IT Security TRA and C&A Analyst
| Location: | Ottawa, Ontario |
| Openings: | 1 |
Description:
Background
A Senior IT Security TRA and C&A Analyst will be assisting our client in augmenting its internal capacity in the area of IT Security to ensure that planned initiatives have the ability to integrate IT Security as part of their implementations; to ensure that resulting IT services and applications can be securely operated; and that IT services and applications are assessed and authorized prior to going into production.
Technical Criteria
Must have a minimum of ten (10) years experience acquired within the past fifteen (15) years, performing TRA and/or SA&A activities
Must have at least 3 (three) years experience conducting TRAs according to the Harmonized TRA methodology on Government of Canada Classified systems
Must have at least 3 (three) years experience performing SA&A activities on Government of Canada Classified systems.
Must be able to provide at least two different references for projects of relevant work/project experience. One reference must be for a Government of Canada Secret (Level II) solution project and be for TRA and/or SA&A activities.
Must have a valid Government of Canada Secret Clearance.
Should have multiple projects of experience conducting TRAs using any of the following system types according to the Harmonized TRA methodology:
- Protected B Systems
- Internet-facing business application;
- Cloud-based solutions;
- Mobile technology solution;
- Database infrastructure;
- Collaboration solution;
- Case Management solution;
- Content Management solution;
- Records Management solution ; • Enterprise Messaging solution;
- Remote Access solution.
Should have multiple projects of experience performing SA&A activities of the following system types:
- Protected B Systems
- Internet-facing business application;
- Cloud-based solutions;
- Mobile technology solution;
- Database infrastructure;
- Collaboration solution;
- Case Management solution;
- Content Management solution;
- Records Management solution ;
- Enterprise Messaging solution;
- Remote Access solution.
Should have experience in the development and implementation of Security Assessment and Authorization (SA&A) GoC programs, throughout all phases of the System Life Cycle.
Should have experience in:
- Researching relevant IM/IT industry standards and trends and
- Documenting the research
Should have one or more current professional qualifications from the following list.
- (ISC)2
- ISACA
- DRII
- MCSE
- GIAC
- CEH
- ASIS
- CISO
Should have a post secondary education degree or diploma related to Computer Science, as follows:
- University Degree (minimum 4 year program) OR
- College Diploma (minimum 2 year program)
Perform an action:
