Cyber Security - Systems Security Engineer
Hybrid role: Mon, Tue & Thu onsite
Compensation: $115K – $144K annually
Requirements: Secret Level II clearance, and eligibility for the Controlled Goods Program. (PR status 5 years in Canada or CDN Citizenship)
Role Overview
The Systems Security Engineer will be part of a security engineering team responsible for supporting multiple product and project groups. The role involves ensuring compliance with security targets, defining security requirements and posture, and contributing to vulnerability management activities within complex information systems.
Key Responsibilities
- Provide security-focused consultation on system architecture, operational concepts, and system enhancements
- Derive security requirements, designs, and mechanisms in line with customer and organizational standards
- Develop and maintain security-related system documentation (specifications, threat models, test artifacts, vulnerability assessments, etc.)
- Oversee verification of security components within products and systems
- Perform threat assessments and recommend risk mitigation strategies
- Review vulnerability/compliance scan results and prioritize remediation actions
- Support project delivery by contributing to security planning and budgeting
- Mentor and coach junior team members
Required Qualifications
- Degree/diploma in Engineering, Computer Science, Information Technology, or equivalent experience
- CISSP certification
- 5+ years of experience in engineering or information systems
- Understanding of government project delivery processes (requirements to commissioning and support)
- Knowledge of security accreditation frameworks and guidance standards
- Strong communication skills and ability to collaborate with technical teams and stakeholders
- Leadership, problem-solving, and project delivery strengths
Preferred Skills
- Experience with classified system accreditation, cross-domain solutions, and multi-domain environments
- Familiarity with security standards (NIST SP-800 series, ISO/IEC, STIGs, CIS, SANS)
- Experience working with Security Operations Centre technologies (SIEM, IDS/IPS, monitoring tools)
- Hands-on experience with enterprise platforms, vulnerability assessment tools, virtualization, monitoring, or DLP technologies
- Knowledge of:
- Business continuity and disaster recovery planning
- OWASP and SQL-related vulnerabilities
- DOORS or similar requirements management software
- Additional certifications such as CCSP or CISM
