Stream 6: Cyber Protection Services

C.1 Strategic Information Technology Security Planning and Protection Consultant

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply the Information Technology (IT) Security Policies, Procedures and Guidelines of International government, Federal, Provincial or Territorial government.
• Review, analyze, and apply the best practices, national or international computer law and ethics, IT Security architecture, and IT Security Risk Management Methodology
• Develop vision papers delineating the way ahead to ensure that IT Security and cyber protection are business enablers
• Conduct business function analysis and business impact assessments
• Brief senior managers
• Provide strategic assessments on technology trends and emerging technologies
• Provide IT Security strategic planning and advice.
• Conduct feasibility studies, technology assessments and cost-benefit analyses, and propose system implementation plans for IT Security
• Develop advanced R&D policy/strategy
• Collect, collate and prioritize client IT Security and Information Infrastructure Protection requirements
• Evaluate and assist in the selection of enterprise-wide technology tools
• Review and prioritize IT Security and Information Infrastructure Protection programs
• Develop strategic IT Security architecture vision, strategies and designs using the Business Transformation Enablement Program (BTEP) methodology and the Government Strategic Reference Model (GSRM)
• Develop IT Security programs and service designs using the following GSRM models: Program Logic Model, Program and Service Alignment Model, Service Integration and Accountability Model, State Transition Model, Information Model and Performance Model
• Develop and deliver training material relevant to the resource category

C.2 Information Technology Security Methodology, Policy and Procedures Analyst

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply Federal, Provincial or Territorial Government IT Security methodologies, programs, policies, procedures, standards, guidelines, and IT Security Risk Management methodologies.
• Develop IT Security standards, procedures and guidelines pursuant to the requirements of The National Security Policy, Policy on Government Security, supporting operational standards (for example, MITS), departmental/agency security policy, and other relevant standards, procedures and guidelines
• Develop IT Security policy in the areas of IT security and assurance, standard Certification & Accreditation frameworks for IT systems, information infrastructure protection, product evaluation, privacy, Business Continuity Planning, contingency planning and Disaster Response Planning, Research & Development
• Develop IT Security risk assessment methodologies for application to Government of Canada institutions
• Develop and deliver training material relevant to the resource category

C.3 Information Technology Security TRA and C&A Analyst

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply Federal, Provincial or Territorial IT Security policies, System IT Security Certification & Accreditation processes, IT Security products, safeguards and best practices, and the IT Security risk mitigation strategies
• Identify threats to, and vulnerabilities of operating systems (such as MS, Unix, Linux, and Novell), and wireless architectures
• Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal, Provincial or Territorial IT systems
• Develop reports such as: Data security analysis, Concepts of operation, Statements of Sensitivity (SoSs), Threat assessments, Privacy Impact Assessments (PIAs), Non-technical Vulnerability Assessments, Risk assessments, IT Security threat, vulnerability and/or risk briefings
• Conduct Certification activities such as: Develop Security Certification Plans, Verify that security safeguards meet the applicable policies and standards, Validate the security requirements by mapping the system-specific security policy to the functional security requirements, and mapping the security requirements through the various stages of design documents, Verify that security safeguards have been implemented correctly and that assurance requirement have been met. This includes confirming that the system has been properly configured, and establishing that the safeguards meet applicable standards, Conduct security testing and evaluation (ST&E) to determine if the technical safeguards are functioning correctly, Assess the residual risk provided by the risk assessment to determine if it meets an acceptable level of risk
• Conduct Accreditation activities such as: Review of the certification results in the design review documentation by the Accreditation Authority to ensure that the system will operate with an acceptable level of risk and that it will comply with the departmental and system security policies and standards and identify the conditions under which a system is to operate (for approval purposes). This may include the following types of approvals:
  • Developmental approval by both the Operational and the Accreditation Authorities to proceed to the next stage in an IT system's life cycle development if sensitive information is to be handled by the system during development
  • Operational written approval for the implemented IT system to operate and process sensitive information if the risk of operating the system is deemed acceptable, and if the system is in compliance with applicable security policies and standards
  • Interim approval—a temporary written approval to process sensitive information under a set of extenuating circumstances where the risk is not yet acceptable, but there is an operational necessity for the system under development
• Develop and deliver training material relevant to the resource category

C.4 Information Technology Security Product Evaluation Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/ or apply the:
  • Canadian Common Criteria Evaluation and Certification Scheme, or, any evaluation scheme recognized under the Common Criteria Recognition Arrangement
  • Product evaluation methodologies, standards and best practices
  • IT software and hardware security products
  • Operating Systems such as MS, Unix, Linux, and Novell
  • IT Security architectures including wireless
  • TCP/IP
  • Cryptographic Algorithms
  • FIPS 140 evaluation
  • Product evaluation policies, procedures and guidelines
  • Product assessment methodologies, evaluations and reports
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to:

• TCP/IP
• FIPS 140

C.5 Public Key Infrastructure Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience, or 5+ years of experience with one of the following certifications: SNIA Certified Professional (SCP) or SNIA Certified Systems Engineer (SCSE) or SNIA Certified Architect (SCA) or SNIA Certified Storage Networking  Expert (SCSNE)

Responsibilities could include but are not limited to

• Develop PKI related policies, standards, guidelines and procedures.
• Review existing PKI policies, standards, guidelines and procedures and provide advice as to their appropriateness and effectiveness
• Review and analyze the application of PKI architecture, Digital signatures/certificates, PKI products, Internet security protocols, directory standards, certificate protocols, and Certification Authority (CA).
• Interoperability and governance studies
• Conduct compliance audits of PKI related concerns, including operations, application systems and infrastructure.
• Conduct PKI related security threat and risk assessments of IT facilities, application systems and communications.
• Conduct PKI related reviews of backup and recovery plans.
• Investigate PKI related incidents and report cause and related weaknesses and recommend remedies.
• Develop PKI Certificate Policy, Practice Statement development, and Policy compliance inspections and audits.
• Design the PKI related framework and implement the PKI infrastructure required to protect assets and to support application systems.
• Provide advice on PKI aspects of application systems under development.
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program.
• Develop and deliver PKI awareness and training programs.

Specialties could include but are not limited to:

• SSL
• S-HTTP
• HTTP
• S-MIME
• IPSec
• SSH
• X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP

C.6 Information Technology Security Engineer

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze and/or apply:
  • Directory Standards such as X.400, X.500, and SMTP
  • Operating Systems such as MS, Unix, Linux, and Novell
  • Networking Protocols such as HTTP, FTP, and Telnet
  • Secure IT architectures fundamentals, standards, communications and security protocols such as IPSec, IPv6, SSL, and SSH
  • IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control
  • Protocol/Internet Protocol (TCP/IP) stacks
  • Domain Name Services (DNS) and Network Time Protocols (NTP)
  • Network routers, multiplexers and switches
  • Application, host and/or Network hardening and security best practices such as shell scripting, service identification, and access control
  • Intrusion detection/prevention systems, malicious code defence, file integrity, Enterprise Security Management and/or firewalls
  • Wireless technology
  • Cryptographic Algorithms
• Identify the technical threats to, and vulnerabilities of, networks
• Manage the IT Security configuration
• Analyze IT Security tools and techniques
• Analyze the security data and provide advisories and reports
• Analyze IT Security statistics
• Prepare technical reports such as IT Security Solutions option analysis and implementation plans
• Provide Independent Verification and Validation (IV&V) support to IT Security related projects including:
  • IT Security audits, including applicable reports, presentations and other documentation,
  • Review of contingency plans, Business Continuity Plans and Disaster Response Plans
  • Design/development and conduct IT Security protocols tests and exercises
  • Project oversight
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• SSH
• X.400/X.500 Directory Standards
• TCP/IP
• OSI
• DNS
• SMTP
• NTP IBM
• X.509 Certificate Protocols

C.7 Information Technology Security Design Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply: Architectural methods, frameworks, and models such as TOGAF, US government FEAP, Canadian government BTEP and GSRM, Zachman, UMM
• Review, analyze, and/or apply a broad range of security technologies including multiple types of systems and applications architectures, and multiple hardware and software platforms, including:
  • Directory Standards such as X.400, X.500, and SMTP
  • Operating Systems such as MS, Unix, Linux, and Novell
  • Networking Protocols (for example, HTTP, FTP, Telnet)
  • Network routers, multiplexers and switches
  • Domain Name Services (DNS) and Network Time Protocols (NTP)
• Review, analyze, and/or apply Secure IT architectures, standards, communications, and security protocols such as IPSec, SSL, SSH, S-MIME, HTTPS
• Review, analyze, and/or apply IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
• Review, analyze, and/or apply The significance and implications of market and technology trends in order to apply them within architecture roadmaps and solution designs. (examples: web services security, incident management, identity management)
• Review, analyze, and/or apply Best practices and standards related to the concept of network zoning and defence in-depth principles
• Review, analyze, and/or apply IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
• Analyze IT Security statistics, tools and techniques
• Analyze security data and provide advisories and reports
• Prepare technical reports such as requirement analysis, options analysis, technical architecture documents, mathematical risk modeling
• Brief senior managers
• Security architecture design and engineering support
• Conduct data security designation/classification studies
• Prepare tailored IT Security alerts and advisories from open and closed sources Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL
• HTTP
• HTTPS
• FTP
• Telnet
• S-MIME
• IPSec
• SSH
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• OSI
• DNS
• SMTP
• NTP IMS

C.8 Network Security Analyst

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Internet security protocols such as SSL, S-HTTP, S-MIME, IPSec, SSH
  • TCP/IP, UDP, DNS, SMTP, SNMP
  • Approved GC Cryptographic Algorithms
  • Directory Standards such as X.400, X.500, and SMTP
  • Networking Protocols (for example, HTTP, FTP, Telnet)
  • Network hardening (for example: shell scripting, service identification)
  • Technical IT Security safeguards
  • IT Security tools and techniques
  • Operating Systems such as MS, Unix, Linux, and Novell
  • Intrusion detection systems and firewalls
  • Network routers, multiplexers and switches
  • Wireless technology
• Analyze security data and provide advisories and reports
• Conduct impact analysis for new software implementations, major configuration changes and patch management
• Develop proof-of-concept models and trials for IT Security
• Design/develop IT Security protocols
• Identify and analyze technical threats to, and vulnerabilities of, networks
• Analyze IT Security tools and techniques
• Complete tasks related to authorization and authentication in physical and logical environments
• Prepare tailored IT Security alerts and advisories from open and closed sources
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.9 Information Technology Security Systems Operator

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze and/or apply:
  • Networking Protocols (HTTP, FTP, Telnet)
  • Internet security protocols (for example: SSL, S-HTTP, S-MIME, IPSec, SSH)
  • TCP/IP, UDP, DNS, SMTP
  • Directory Standards such as X.400, X.500, and SMTP
  • Network routers, multiplexers and switches
  • Network hardening (for example: shell scripting, service identification)
  • Wireless technology
  • Technical threats to, and vulnerabilities of, networks
  • Technical IT Security safeguards
  • IT software and hardware security products
• Configure operating systems such as MS, Unix, Linux and Novell
• Configure IT Security management
• Configure intrusion detection systems, firewalls and content checkers, extracting and analyzing reports and logs, and responding to security incidents
• Configure/update virus scanners
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.10 Information Technology Security Installation Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • MITSand TB ITS section 6.9 (structured wiring)
  • Networking Protocols (HTTP, FTP, Telnet)
  • Internet security protocols (for example: SSL, S-HTTP, S-MIME, IPSec, SSH)
  • TCP/IP
  • Secure integration of PC, router and hub technology
• Identify and analyze threats to, and vulnerabilities of, IT systems and IT Security safeguards
  • Install, configure, integrate, policy fine-tune, operate, monitor performance, and detect faults in the system for:
  • Host and network intrusion detection and prevention systems
  • Network and computer forensics systems
  • Firewalls, VPNs and network devices
  • Enterprise network vulnerability tools
  • Malicious code, anti-spam and content management tools
  • File integrity tools
  • Remote management utilities
  • Enterprise Security Management (ESM)/Security Information Management (SIM) systems
  • Data preservation and archiving utilities
  • Threat agents analysis tools and other emerging technologies including privacy enhancement, predictive analysis, VoIP, data visualization and fusion, wireless security devices, PBX and telephony firewall
• Install operating systems such as MS, Unix, Linux, and Novell
• Install intrusion detection systems, firewalls and content checkers
• Install and integrate supporting access control technology, such as CCTV, card access readers, electronic access control systems
• Completed tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• SSH
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.11 Information Technology Security Vulnerability Analysis Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Threat agents analysis tools and other emerging technologies including privacy enhancement, predictive analysis, VoIP, data visualization and fusion, wireless security devices, PBX and telephony firewall
  • War dialers, password crackers
  • Public Domain IT vulnerability advisory services
  • Network scanners and vulnerability analysis tools such as SATAN, ISS, Portscan & NMap
  • Networking Protocols (HTTP, FTP, Telnet)
  • Internet security protocols such as SSL, S-HTTP, S-MIME, IPSec, SSH, TCP/IP, UDP, DNS, SMTP, SNMP
  • Wireless Security
  • Intrusion detection systems, firewalls and content checkers
  • Host and network intrusion detection and prevention systems - Anti-virus management
• Identify threats to, and technical vulnerabilities of, networks
• Conduct on-site reviews and analysis of system security logs
• Collect, collate, analyze and disseminate public domain information related to networked computer threats and vulnerabilities, security incidents and incident responses
• Prepare and/or deliver IT Security threat, vulnerability and/or risk briefings
• Completed tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.12 Incident Management Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Network scanners and vulnerability analysis tools such as SATAN, ISS, Portscan & NMap
  • Reporting and resolution procedures for IT Security incidents (for example DOS attacks) and International IT Security incident advisory services
  • Networking Protocols such as HTTP, FTP, Telnet
  • Internet security protocols such as SSL, S-HTTP, S-MIME, IPSec, SSH
  • TCP/IP, UDP, DNS, SMTP, SNMP
  • Intrusion detection systems, firewalls, content checkers and antivirus software
  • Network infrastructure components, such as multiplexers, routers/hubs, switches
• Provide incident analysis support, including:
  • Response mechanisms
  • Co-ordination of all prevention and response plans
  • Emergency Operations Centre (EOC) activities
  • Co-ordination with the national Integrated Threat Assessment Centre and Government Operations Centre
  • Participation in the Integrated National Security Framework and National Cyber Security Strategy
• Collect, collate, analyze and disseminate public domain information related to networked computer threats and vulnerabilities, security incidents and incident responses
• Conduct on-site reviews and analysis of system security logs
• Produce system activity reports,logs and incident analysis
• Assist in managing and running an incident response centre
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.13 Physical Information Technology Security Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply risk management methodologies and GC, Provincial or Territorial IT Security Policies, Procedures, Standards, Guidelines.
• Conduct safeguard analysis and implementation for the physical protection of personnel and Information System (IS) assets
• Identify and analyze physical threats to, and vulnerabilities of networks
• Conduct activities related to authorization and authentication in physical and logical environments
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

