Job Description
Department: Service Nova Scotia and Internal Services
Location: HALIFAX
Type of Employment: Permanent
Union Status: NSGEU - NSPG
Closing Date: 27-Jul-23 (Applications are accepted until 11:59 PM Atlantic Time)
Department of Cyber Security and Digital Solutions* (CSDS), as part of the Government of Nova Scotia, puts people first. CSDS is large, diverse, and passionate about making a difference in peoples’ lives. We believe in user-centered iterative digital service design, and practice Internet-era ways of working. Working at CSDS means you will be a part of a team of caring, compassionate, and highly skilled people whose work makes a difference through designing, continuously improving and delivering the programs and services that people need.
At CSDS, we don't just accept difference - we celebrate a supportive culture of diversity, inclusion and belonging!
The people who use government programs and services come from all walks of life. It is important that CSDS reflects the people that we serve – so we can deliver better, and more accessible, and inclusive public services. We work hard to create an environment where different perspectives and experiences are valued. We are committed to helping diverse talent thrive.
- Formerly known as Nova Scotia Digital Service (NSDS), a part of the previously named Department of Service Nova Scotia and Internal Services.
You are passionate about people’s service experience and want to help build solutions as well as resolve technical problems and requests over the phone, in person, and through our ticketing system. You enjoy supporting a 24/7 environment for critical services, working as part of a team, and going the extra mile to provide an amazing user experience. You thrive on supporting a diverse client base. You are flexible and available to work night shifts and on-call rotations.
You share our values of respect, integrity, diversity, accountability and the public good, have a passion for service excellence and actively promote and encourage the importance of people, teams, diversity, and culture.
- Career Development where you have access to career guidance, tools, resources, and ongoing training for every stage of your career.
- Engaging workplace. Our Employees feel valued, respected, connected, and tuned in. We have forward-thinking policies and strategies.
- Countless Career Paths.
- Flexible working schedules.
As a Microsoft 365 Security Architect with CSDS, you will design, implement, and deliver secure services; you will provide support in a 24/7 operational environment for critical digital services supporting government and health care. Your work will focus on Microsoft 365 Operational Security and span across Identity and Email Operations. You will support government departments, agencies, boards, commissions, and offices, as well as Nova Scotia Health and IWK Health. You will work and collaborate with clients with varying levels of digital literacy in determining issues and problems and initiating a resolution plan. You must have the ability to use common, non-technical, business language to explain technical solutions. Other key characteristics required for this role include:
- A blend of technical, interpersonal, and business skills.
- Great collaboration and engagement skills to influence and connect with others.
- Support end users in a prompt, polite and friendly manner.
- Competent and initiative-taking collaborator with the ability to work independently.
- Practice good judgement and make decisions under pressure.
- Ability to remain positive and maintain confidence in own abilities.
- Strong critical thinking and analytical skills.
- Flexibility to work after hours.
CSDS is looking for a Microsoft 365 Security Architect, who wants to deliver on a digital technology strategy for the Province. You will collaborate with business stakeholders, architects, and technical administrators (identity, devices, applications, and more) to secure the organizational IT assets. You will accelerate cloud transformation, including cloud security, cloud governance, enterprise integration, communication and cross-functional collaboration.
- Protect our people and data, mitigate threats, and reduce organizational risk by implementing, managing, and monitoring Microsoft 365 cloud security, identity, compliance and governance solutions.
- Respond to security incidents, triage, rapidly remediate active attacks in the environment and perform advanced threat hunting using Kusto Query Language (KQL).
- Analyze cyber threat intelligence, manage vulnerabilities, advise on threat protection practices, and refer violations of organizational policies to appropriate stakeholders.
- Analyze Azure Security Benchmark and Azure AD SecOps guidance around user accounts, privileged accounts, applications, devices and infrastructure, define baselines, and implement controls and recommendations in coordination with other teams.
- Maintain and enhance identity protection, identity governance, conditional access, passwordless authentication, privileged identity management, and risk-based multi-factor authentication.
- Develop solutions leveraging product features and writing custom code as necessary.
- Work on support tickets (service requests, change requests, problems, incidents, etc.), consistently deliver on key performance indicators, and support clients, peers, management and leadership.
- Take ownership of not only operational aspects, but also documentation, coordination, communication and collaboration.
- Understand client/business requirements, map them to technical capabilities, and advise on the adoption of new technologies through evaluation and assessment, with recommendations on design, architecture, implementation, and change management.
- Provide thought leadership on Microsoft 365 operational security, take initiative, and work with multi-disciplinary teams.
- Provide specialized advice and training on leveraging directory, identity management, federation, and public key infrastructure services. Coach and mentor teammates and peers on new technologies and processes.
- Help create a culture of humility, learning, collaboration, ownership and results.
- Show continuous learning and knowledge update by completing or renewing agreed technical certification(s) every year as part of your performance metrics.
