IT Security VA Specialist

IT Security VA Specialist

19 Oct
|
David Joseph
|
Ottawa

19 Oct

David Joseph

Ottawa

Communications Security Establishment (CSE) has a requirement for specialist professional services

in the field of IT Security Vulnerability Analysis to assist the CSE Information Protection Section.

The cyber threat environment is a constantly evolving landscape with ever-mounting challenges.

CSE enterprise information security program addresses these challenges through a range of

programs and services, some of which require enhancement to further fulfill organizational needs.

The IT Security Vulnerability Analysis Specialist will assist in the ongoing enhancement of the CSE

Vulnerability Management Program tailored for its unique operational environments.

SCOPE







The IT Security Vulnerability Analysis Specialist will provide insight and assistance to CSE staff and be

responsible for successful completion of the following requirements listed below:

- Work with CSE stakeholders to facilitate the adoption of patching best practices throughout the

enterprise with a primary focus on Enterprise Technologies and Solutions (ETS) and DXC

Technology patch management authorities;

- Carry out vulnerability scans, reporting findings to management and working with stakeholders

to resolve critical issues;

- Train CSE staff on enterprise Vulnerability Analysis capability;

- Assist with any vulnerability management activity that arises resulting from CSE networks

integration activities;

- produce briefing notes and risk assessments concerning CSE’s vulnerability posture;

- Assist with, and where necessary provide technical leadership for, corporate response activities

to major, urgent vulnerabilities requiring immediate and comprehensive action;







- Management and coordination of the work and provision of quality control oversight on all

deliverables;

- Providing weekly progress/status reports, the exact format/template will be provided by the CSE

technical authority;

- Preparing a record of discussions/decisions resulting from any formal meetings that are held

related to this work;

- Immediately notifying in writing following CSE format the TA of any issue/problem that may

impede, delay or negatively impact completion of authorized work;

- Maintaining an electronic library of work in progress, delivered items and reviewed comments,

and version control thereof in GCDOCS;

- Consulting with the TA, throughout the duration of this contract and provide briefing notes, and







presentations to management as required by the TA;

- Providing written advice, guidance and recommendations on Information Security (IS)/IT

Security issues as required by the TA, , the exact format/template will be provided by the CSE

technical authority;

- Participating in working groups and forums as required (within the NCR);

- Providing coordination of input to change management board; and

- Managing and coordinating quality control oversight on all deliverables.

DELIVERABLES

The Contractor must produce the following deliverables in support of the tasks described in section

above. Deliverables must be submitted to the TA for review and comment one week prior to the

completion dates, with any follow-on revisions carried out within two business days of receiving







feedback from the TA.

All deliverables shall be submitted to the TA, in one (1) electronic copy in MS Office format, Atlassian

collaboration tools (including using Confluence and Jira) and reporting capabilities of the CSE provided

systems. All deliverables must be securely stored.

Where suitable in support of the services required:

- Process documentation (for example Concept of Operation (CONOPs), other material required in

support of accreditation).

- Documented testing methods and analysis tools that will be used to train or share information

with CSE staff.

- Briefing notes and risk assessments concerning CSE’s vulnerability posture using standard office







productivity software from the CSE classified desktop environment (e.g. PowerPoint

presentations and Word documents).

- Weekly status reports on efforts, deliverables, issues, and risks.

- Report and track project-related activities, status, and progress.

- Record of Decisions (RoD) affecting the outcome of the project are made to include cost, scope,

and timelines. RoD after each meeting and / or telephone discussion where appropriate.

- Top Secret Security Clearance
- (2) years’ experience within the last five (5) years providing in-depth analysis of vulnerabilities and impacts to key stakeholders of Government of Canada.
- Experience in identification and evaluation of complex business and technology risks, establishment of internal controls which mitigate risks,





and related opportunities for internal control improvement.
- Experience with (2) of the following in an On-Site enterprise environment domains:

- NMAP;
- Tenable Network
- Security;
- Qualys;
- Burp Suite; and
- Rapid7

▶️ IT Security VA Specialist
🖊️ David Joseph
📍 Ottawa

Subscribe to this job alert:
Enter Your E-mail address to receive the latest job offers for: it security va specialist

Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years)  to provide support and advice on IT Security related audits and assess departm

Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years)  to provide support and advice on IT Security related audits and assess departm

Our valued Public Sector client is seeking the services of Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years) to provide to provide support and advice on IT Security related audits and assess departmental IT Security Mechanisms w [...]
Ottawa
23 Oct
    Ottawa
    23 Oct

Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years)  to provide support and advice on IT Security related audits and assess departm

Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years)  to provide support and advice on IT Security related audits and assess departm

Our valued Public Sector client is seeking the services of Senior Secret Cleared IT Security Vulnerability Specialist (10+ Years) to provide to provide support and advice on IT Security related audits and assess departmental IT Security Mechanisms w [...]
Ottawa
23 Oct
    Ottawa
    23 Oct

Senior Cyber Security specialist to assist with a Cyber and IT Security Strategic Renewal Program within the Public Sector

Senior Cyber Security specialist to assist with a Cyber and IT Security Strategic Renewal Program within the Public Sector

Our valued public sector client is seeking a Senior Cyber Security specialist to assist with a Cyber and IT Security Strategic Renewal Program within the Public Sector. This program is aiming to reinforce existing cybersecurity posture and assist wi [...]
Ottawa
13 Oct
    Ottawa
    13 Oct

Senior Secret Cleared Business Process Specialist to Lead Table-top exercises (TTX) on a large modernization initiative

Senior Secret Cleared Business Process Specialist to Lead Table-top exercises (TTX) on a large modernization initiative

Our valued Public Sector Client is seeking a Senior Secret Cleared Business Process Specialist to Lead Table-Top exercises (TTX) on a large modernization initiative Job Description: Our client has a need to build a service line that would offer Ta [...]
Ottawa
23 Oct
    Ottawa
    23 Oct
Subscribe to this job alert:
Enter Your E-mail address to receive the latest job offers for: it security va specialist