23 Oct
S.i. Systèmes
Ottawa
Our valued Public Sector client is seeking the services of Senior IT Security Engineer (10+ Years) to provide support and advice on IT Security related audits and assess departmental IT Security Mechanisms within the Public Sector
Objective:
Our client requires specific skill and knowledge with respect to IT Security to assess whether appropriate departmental IT security mechanisms are in place and working properly. The objective is to provide IT security technical specialists to support the IT audit team in conducting IT security related audits, reviews and advisories on an as-and-when requested basis
Must Haves:
- Degree, diploma or Certificate in related technology discipline
- Enhanced Reliability Clearance
Responsibilities could include but are not limited to:
- Review, analyze and/or apply:
- Directory Standards such as X.500, and SMTP;
- Operating Systems such as MS, Unix, and Linux;
- Networking Protocols such as HTTP, HTTPS, FTP, SFTP, SSH and Telnet;
- Secure IT architectures fundamentals, standards, communications and security protocols such as IPSec, SSL/TLS, and SSH;
- IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control;
- Protocol/Internet Protocol (TCP/IP) stacks;
- Domain Name Services (DNS) and Network Time Protocols (NTP);
- Network routers and switches
- Application and Operating System hardening and security acceptable practices such as shell scripting, and access control;
- Intrusion detection/prevention systems, endpoint security for malware, Enterprise Security Management and firewalls;
- Wireless technology; and,
- Identify the technical threats to, and vulnerabilities of, systems;
- Manage the IT Security configuration;
- Prepare technical reports such as IT Security Solutions option analysis and implementation plans;
- Provide Independent Verification and Validation (IV&V) support to IT Security related projects including:
- Conduct IT security audits and advisories including preparing applicable reports, presentations and other documentation as required;
- Review of contingency plans, Business Continuity Plans and Disaster Response Plans;
- Conduct assessments, perform analysis and report on the state of departmental IT security solutions (existing and proposed processes and tools) and the overall security posture;
- Perform gap analysis over the entire spectrum of IT security in the Department, including a roll-up of previously conducted audits and studies.
This may lead to the identification of high-risk engagements which could be included in future departmental Risk-Based Audit Plans;
- Access, analyze and report on adherence to IT security policies, standards, procedures and guidelines pursuant to the requirements of GoC’s IT security regulatory framework and supporting operational standards, procedures and guidelines;
- Assess departmental IT security implementation of tools, techniques, procedures, and practices in the areas of assurance, standard certification and accreditation frameworks for IT systems, information infrastructure protection, product evaluation, privacy, business continuity planning, contingency planning and disaster response planning, research and development;
Apply