Senior Network Security Specialist

Job Information

Overall Purpose

The Senior Network Security Specialist will act as a technical and operational subject matter expert in relation to cybersecurity systems, cloud security, and digital forensics for the Ottawa Police Service (OPS).

Reporting to the Team Lead for Information Security and Compliance, the role focuses on ensuring the stable operation, monitoring, and security of the IT infrastructure. The incumbent will plan, develop, configure, and maintain cybersecurity systems, including cloud-based and on-premises environments, while proactively identifying, monitoring, and remediating potential threats and vulnerabilities.

Major Responsibilities

Cybersecurity Operations:

• Ensure the stable operation of IT security infrastructure, including Data Loss Prevention (DLP), Threat and Vulnerability Management (TVM), Identity and Access Management (IAM), and Security Incident and Event Management (SIEM).
• Monitor alerts, investigate security incidents, and remediate issues using tools such as Microsoft Defender, Azure, and other SIEM platforms.
• Conduct IAM audits and implement modifications to ensure compliance with organizational policies.
• Analyze, troubleshoot, and resolve security alerts, network performance issues, and system vulnerabilities.

Cloud Security and Infrastructure Management:

• Architect, configure, and maintain secure solutions on Azure and GCP platforms.
• Manage cloud security tools and environments, ensuring compliance with best practices and organizational standards.
• Support the design, implementation, and optimization of network security in hybrid (on-premises and cloud) environments.
• Perform periodic reviews and updates to M365/Azure security configurations.

Digital Forensics and Incident Response:

• In support of the Cybercrime team, conduct digital forensic investigations, including evidence collection, memory analysis, and incident root cause analysis.
• Use open-source tools and frameworks for forensic analysis and reporting.
• Document forensic findings and support the legal team as required for incident investigations.

Security Tools and Development:

• Deploy and manage containerized security tools using Docker or Kubernetes.
• Implement and maintain endpoint protection solutions and other monitoring tools.
• Leverage open-source tools for security monitoring, log analysis, and forensic workflows.

Security Policy Development and Compliance:

• Develop, document, and enforce security policies, procedures, and guidelines in alignment with industry standards (e.g., NIST, ISO 27001).
• Conduct periodic audits to ensure compliance with internal and regulatory standards.

Collaboration and Technical Support:

• Collaborate with technical teams to address system vulnerabilities and improve overall security posture.
• Provide guidance and support for firewall, VPN concentrator, and security appliance configurations.
• Act as a backup for the Team Lead, providing operational coverage as needed.

Perform other duties as required or directed.

Major Responsibilities (continued)

Major Responsibilities (continued)

Statement of Required Qualifications

EDUCATION 

• Graduate from a four (4) year university program in Computer Science, Cybersecurity, Information Technology, or a related field.
• Experience and formal training combined may substitute for stipulated education requirements. 

EXPERIENCE 

Minimum of five (5) years experience in a cybersecurity-focused role including:

• Proven track record of implementing, managing, and maintaining security systems in both cloud and on-premises environments.
• Experience and demonstrated expertise in designing, implementing, and managing security systems.
• Experience with tools and solutions such as SIEM, IAM, DLP, and threat management platforms.
• Hands-on experience with Azure or GCP security and configuring cloud-based security tools.
• At least three (3) years of experience in incident response, digital forensics, and threat analysis.
• Proficiency in managing and deploying containerized applications (e.g., Docker, Kubernetes).

LANGUAGE 

• English – fluency in oral, reading, and writing. 

Certifications and Licences

Completion of, or in the process of completing, one or more of the following certifications (or equivalent demonstrated experience):

• Certified Information Systems Security Professional (CISSP).
• Microsoft Azure Security Engineer Associate or equivalent GCP certification.
• Offensive Security Certified Professional (OSCP), Certified Ethical Hacker (CEH) or similar certification in penetration testing.
• Certifications in Digital Forensics (GCFE).
• Certified Cloud Security Professional (CCSP).

In service Training

The following mandatory training and education is provided to all civilians of the OPS: 

• Occupational Health & Safety.  
• Respectful Workplace.  
• Violence in the Workplace. 
• Accessibility for Ontarians with Disabilities Act (AODA). 
• Road to Mental Health Readiness (R2MR) 
• Equity, Diversity, and Inclusion (EDI). 

Training will be provided for new hardware and software applications added as part of the OPS ITS infrastructure. 

All employees of the OPS are expected to complete all additional and new mandatory training as prescribed by the Office of the Chief.

Job Knowledge

Working knowledge of:

• Project Management Principles.
• The Organization’s Mission, Vision and Values.
• Operating system architectures.
• Network architectures and theory and principles of design, integration, and administration, including wireless topologies and protocols.
• Principles, practices and methods of systems / network administration and maintenance, including configuration, performance tuning and security.
• Packet filtering and Proxy software.

Advanced knowledge of:

• Methods and techniques for performing connectivity testing and network analysis and troubleshooting, including use of diagnostic tools and equipment.
• Security solutions such as M365/Azure Security Configuration, Threat & Vulnerability Management Systems, Data Loss Prevention, Privileged Access Management and Security Incident and Event Management
• Internet / intranet technologies and design concepts and techniques, including firewall configuration.
• Microsoft, Linux system administration and security knowledge.
• Security monitoring tools.
• Root cause analysis. 
• Threat hunting.
• Sound understanding of Internet and email concepts, including networking and firewalls.

OPS Competencies

Hours of Work

Effort and Working Conditions

• Work is typically performed within standard IT and office environments. 
• Required to lift heavy boxes, move computer equipment around and crawl into tight spaces. 
• Standing for long periods of time working at servers in a computer room. 
• High levels of concentration are required. 
• Occasional to regular travel between OPS sites is required. 

Desired Qualifications

• Oral, reading, and writing fluency in French or other languages.
• Experience configuring clustered or HA environments.
• Knowledge of advanced threat detection and response techniques, including MDR/XDR solutions.
• Experience in architecting and securing hybrid cloud environments.