Cyber Security Risk Specialist

Job Posting Title

Cyber Security Risk Specialist

Job Category

IT Security

Language Requirements

Bilingual / BilingueIn the event a qualified bilingual candidate is not found, a qualified unilingual candidate will be considered. / Dans l’éventualité où un candidat bilingue qualifié n’est pas disponible, un candidat unilingue qualifié sera considéré.

Flexible Work Agreement Type

Hybrid / Hybride

Posting End Date

2025-10-08

Job Grade

PIPSC-3

Pay Range

$111,451 - $140,007

Job Summary

The Cyber Security Risk Specialist contributes to NAV CANADA’s Enterprise Cyber Security Program by participating in Cyber Risk & Resilience activities to ensure the delivery of safe and secure Air Navigation Services. The role requires strong analytical skills, sound judgment, and the ability to make decisions with incomplete information. It also demands excellent interpersonal skills to build relationships, communicate effectively, and resolve conflicts with both internal and external stakeholders. Preference will be given to candidates who hold the Certified in Cybersecurity (CC) or another (ISC)² certification.

Job Description

What Nav Canada Offers You:

• Challenging, team-oriented work environment
• Competitive compensation and benefits
• Defined benefit pension plan
• Opportunities for growth and development
• Flexible work arrangements
• Diverse and inclusive workforce

Key Accountabilities:

• Assist in the coordination, tracking, and production of metrics for activities subject to the Enterprise Cyber Risk Management Framework (ECRMF).
• Support Maintenance and Updates of the ECRMF.
• Provide expertise in Cyber Risk Management and Assessment of Risk as it relates to Cyber Security within NAV CANADA.
• Secondary duty to provide support to the Vulnerability Management Program up to one day a week.
• Assess the current situation, evaluating trends and anticipating cyber security requirements.
• Assist in the development and improvement of new cyber security initiatives.
• Formulating forward-looking roadmaps, strategies and plans to advance cyber security within NAV CANADA.                                                  
• Collaborate with peers and external partners for the betterments of information sharing amongst various external cyber security groups.
• Assess security controls based on cybersecurity principles and tenets. (e.g., ISO 27001 and/or ISO 27002, CIS, NIST SP 800-53, Cybersecurity Framework, etc.).
• Identify protection needs (i.e., security controls) of information systems, networks, and operational systems.
• Apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation).
• Detail plans and designs such as architectures, specifications, processes, test cases and scripts.
• Contribute to documentation and critical analysis of policies, standards, procedures, frameworks, programs and workflows.
• Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment.
• Improve cybersecurity posture by overseeing remediation initiatives related to third party audits and assessments.
• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.

Job Requirements

Education:

Graduation from a recognized postsecondary institution with specialization in cyber security, computer science, systems engineering, data analytics; or an acceptable combination of education, experience and training

Experience:

• 3–5 years of professional experience in Cybersecurity or a related field such as risk assessment or risk management.
• Previous experience using specialized tools in support of cyber security activities.
• Experience conducting risk assessment related to technical issues, conducting research, and presenting solutions to management.
• Practical experience in the planning and delivery of small-scale projects, including the preparation of required documentation.

Knowledge:

• Knowledge of NAV CANADA’s mandate, mission, and organization structure.
• Knowledge of Cyber Risk Management methodologies.
• Knowledge of Vulnerability Management.
• Knowledge of Project Management.

Abilities:

• Ability to apply analytical methods typically employed to support planning and to justify recommended strategies and courses of action.
• Ability to evaluate information for reliability, validity, and relevance.
• Ability to apply confidentiality, integrity, and availability principles.
• Ability to develop or recommend analytic approaches or solutions to problems and situations with incomplete information or no precedent.
• Ability to provide understanding of target or threat systems through the identification and link analysis of physical, functional, or behavioral relationships.
• Ability to prepare and present briefings.
• Ability to work respectfully with clients while balancing their needs and project goals.

Personal Suitability:

• Effective in establishing and maintaining appropriate interpersonal relationships when dealing with team members, colleagues, and superiors.
• Seeks out new avenues for building internal and external relationships.
• Maintains positive relationships with key customers, suppliers, etc., who have a significant impact on the success of the organization.
• Resolves conflicts in an effective manner.

Working Conditions:

• Primary work location is at the Ottawa Logistics Centre, Tom Roberts Ave, Ottawa, ON. Position classified hybrid and requires minimum of Three day on site.
• Typically conducted in a cubicle and/or open office and/or meeting room and/or lab environments using computer-based tools.
• Participation in two or more active projects / assignments where multi-tasking is required.
• Time pressures are tight with multiple deadlines, but the Specialist has control over the sequencing of work schedule.
• Travel may be required.
• Requirement for onsite work in event of security events.
• Eligibility for Level II or higher security clearance from GoC.

NAV CANADA is committed to building a skilled, diverse workforce reflective of Canadian society. If you do not believe that you match every job requirement listed on this job posting, we still encourage you to apply. NAV CANADA encourages a culture of learning and growth, and recognizes that although some technical skills are mandatory, many others can be taught.

Our Company strives to create an inclusive and barrier-free selection process and work environment. If you require accommodations during this competition process, please ensure that you inform the interview coordinator or hiring manager of any accommodation measures you may require. NAV CANADA will provide accommodations throughout the recruitment and selection process to applicants with disabilities as required.

The successful candidate must meet the security requirement of the position and be legally able to work in Canada.

We thank all applicants for their interest; only those selected for next steps will be contacted.

-