BC Oil & Gas Commission

Cybersecurity Analyst – BC Oil & Gas Commission – Engineer, BC

expired date :

Engineer, BC

$63,450 – $72,180 a year

Cybersecurity Analyst

Permanent/Full Time

Competition Number: 201973

BC Oil & Gas Commission, Fort St John, Kelowna, Victoria

Grid 21: $63,450.28 – $72,179.94 *

Grid 21: $65,180.75 – $74,148.48 **

  • Posted salary includes a JFMM Allowance of 10%

**Posted salary includes a Location Allowance of 3% if located in Fort St John

The BC Oil and Gas Commission (Commission) is the provincial single-window regulatory agency with responsibilities for
regulating oil and gas operations in British Columbia, including exploration, development, pipeline transportation and
reclamation.

PURPOSE OF POSITION

The Cybersecurity Analyst (CA) is a key contributor to safeguarding the Commission’s data and information from cyber threats.
The CA is responsible for planning and carrying out security measures to protect the Commission’s computer networks and
systems. The responsibilities continually expand as cyberattacks evolve and new vulnerabilities are discovered. The CA must
continually adapt to stay a step ahead of cyberattacks and must stay up to date on the latest methods attackers are using to
infiltrate computers systems. Additionally the CA will need to stay current on Information Technology (IT) security;
researching technologies and guiding what will most effectively protect the Commission

SELECTION CRITERIA

Education:

Bachelor’s degree or diploma in a computer-related discipline and 2 years’ experience; or a combination of
education/training and 5 or more years of related IT experience.

Experience and Knowledge:

Proven experience providing innovative cybersecurity solutions and implementing best practice cybersecurity measures;

Proven experience with network and systems implementation and administration;

Proven experience with vulnerability management;

Proven experience and knowledge with security technologies including: auditing (SIEM), application control (whitelisting),

reverse web proxies, malware defenses, data protection;

Proven experience preparing program documents, presentations, reports, and other communication materials;

Proven experience and knowledge with Active Directory and Group Policy administration; and,

Proven experience and knowledge with securing data at rest and in transit using modern cryptographic standards.

If you are interested in applying for this role and meet the minimum selection criteria, please select “Apply Now” and submit
your cover letter and resume prior to midnight October 21, 2019. Please note applicants will only be contacted if they are
selected to proceed further in the process. An eligibility list may be established.

For More Information: Recruitment 250 419-4463

6534 Airport Road T 250.794.5200 www.bcogc.ca
Fort St John BC V1J 4M6 F 250.794.5390

OIL AND GAS COMMISSION
POSITION DESCRIPTION

POSITION TITLE: Cybersecurity Analyst POSITION #: 573818

DIVISION: Corporate Services CLASSIFICATION: Grid 21

Fort St John/Kelowna/
PROGRAM AREA: Planning and Technology LOCATION:

Victoria

SUPERVISOR’S TITLE: Manager, Cybersecurity POSITION #: 573762

SUPERVISOR’S
Grid 30 LOCATION: Victoria

CLASSIFICATION:

The BC Oil and Gas Commission (Commission) is the provincial single-window regulatory agency with responsibilities for
regulating oil and gas operations in British Columbia, including exploration, development, pipeline transportation and
reclamation.

The Commission’s core roles include reviewing and assessing applications for industry activity, consulting with

First Nations, ensuring industry complies with provincial legislation and cooperating with partner agencies. The public
interest is protected through the objectives of ensuring public safety, protecting the environment, conserving petroleum
resources and ensuring equitable participation in production.

JOB OVERVIEW
The Cybersecurity Analyst (CA) is a key contributor to safeguarding the Commission’s data and information from cyber
threats. The CA is responsible for planning and carrying out security measures to protect the Commission’s computer
networks and systems. The responsibilities continually expand as cyberattacks evolve and new vulnerabilities are
discovered. The CA must continually adapt to stay a step ahead of cyberattacks and must stay up to date on the latest
methods attackers are using to infiltrate computers systems. Additionally the CA will need to stay current on
Information Technology (IT) security; researching technologies and guiding what will most effectively protect the
Commission.

ACCOUNTABILITIES

Administrates the security information and event management (SIEM) system;

Vulnerability discovery and remediation management via collaboration with other information services groups;

Manages and maintains secondary storage backups of production systems;

Operation and management of application control on all computer systems;

Patch management and patch guidance for other internal groups;

Assists IT department with software and hardware asset discovery and management;

Provides security based technical expertise in the deployment and operation of IT systems;

Access control auditing and response to real time alerts of privilege change or access anomalies;

Implements and manages operational tools and systems in support of information security;

Defines and supports the implementation of secure baseline configurations for Windows, Linux and network

devices;

Provides expertise to resolve information security issues and events, and develop solutions to meet customer

requirements;

Develops and documents methodologies, techniques, standards and tools to manage network security

infrastructure and services;

Monitors Commission networks for security breaches and implements incident response;

Researches the latest IT security trends and recommends security enhancements and purchases within project

scope;

Helps to plan and carry out the Commission’s security processes, procedures and policy enforcement;

Trains Commission staff on cybersecurity best practices and Commission cybersecurity policies;

Provides input into and supports the development, testing and implementation of the Commission’s Disaster

Recovery plan;

Manages email and web protection services;

Assess situations, judge the complexity of issues and use critical thinking in taking appropriate action;

Manages threat prevention on edge devices;

Prepares clear, concise and complete oral and written information of a complex or technical nature at a level

appropriate to the audience; and,

Manages reverse proxy with application firewall.

ORGANIZATION CHART
Commissioner, Chief Executive Officer
Executive Vice President, Chief Financial Officer

Vice President, Planning and Technology
Executive Director, Information Technology
Manager, Cybersecurity

Cybersecurity Analyst (Topic Position)

EDUCATION AND EXPERIENCE REQUIREMENTS
Education:

Bachelor’s degree or diploma in a computer-related discipline and 2 years’ experience; or a combination of

education/training and 5 or more years of related IT experience.

Experience and Knowledge:

Proven experience providing innovative cybersecurity solutions and implementing best practice cybersecurity

measures;

Proven experience with network and systems implementation and administration;

Proven experience with vulnerability management;

Proven experience and knowledge with security technologies including: auditing (SIEM), application control

(whitelisting), reverse web proxies, malware defenses, data protection;

Proven experience preparing program documents, presentations, reports, and other communication materials;

Proven experience and knowledge with Active Directory and Group Policy administration; and,

Proven experience and knowledge with securing data at rest and in transit using modern cryptographic standards.

KEY COMPETENCIES
Service Orientation displaying a desire to identify and serve customers/clients, who may include the public, colleagues,
partners (e.g. educational institutes, non-government organizations, etc.), co-workers, peers, branches,
ministries/agencies and other government organizations and focusing one’s efforts on discovering and meeting the
needs of such customers/clients.

Results Orientation showing concern for surpassing a standard of excellence, be it one’s own past performance (striving
for improvement); an objective measure (achievement orientation); challenging goals one has set; or even improving or
surpassing what has already been done (continuous improvement).

Analytical Thinking displaying the ability to comprehend a situation by breaking it down into its components and
identifying key or underlying complex issues. The ability to systematically organize and compare the various aspects of a
problem or situation and determine cause-and-effect relationships (“if…then…”) to resolve problems in a sound, decisive
manner. Checks to ensure the validity or accuracy of all information.
Expertise includes the motivation to expand and use technical knowledge or to distribute work-related knowledge to
others.

September 27, 2019

________________________________ _______________________________________
DATE EXCLUDED MANAGER SIGNATURE

Source: