Position: Senior SA&A Specialist
Client: Federal Government Client
Location: Onsite (Tunney’s Pasture)
Duration: 10 months (Likely to be extension)
Language: English
Background: Our valued public sector client is seeking the services of a Senior SA&A Specialist to assist in a project designed to improve elements of the Department’s information management framework. This project is in support of information management (IM) for the defence and security of Canada as a whole and supports the Defence program, which provides credible and sustained services to the Government of Canada.
Qualifications:
- 10 years experience with 2 or more of the following; Data security analysis, Concepts of operation; Statements of Sensitivity (SoS); Threat assessments; Non-technical Vulnerability Assessments; Risk assessments; IT Security threat; Vulnerability; risk briefings
- 10 years experience in 2 or more of the following; Federal, Provincial or Territorial IT Security policies; System IT Security Assessment & Accreditation processes; IT Security products, safeguards and best practices; and IT Security risk mitigation strategies
- University degree or college diploma in IT or related studies
- One or more of the following certifications: CISSP, CISA, CISM, ISACA Certification and Risk and Information Systems Control, ISO 27001 Lead Auditor Certification.
Responsibilities/Deliverables:
- Review analyze and apply Department of Defence IT Security policies and Security Assessment and Accreditation processes to project deliverables which encompass people, processes, and technology.
- Identify personnel, physical, procedural and technical threats to project designs and deliverables.
- Develop Reports such as Data Security analysis, Statement of Sensitivity, Concept of Operations, Threat assessment, Risk assessments, and IT Security risk, threat, or vulnerability briefings.
- Conduct assessment activities such as: verifying that security safeguards meet policies and standards, map police requirements to security safeguards, and ensure safeguards have been implemented correctly with assurance requirement fulfillment being demonstrated
- Conduct Security Testing and evaluation to determine if the technical safeguards are functioning correctly and perform residual risk assessment.
- Conduct accreditation activities such as review of Security Assessment and Accreditation results in the design phase to ensure the solutions will me certification authority standards. This task also includes understanding the type and conditions of approval that has been granted and communicating conditions to all stakeholders.
- Review products produced for the SA&A and provide feedback.
Job Type: Fixed term contract
Contract length: 10 months
Pay: $110.00-$117.00 per hour
Expected hours: 37.5 per week
Flexible language requirement:
Schedule:
Application question(s):
- Which of the following certifications do you possess? CISSP, CISA, CISM, ISACA Certification and Risk and Information Systems Control, ISO 27001 Lead Auditor Certification
- Describe your experience with Data security analysis, Concepts of operation; Statements of Sensitivity (SoS); Threat assessments; Non-technical Vulnerability Assessments; Risk assessments; IT Security threat; Vulnerability; risk briefings
- Describe your experience in Federal, Provincial or Territorial IT Security policies; System IT Security Assessment & Accreditation processes; IT Security products, safeguards and best practices; and IT Security risk mitigation strategies
- Describe your experience with SA&A in a protected environment?
- Do you currently possess a VALID Top Secret clearance with the Federal Government of Canada? NOTE: This is a COMPULSORY requirement, you will not be contacted if you do not have a valid clearance.
Education:
- Bachelor's Degree (required)
Work Location: In person