C3 Information Technology Security TRA and CA Analyst
C3 Information Technology Security TRA and CA Analyst
Posted on :
11-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Job Description
Inventory for current and future bid awards. Please only apply to the position you feel you are most qualified for and indicate in your resume and cover letter your experience level. We will consider your application for other roles if your professional background matches multiple roles.
Please indicate in your resume or cover letter if you already have a Government of Canada Security Clearance and at what level.
Experience levels
- Level1:<5years of experience
- Level2: 5<10years of experience
- Level3: 10years of experience
Responsibilities could include but are not limited to
- Review analyze and/or apply Federal Provincial or TerritorialITSecurity policies SystemITSecurity Certification & Accreditation processesITSecurity products safeguards and best practices and theITSecurity risk mitigation strategies
- Identify threats to and vulnerabilities of operating systems (such asMS Unix Linux and Novell) and wireless architectures
- Identify personnel technical physical and procedural threats to and vulnerabilities of Federal Provincial or TerritorialITsystems
- Develop reports such as: Data security analysis Concepts of operation Statements of Sensitivity (SoSs) Threat assessments Privacy Impact Assessments (PIAs) Nontechnical Vulnerability Assessments Risk assessmentsITSecurity threat vulnerability and/or risk briefings
- Conduct Certification activities such as: Develop Security Certification Plans Verify that security safeguards meet the applicable policies and standards Validate the security requirements by mapping the systemspecific security policy to the functional security requirements and mapping the security requirements through the various stages of design documents Verify that security safeguards have been implemented correctly and that assurance requirement have been met. This includes confirming that the system has been properly configured and establishing that the safeguards meet applicable standards Conduct security testing and evaluation (ST&E) to determine if the technical safeguards are functioning correctly Assess the residual risk provided by the risk assessment to determine if it meets an acceptable level of risk
- Conduct Accreditation activities such as: Review of the certification results in the design review documentation by the Accreditation Authority to ensure that the system will operate with an acceptable level of risk and that it will comply with the departmental and system security policies and standards and identify the conditions under which a system is to operate (for approval purposes). This may include the following types of approvals:
- Developmental approval by both the Operational and the Accreditation Authorities to proceed to the next stage in anITsystems life cycle development if sensitive information is to be handled by the system during development
- Operational written approval for the implementedITsystem to operate and process sensitive information if the risk of operating the system is deemed acceptable and if the system is in compliance with applicable security policies and standards
- Interim approvala temporary written approval to process sensitive information under a set of extenuating circumstances where the risk is not yet acceptable but there is an operational necessity for the system under development
- Develop and deliver training material relevant to the resource category
Required Experience:
IC
Employment Type
Contract
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