C.14 Information Technology Security R&D Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Canadian universities and industrial IT Security R and D capabilities
  • Directory Standards such as X.400, X.500, and SMTP
  • Networking Protocols such as HTTP, FTP, Telnet
  • Internet security protocols such as SSL, S-HTTP, S-MIME, IPSec, SSH
  • Wireless Security, Bluetooth standards
  • TCP/IP, UDP, DNS, SMTP, SNMP standards and protocols
  • Intrusion detection systems, firewalls and content checkers;
  • Cryptographic Algorithms
  • Security best practices
• Develop and implement Security Programs such as: biometrics, digital rights management, RFID, access control, removable media management, etc
• Design and develop prototypes
• Research of open source material with a view to analyzing trends and emerging technologies
• Develop proof-of-concept models and trials for IT Security
• Analyze Research & Development reports
• Participate in national/international Research & Development forums
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

Specialties could include but are not limited to

• SSL,
• S-HTTP
• HTTP
• FTP
• Telnet
• S-MIME
• IPSec
• X.400/X.500 Directory Standards
• X.509 Certificate Protocols
• TCP/IP
• UDP
• DNS
• SMTP
• SNTP

C.15 Computer Forensics Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Forensic policy, standards, procedures and guidelines
  • Network and computer forensics systems
  • Secure laboratory operations
  • Chain of custody of evidence
  • Computer Incident Investigative Planning and Conduct
  • Courtroom presentations
  • National or international computer law and ethics
• Draft investigative reports
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

C.16 Privacy Impact Assessment Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Review, analyze, and/or apply:
  • Treasury Board Privacy Impact Assessment Policy and Guidelines
  • Federal Privacy Act and Regulations
  • Treasury Board Privacy and Data Protection Policy
  • Personal Information Protection and Electronic Documents Act (PIPEDA)
  • GC IT/IM policies and guidelines
  • Government On-Line (GOL) initiatives
  • Secure Channel Network including its technical and business processes and service offerings
  • IT Security practices and principles
  • IT Security technological solutions
• Conduct privacy impact assessments (PIAs) and preliminary privacy impact assessments (PPIAs) of projects and concepts, in accordance with the requirements of:
  • Treasury Board Privacy Impact Assessment Policy
  • Treasury Board Privacy Impact Assessment Policy Guidelines
  • Other relevant standards, procedures and guidelines
• Analyze the flow of information using the PIA model provided by the client
• Conduct privacy analysis to provide evidence of compliance with privacy principles and to identify privacy risks
• Develop Privacy Risk Management Plans
• Develop recommendations as to possible privacy risk mitigation strategies
• Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
• Develop and deliver training material relevant to the resource category

C.17 EMSEC Security Specialist

Experience levels

• Level 1: < 5 years of experience
• Level 2: 5- < 10 years of experience
• Level 3: 10+ years of experience

Responsibilities could include but are not limited to

• Plan, review, develop and provide recommendation on the installation of high assurance crypto devices and classified IT systems in accordance with EMSEC policies and guidance publications
• Conduct EMSEC inspection of facilities and make recommendations with respect to relevant aspects of classified IT security architecture and systems
• Review, analyze, evaluate and provide recommendations relating to EMSEC zoning
• Review, analyze, test/evaluate and provide recommendations relating to walk-in radio frequency shielded enclosures

Date modified:

2019-11-13