To be successful in this role, you will have a Bachelor of Science in Computer Science plus a minimum of 5 years’ experience, or graduation from a recognized Information Technology program, plus 5 years and 6 months experience or an acceptable equivalent combination of training and experience.
You are an expert on Microsoft 365 Defender and Exchange Online Protection (EOP) and have completed and earned one or more of the following credentials. Evidence of completion, by way of a Microsoft transcript shared link that shows your legal name, MCID, contact email address and active certifications, is required for the Microsoft certifications. Similar evidence is required for (ISC2) certifications.
- Microsoft Certified: Cybersecurity Architect Expert (SC-100)
- Microsoft Certified: Azure Security Engineer Associate (AZ-500)
- Microsoft Certified: Identity and Access Administrator Associate (SC-300)
- Microsoft Certified: Security Operations Analyst Associate (SC-200)
- Microsoft 365 Certified: Security Administrator Associate (MS-500)
- Microsoft Certified: Information Protection Administrator Associate (SC-400)
- (ISC2) Certified Information Systems Security Professional
- (ISC2) Certified Cloud Security Professional
- Monitoring, detecting, responding to, and recovering from active attacks on enterprise assets.
- Implementing protections against threats using security policies through Exchange Online Protection and Microsoft Defender for Office 365.
- Securing Azure Active Directory (Microsoft Entra ID) and Microsoft 365 workloads.
- Securing on-premises and cloud applications authenticating to Azure AD protected APIs.
- Setting up, using, and investigating SPF, DKIM and DMARC for email authentication.
- Implementing, maintaining, and hardening one or more of on-premises Active Directory Domain Services, Federation Services, and Certificate Services.
- Designing, implementing, and maintaining enterprise hybrid identity environments.
- Managing user and group lifecycle management with Microsoft Graph.
- Managing Azure AD Identity Governance and automating user access reviews, license assignments, and reclaims.
- Scripting with one or more of Microsoft Graph API, Active Directory PowerShell, Azure AD PowerShell, Azure CLI, and Exchange Online PowerShell.
- Experience with messaging security solutions such as anti-spam appliances.
- Implementing well-architected framework(s) for security, efficiency, and operational excellence.
- Undertaking troubleshooting and investigations to resolve incidents and problems, including around automation, directory security, and integration with load balancers.
- Creating standard operating procedures and processes.
- Advising on well-architected solutions, best practices, and enterprise governance.
- Assessing clients’ requirements and supporting consumption of authentication services.
- Communicating complex technical concepts to senior management, peers, and users.
- Experience with REST APIs, JSON, OAuth 2.0, OData, and OpenID Connect.
- Practical understanding of how authentication standards and protocols, such as Kerberos, SAML2, WS-Federation, WS-Security, and OIDC, work.
- Experience with mobile device management and third-party archiving solutions.
- Practical understanding of Public Key Infrastructure (PKI).
- Solid understanding of Windows Server operations, including installation, configuration, and system administration.
- Experience working in a health care or public sector environment.
- Experience supporting mission critical, enterprise environments, 24 x 7 x 365.
You may be required to work outside normal business hours (08:00-16:30) to provide service and be on-call to work non-traditional shifts, including weekends, to support a 24/7 critical service and environment.
One or more methods that include a technical assessment, oral presentation, interview(s), references, background checks, and more, can be used to assess your candidacy.
Offer of employment is conditional upon the completion of all applicable background checks and confirmation of credentials, the results of which must be satisfactory to the employer or will result in the termination of your employment.
The Province of Nova Scotia offers a comprehensive benefits plan and pension plan as well as a positive workplace culture with work-life balance.
Pay Grade: PR 17
Salary Range: $3,091.70 - $3,631.17 Bi-Weekly
Employment Equity Statement:
Our goal is to be a diverse workforce that is representative, at all job levels, of the citizens we serve. The Government of Nova Scotia has an Employment Equity Policy, and we welcome applications from Indigenous People, African Nova Scotians and Other Racially Visible Persons, Persons with Disabilities and Women in occupations or positions where they are under-represented. If you are a member of one of these equity groups, you are encouraged to self-identify on your electronic application.
This is a bargaining unit position initially restricted to current civil service employees represented by the Nova Scotia Government Employees Union (NSGEU). If applying from outside a government office, employees must apply correctly via this link:
Failure to apply correctly means that your application will not be given first consideration as a bargaining unit applicant, and will only be included if external applications are pursued.
External applicants and current casual employees will only be considered if there are no qualified civil service bargaining unit candidates. PLEASE NOTE: Candidates will not be considered for an interview if applications are incomplete or are missing information.
Offer of employment is conditional upon the completion of all applicable background checks and confirmation of credentials, the results of which must be satisfactory to the employer. We thank all applicants for the interest, however, only those selected for an interview will be contacted. All questions and concerns may be directed to Competitions@novascotia.ca.
Apply
Go Back