

LC1 - Engagement (Working effectively with people, organizations and partners);

LC2 - Values and Ethics (Serving through integrity and respect);

LC3 - Excellence through results (Delivering results through own work, relationships and responsibilities); and,

LC4 - Strategic Thinking (Innovating through analysis and ideas).

The following may be applied / assessed at a later date (may be needed for the job)

ASSETS:

AS6 - Knowledge of regulatory and compliance frameworks related to cybersecurity;
AS7 - Knowledge of tactical and strategic cyber threat framework;
AS8 - Knowledge of tracking adversary infrastructure and OSINT tools/techniques; and
AS9 - Understanding of the Global Cyber Threat Landscape including threat groups, attack vectors, and methods of exploitation.

ORGANIZATIONAL NEEDS:

FINTRAC is proud to be an inclusive employer that attracts and retains a talented workforce reflective of Canada’s rich diversity. We embrace diversity & inclusion and believe that diversified perspective and ideas is pivotal to achieving the Centre’s mandate. We believe that an inclusive work environment allows diverse teams to flourish, which in turn will help to further enhance innovation, creativity and our staff’s well-being!

Accordingly, preference may be given to candidates who are members of one or more of the Employment Equity groups (Persons with disabilities, members of visible minorities, women, and Indigenous persons), and have voluntarily completed the self-declaration form on their application. Therefore, we encourage candidates to indicate voluntarily on their application if they are a member of one of these groups.

OPERATIONAL REQUIREMENTS:

Willingness and ability to work overtime on weekend and evenings occasionally, sometimes with short notice.

Conditions of employment

Top Secret security clearance - You must be a Canadian Citizen and eligible for a Top Secret security clearance to FINTRAC's standards.

FINTRAC’s process includes a suitability interview, a credit and financial check, fingerprinting, a background investigation covering at least the last 10 years, as well as other assessments necessary to determine a candidate’s suitability for work at FINTRAC.

Candidates must be able to produce sufficient records to any period of time spent outside of Canada and may be subject to further assessment.

As needed, candidates may be required to submit security documentation and may be subject to security investigations at any phase of the selection process.

Suitability is an on-going condition of employment at FINTRAC and must be maintained.

We understand that FINTRAC’s security clearance process is demanding. Protecting the safety of Canadians and the security of Canada’s economy is what we do; that is why all candidates go through a rigorous screening process before becoming a FINTRAC employee.

For more information regarding FINTRAC's Security and Suitability requirements, please visit: https://www.fintrac-canafe.gc.ca/emplo/req-eng.

Other information

The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply.

Information on employment equity

Accessibility is part of our mandate and preoccupations. As a result, in support of achieving a diversified workforce and our employment equity goals, qualified candidates who self-declare in a staffing process as Indigenous peoples, persons with disabilities, visible minorities and/or women may be selected for appointment to fulfill organizational needs, including reducing representation gaps.

The Public Service of Canada is committed to building a skilled and diverse workforce that reflects the Canadians we serve. We promote employment equity and encourage you to indicate if you belong to one of the designated groups when you apply.

📋 HOW TO APPLY

🚩 Candidates must submit their application through the online system available at: www.jobs.gc.ca. Applications submitted in any other format will not be accepted. If you are unable to apply online or require accommodation for any reason, you must contact the HR Services team at FINTRACJobs-EmploisCANAFE@fintrac-canafe.gc.ca or by phone at 343-571-7338, before the closing date.

Please clearly demonstrate in your resume and screening questions how you meet each Education and Experience criteria by providing CONCRETE examples including where, when and how these qualifications were acquired. Failure to do so will result in the screening out of your application.

→ We strongly encourage all candidates to answer all questions (including asset qualifications) for which they meet the criteria as they may be invoked for selection purposes. Note that it is not sufficient to simply state that the qualification is met, or to only provide a listing of current or past responsibilities. Resumes may be used as a secondary source to validate the experience.

✏️ ASSESSMENT

► Various tools (such as answers to screening questions, emails, or online assessment) may be used to assess the ability to communicate effectively in writing.
► Online evaluations and various assessment tools may be used.
► An interview will be administered.
► Reference checks will be sought.

Assessments may be conducted virtually by email, telephone and/or videoconference. It is the candidate’s responsibility to ensure that their computer and mobile equipment are in working condition before starting an assessment.

📌 NOTES

For this selection process, it is our intention to communicate with candidates via email. Candidates must include a valid email address in their application. It is the candidate’s responsibility to ensure accurate information is provided and updated as required.

Any travel expenses incurred by candidates to attend evaluations for this recruitment process will be the candidate's responsibility.

If the position is staffed on a temporary basis, through Interchange Canada, or through an internal assignment and/or acting opportunity, the approval of your management will be required.

A short list of candidates may be selected for interview and/or exam based on a combination of experience, career progression and achievements, and overall presentation in the application. Only those selected for further consideration will be contacted.

We thank all those who apply. Only those selected for further consideration will be contacted.

Contact information

Apply online