Join Our Team
Join the Cyber Security Operations Branch, a collaborative team dedicated to protecting Ontario's government systems, services and data.
In this role, you will contribute to the applied research, development, and continuous improvement of cyber security solutions, helping the OPS respond to evolving threats and strengthen its security posture. You will work independently and collaboratively in a dynamic, technically complex environment.
Start your career with the OPS
The Ontario Public Service is one of the largest employers in the province, employing more than 60,000 people. Every day we are modernizing government operations and improving public services. We have a wide range of meaningful and rewarding career opportunities in communities across Ontario. We welcome new ideas and new people, encourage learning and development, and reward achievement. No matter the position, we live the core values of trust, fairness, diversity, excellence, creativity, collaboration, efficiency and responsiveness.
We are re-thinking how we deliver services through various initiatives, modernization initiatives and how we access and deliver critical services remotely. We are striving to enable a future-ready OPS workforce through a technology focused enterprise-wide strategies.
The OPS is committed to be an employer of first choice, creating a positive and inclusive work environment. In addition to collegial and professional work culture, career growth and development and on-the-job training to help you succeed, we offer a competitive compensation package.
You will:
- Contribute to the design, development, and enhancement of cyber security solutions and tools, including security monitoring platforms (e.g., SIEM or similar technologies)
- Design and maintain scalable data ingestion and processing pipelines for cloud and on-premise environments, including log collection and normalization into consistent schemas
- Develop, implement, and optimize security analytics, such as correlation rules, detections, and alerts, to support threat monitoring and response
- Translate threat intelligence into actionable detection use cases and align them with recognized frameworks (e.g., MITRE ATT&CK)
- Apply modern development and automation practices, including:
- Developing scripts, applications, and APIs to support security monitoring and automation
- Implementing CI/CD pipelines and automating deployments to enable efficient, consistent, and auditable delivery
- Support the integration of security tools and technologies within enterprise environments, including connections between monitoring, automation, and response capabilities (e.g., SIEM/SOAR integrations or similar)
- Conduct analysis of system logs, network activity, and threat intelligence to identify risks, vulnerabilities, and anomalous behaviour
- Contribute to security architecture reviews by identifying gaps and supporting the development of mitigation strategies
- Conduct research on emerging threats, technologies, and industry best practices, and contribute to prototypes and proof-of-concept initiatives
- Document technical designs, processes, and security procedures
- Participate in project teams and provide technical expertise in support of cyber security initiatives
You have:
- Experience developing, configuring, or supporting cyber security solutions, systems, or tools (e.g., Security Information and Event Management (SIEM) platforms or cloud-based security services)
- Experience with modern development and automation practices used in cyber security environments, such as Scripting and programming (e.g., Python, PowerShell, or similar languages), Query languages (e.g., KQL, SPL, or similar), APIs and integration approaches, Infrastructure as Code (e.g., Terraform, ARM/Bicep, or similar tools)
- Knowledge of cyber security concepts such as threat detection (including frameworks like MITRE ATT&CK), monitoring, and incident response
- Experience applying these technical practices in one or more of the following areas:
- Security monitoring or SIEM platforms (e.g., Sentinel, Splunk, or similar)
- Application development or systems integration
- Network, endpoint, or infrastructure security technologies
- Understanding of system integration, security design, or architecture principles
You can:
- Analyze logs, system outputs, or data to identify patterns, anomalies, or risks
- Research and assess emerging cyber threats, vulnerabilities, and technologies
- Apply problem-solving skills to troubleshoot issues and develop practical solutions
You have:
- Experience with programming or scripting to support automation or solution development
- Knowledge of secure coding practices or development concepts
- Experience contributing to prototypes, proof-of-concepts, or technical implementations
You can:
- Communicate technical information clearly to both technical and non-technical audiences
- Prepare documentation such as reports, briefing materials, or technical specifications
- Collaborate effectively with team members and stakeholders
You have:
- Experience contributing to technical projects or initiatives
- Ability to manage multiple tasks, priorities, and deadlines
- Experience working in collaborative, team-based environments
If you are excited about this position and meet most, but not all, of the listed qualifications, please still consider applying. We recognize that no one person might have every qualification in this job ad, and you just might be the right candidate!
We are building an inclusive workforce that reflects the communities we serve. We encourage everyone interested in working with us to apply, including people with disabilities, Indigenous, Black and racialized individuals, as well as people from all ethnicities, cultures, sexual orientations, gender identities and gender expressions.
Our hiring process is accessible, consistent with Ontario's
Human Rights Code and the
Accessibility for Ontarians with Disabilities Act, 2005. We are working to prevent and remove barriers in our hiring processes and can offer accommodation to address specific needs related to Code-protected grounds such as disability, family status and religion. For more information about accommodation during the hiring process please contact us.
Learn more about the work the OPS is doing to create an inclusive, anti-racist, accessible and diverse workplace:
- diversity, equity and inclusion initiatives
- accessibility
- Anti-Racism Policy
The Ontario Public Service is one of Ontario's largest employers. Employees work for a wide range of ministries, with offices in more than 70 cities across the province. We offer:
- a career that can grow across ministries and job functions
- flexible learning and developmental opportunities, including education and mentorship programs
- a comprehensive compensation and benefits package
- base salary that aligns to market trends with performance-based pay and scheduled salary progression
- tailored work arrangements, including opportunities like flex hours, self-funded leave and more
- a modern, friendly and accessible physical work environment
