Open Source Research Analyst

The Opportunity

NTS Canada is seeking an experienced Open‑Source Research Analyst with a cybersecurity focus to support the delivery of Cybersecurity Open‑source Research and Evaluation (CORE) reporting services for a Government of Canada customer. This position requires a skilled researcher and analyst capable of identifying, assessing, and articulating cybersecurity risks derived from publicly available and commercially accessible information sources. The successful candidate will be comfortable operating in a fast‑paced, production‑oriented environment, delivering high‑quality analytical reports on a regular cadence against customer‑directed taskings.

Candidates with backgrounds in cybersecurity, threat intelligence, or defence‑related research are strongly encouraged to apply. Key Responsibilities

Open‑Source Research & Analysis Conduct structured open‑source and technical research on cybersecurity topics, software platforms, vendors, datasets, and IT infrastructure as directed by the customer Identify outdated or vulnerable software versions, insufficient patch management practices, and exposed infrastructure components Assess foreign infrastructure ownership, investment, or control risks associated with technology platforms and vendors Evaluate third‑party applications, cybersecurity tools, and vendor ecosystems for cyber risk indicators Analytical Reporting Author Cybersecurity Open‑source Research and Evaluation (CORE) reports summarizing research findings, risk analysis, and technical observations Produce a minimum of twelve (12) analytical reports per month based on customer‑directed taskings Ensure reports include clear methodology summaries, vulnerability findings, relevant technical details, and supporting open‑source references Prepare additional reports as requested by the customer beyond the baseline monthly requirement Receive and action tasking directions from the customer's Technical Authority Seek clarification on analytical requirements as needed to ensure reporting accuracy and relevance Participate in coordination calls with NTS program management and customer stakeholders Maintain a personal repository of recurring research sources, tools, and methodologies to support efficient delivery Requirements Eligible to obtain and maintain a Government of Canada security clearance Must be legally authorized to work in Canada Language Requirement French considered an asset Education Bachelor's degree or higher in Cybersecurity, Computer Science, Information Technology, Intelligence Studies, or a related discipline; or equivalent combination of education and professional experience. Relevant professional certifications (e.g., OSCP, CEH, Security+, GCTI, GREM) are a strong asset Required Skills, Experience & Abilities (required & verifiable)5 to 10 years of experience in cybersecurity research, threat intelligence, OSINT analysis, or a related analytical discipline Demonstrated track record of producing structured analytical reports under recurring deadlines Experience identifying cybersecurity vulnerabilities, exposed infrastructure, or technology supply chain risks using open‑source methodologies Prior experience supporting government, defence, or national security customers is a strong asset Familiarity with the Canadian cybersecurity landscape and Government of Canada IT security policies (e.g., CCCS, ITSG-33) is an asset Proficiency with OSINT tools and platforms (e.g., Shodan, Maltego, VirusTotal, MISP, CVE/NVD databases, Censys) Understanding of web application frameworks, software supply chains, patch management practices, and infrastructure exposure concepts Familiarity with common vulnerability scoring frameworks (CVSS) and cybersecurity risk assessment methodologies Strong written communication skills; ability to write clear, technically accurate reports for both technical and non‑technical audiences Experience with cybersecurity standards, frameworks, and threat classification models (e.g., MITRE ATT&CK, OWASP) Preferred Qualifications Experience conducting technical assessments of cybersecurity tools, vendors, or datasets in a defence or government context Background in digital forensics, reverse engineering, malware analysis, or penetration testing Familiarity with foreign investment and technology ownership risk analysis (e.g., CFIUS‑equivalent considerations, Bill C‑26 context) Prior experience working within or alongside CANSOF, DND, CSE, CSIS, or the broader Canadian national security community Physical Demands The physical demands described here are representative of those that must be met to successfully perform the essential duties of this role. These requirements are considered bona fide occupational requirements.

Reasonable accommodations are available upon request. Prolonged periods of sitting at a desk and working on a computer. Frequent use of hands and fingers for typing, writing, and handling documents. Clear vision and