Important

Do not discuss your application with others (including on social media) besides your partner, or close family members - who should also be reminded about the need to be discreet.

Closing Date

2025-11-14

Reference Number

25-968-08-058

Job Category

Experienced

Who Can Apply

Canadian Citizens

Location

Ottawa, Ontario

Salary Range

$99,392 - $120,917

Status

Indeterminate (permanent)

Language Requirement

English Essential

Job Summary

As a Network Exploitation Analyst at CSIS you will be part of a team of energetic professionals in the area of operational investigations. Your day will be filled with the excitement and challenges that you would expect as a Technical Analyst within Canada’s spy agency. Your role within our agency will offer you the chance to become part of a dedicated team that investigates cyber threats to the security of Canada, such as cyber-espionage, cyber-foreign-influenced-activities, and cyber-terrorism. Your day-to-day functions will include conducting technical analysis of Adversary Computer Network Exploitation artifacts using forensics and other methodologies. You will also be involved in the development, design, implementation, and maintenance of creative systems and tools which support cyber national security investigative activities. A career as a Network Exploitation Analyst within CSIS will provide you with the opportunity to play a key role in keeping Canadians Cyber safe by investigating and countering cyber-attacks impacting Canada and Canadian interests.

Network Exploitation Analyst:

• Conduct technical analysis of technical artifacts using reverse engineering and forensics.
• Prepare technical assessments and operational reports.
• Design, implement and maintain onsite or cloud based systems to support cyber investigative activities.
• Correlate incident data to identify specific vulnerabilities and make recommendations.
• Coordinate with intelligence analysts to correlate threat assessment data.
• Analyze computer-generated threats for counter intelligence or criminal activity.
• Provide input and assist in the development of plans and guidance.

Education

• Undergraduate degree in Computer Science or Engineering and three (3) years of relevant experience*.
• Technologist diploma (3 year diploma) and four (4) years of relevant experience*.
• Professional technologist equivalency designation and four (4) years of relevant experience*.
• Graduation from a two (2) years program of study from a recognized post-secondary institution with acceptable specialization in the fields listed below and five (5) years of relevant experience*.
  • computer science;
  • information technology;
  • engineering;
  • network security;
  • cyber security;

The Undergraduate degree/College Diploma must be in field of studies needed for the position. It must be obtained from an accredited learning institution recognized in Canada. If you completed a program outside of Canada you will be required to obtain proof of a Canadian equivalency at your expense from an accredited learning institution recognized in Canada.

Experience

Candidates must demonstrate a combination of experience in all five of the subjects listed below. The number of years of experience must be acquired and demonstrated for each subject.

• Relevant experience is defined by:

• Experience in scripting / automating processing (e.g. Python, PHP, shell) or software development (C/C++)

• Experience in IT Security appliances (e.g. VPN, Firewall, IDS, etc.)

• Experience with network communication protocols (e.g. DNS, TCP, etc.)

• Experience with IT Infrastructure (LAN/WAN, networking)

Candidates must also possess one (1) year in the following:

• Experience in researching and analysing IP addresses, network traffic, Domains, WHOIS data, DNS information and other selectors from Open Sources

Competencies

• Analytical Skills
• Ability to Learn
• Rigour
• Communication
• Collaboration

Assets

An asset qualification is a qualification which can enhance the ability to perform the work based on current and future business requirements, but which is not strictly required. Assets can help determine right fit in certain circumstances.

• Experience with threat intelligence platforms such as MISP or similar
• Experience in malware signature development (e.g. regex, yara)
• Experience in malware analysis, network penetration testing, vulnerability research, or software exploit development
• Experience in providing briefings and presentations

Conditions of Employment

• Successful candidates may be eligible to the IT Market Modifier.

Official Language (OL) Proficiency

• English Essential (Imperative)

This selection process may be used to staff anticipated vacancies or other similar positions with various language requirements. Therefore, we encourage all interested candidates to apply. Second language evaluations will be offered to candidates. For more information on language requirements: www.canada.ca/en/public-service-commission/jobs/services/gc-jobs/language-requirements-candidates.

Notes

While we continue to explore opportunities for flexible work arrangements, the majority of work in our organization must be done in the office and cannot be performed at home.

If you need accommodations during the recruitment process, please mention it to the HR representative.

Organizational Considerations

• This position may involve exposure to disturbing material.

  • "Disturbing material" includes, but is not limited to, texts or audio or visual content depicting explicit, shocking, disturbing, or obscene behaviours or themes (e.g. violence or threats of violence, injuries, mutilations, acts of torture, death, corpses, acts of terrorism, sexual exploitation in all its forms, child pornography, acts of humiliation, hate propaganda, etc.)

• Overtime

• Working nights / weekend / shift work

• The need to travel

• CSIS is committed to building a healthy workforce that is truly representative of the Canadians it serves by cultivating a diverse and inclusive workplace environment. We are working to increase employment equity group representation (including persons with disabilities, visible minorities, Indigenous peoples and women) at all levels within the organization through hiring and talent management practices. Gaps have been identified among persons with disabilities, Indigenous peoples, and women for this position. In support of achieving a greater, diverse and skilled workforce, we strongly encourage those individuals who belong to one or more of the employment equity groups to self-declare in their cover letter when applying.

Assessment Process

Written Exam

A written exam will be administered and will serve to evaluate candidates’ analytical skills and technical knowledge. Successful candidates will be invited to a competency-based interview.

Competency Based Interview

The Competency Based Interview will assess candidates’ experience, knowledge, and the competencies listed in the Statement of Qualifications.

How To Apply

You are invited to visit Canada.ca for tips on how to submit a powerful application: www.canada.ca/en/security-intelligence-service/corporate/csis-jobs/how-to-submit-a-powerful-application

Security Requirements

Candidates must be eligible to receive an Enhanced Top Secret security clearance. The process involves a security interview, a polygraph, and a background investigation that includes credit and financial verifications. The use of illegal drugs is a criminal offense. Drug use is an important factor considered in your reliability and suitability assessment during the selection process. Therefore it is important not to use any illegal drugs from the time you submit your application.

Others

Important

Applicants must clearly demonstrate in their application how they meet each Education and Experience criteria. Failure to do so will result in the applicant being screened out of the career opportunity.

CSIS is a separate employer and is not subject to the Public Service Employment Act (PSEA). CSIS has its own classification, compensation system, and a different staffing regime. As such, we use a different staffing process and terminology.

CSIS is committed to building a workforce that is truly representative of the Canadians it serves by cultivating a diverse and inclusive workplace environment. This will be achieved by increasing employment equity group representation (including persons with disabilities, visible minorities, Indigenous peoples, and women) at all levels within the organization through hiring and talent management practices. We will also ensure that appropriate accommodations are made (e.g., specialized equipment, changes to physical workspace) to provide employment opportunities for all qualified candidates. In support of achieving a greater, diverse and skilled workforce, we strongly encourage those individuals who belong to one or more of the employment equity groups to self-identify when applying.

Should you require accommodation in relation to a disability, please tell us at the beginning of the selection process. This information will be kept confidential.

CSIS Offices in Canada are located on various ancestral and traditional lands. In the spirit of reconciliation, we acknowledge all Indigenous People across Canada and their connection to these lands.

The personal information provided in your application is protected under the Privacy Actand will be held in Personal Information Bank SIS/P-PU-025.

We thank all applicants for their interest in CSIS. However, only those who are selected for further consideration will be contacted.