NewFound Recruiting

QUALIFICATIONS:

  • 10+ years of relevant experience OR a university degree in a related business or technology discipline.
  • A valid Government of Canada secret clearance.
  • One of the following certifications: CISSP/CISM/CISA/CRISC/CCFP/SSCP/ITIL/ISSAP/SSCP/CompTIA +/GIAC
  • A diploma/certificate/degree in one of these following fields: Networking, Computer Systems, Computer Science or Electrical Engineering.
  • 12+ months of experience, within the last 5, preparing briefings for and making presentations to Executive Management.
  • Experience, within the last 5 years, working with Government of Canada standards, policies, and guidelines to deliver IT Security service that meets Communication Security Establishment Canada standards.
  • Experience, within the last 5 years, in developing Statements on Sensitivity, Asset Categorization, Threat Modeling, Business Needs for Security, and Statements of Acceptable Risk.
  • Recent experience validating the following: IT security controls (ITSG33- based) and applicable safeguards, Assessment of mitigation strategies, Assessment of residual risk.
  • 48+ months of experience performing each of the following IT Security tasks:
    • Analysis of IT Security tools and techniques
    • Analysis of security data and provision of advisories and reports
    • Preparation of technical reports such as requirement analysis, options analysis, technical architecture documents, mathematical risk modeling
    • Security architecture design and engineering support

RESPONSIBILITIES:

  • Review, analyze, and/or apply: Architectural methods, frameworks, and models such as TOGAF , US government FEAP , Canadian government BTEP and GSRM , Zachman, UMM
  • Review, analyze, and/or apply a broad range of security technologies including multiple types of systems and applications architectures, and multiple hardware and software platforms, including:
    • Directory Standards such as X.400, X.500, and SMTP
    • Operating Systems such as MS , Unix, Linux, and Novell
    • Networking Protocols (for example, HTTP , FTP , Telnet)
    • Network routers, multiplexers and switches
    • Domain Name Services ( DNS ) and Network Time Protocols (NTP)
  • Review, analyze, and/or apply Secure IT architectures, standards, communications, and security protocols such as IPSec , SSL , SSH , S-MIME , HTTPS
  • Review, analyze, and/or apply IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
  • Review, analyze, and/or apply The significance and implications of market and technology trends in order to apply them within architecture roadmaps and solution designs. (examples: web services security, incident management, identity management)
  • Review, analyze, and/or apply Best practices and standards related to the concept of network zoning and defence in-depth principles
  • Review, analyze, and/or apply IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks
  • Analyze IT Security statistics, tools and techniques
  • Analyze security data and provide advisories and reports
  • Prepare technical reports such as requirement analysis, options analysis, technical architecture documents, mathematical risk modeling
  • Prepare tailored IT Security alerts and advisories from open and closed sources
  • Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
Job Overview

Share