IT Security and Continuity Analyst
We are looking for IT Security and Continuity Analysts to assist one of our federal government clients with risk management, IT security design and implementation, as well as business continuity initiatives. The responsibilities of the IT Security/Continuity Analyst will include the following:
- Develop risk management deliverables.
- Produce written reports, analysis, technical, operational and procedural documentation.
- Contribute to the design and implementation of security infrastructures such as PKI, firewalls, intrusion detection and DMZ's.
- Demonstrate knowledge of Information Technology Security (ITS) interoperability, connectivity and integration issues related to distributed or centralized IT infrastructures.
- Understand and effectively communicate to senior management the trends, methods and strategies of IT Security.
- Prepare and assist in oral and/or formal presentations.
- Identify project-related scope, risks, issues and changes.
- Work with various Canada Revenue Agency (CRA) project teams.
Required Education and Experience
Successful completion of a post-secondary degree in Computer Science, Systems Engineering or related field, from a recognized academic institution; AND A minimum of five (5) years professional work experience in the IT field, of which four (4) of the last five (5) years must be directly related to the development of information security deliverables.
OR
A minimum of five (5) years professional work experience in the IT field, of which four (4) of the last five (5) years must be directly related to the development of information security deliverables; AND A minimum of eight (8) years professional work experience in the IT field, of which four (4) of the last seven (7) years must be directly related to the development of information security deliverables.
OR
A minimum of ten (10) years professional work experience in the IT field, of which six (6) of the last eight (8) years must be directly related to the development of information security deliverables.
Experience with the following is also desirable:
- X.400 message handling standards
- Network protocols (HTTP, FTP, Telnet)
- GoC approved cryptographic
- Intrusion detection systems
- GoC Harmonized TRA
- MS, Unix and Linux OS
- TCP/IP, UDP, DNS, SMTP
- Wireless security
- Credential and access management
- Certification and accreditation
- Business continuity planning
- X500 directory standards
- Government of Canada (GoC) approved TRA, C&A and DRP methodologies
- Forensic ITS investigations
- Internet security protocols (SSL, SSH,SHTTP, S-MIME, IPSec
- Vulnerability assessments
- Disaster recovery planning Methodology
- Certification testing and evaluation related to supporting system certification and accreditation
- Security standards development
- IBM mainframe
- ERP software (SAP/PeopleSoft
- Project management
- Virtualization
- Web development
- Knowledge of GoC Policy on Government Security (PGS), policies of Treasury Board, Communications Security Establishment and other lead security agencies, such as the RCMP, as they relate to PKI
- CSE Security Authorization
- Secure coding
- Database
- Business impact analysis
- Knowledge of theories, principles and techniques of IT security specifically as they relate to Public Key Cryptography
- Public Key Infrastructure (PKI)
- Knowledge of PKI software