Cyber Security Analyst
Sorry, this job is no longer available. Please Search for Jobs to conduct a new search
Eagle is currently seeking a Cyber Security Analyst. This is a three (3) month, contract position scheduled to start in January.
The successful candidate will be responsible for:
- Conducting threat risk assessment for the requesting DHW-BAIM departmental project sponsor in consultation with a resource from the CSRM function;
- Working within industry standard best practices and methodologies, such as the International Organization for Standardization (ISO) 27001-series of information security standards, the Cloud Security Alliance (CSA), the National Institute of Standards and Technology (NIST);
- Demonstrating references to TRA industry standard best practices were followed in previous client engagements;
- Identifying specific and detailed vulnerabilities, threats and controls as they would relate to the requesting service/project and any other existing impacted NSGOV systems;
- Submitting recommendations for mitigating identified risks against service/project assets of value;
- Assessing functional areas including but are not limited to: Firewalls, Hardware, Software, Routers and Switches, Remote Access (VPN), Physical Security, Identity Management, Change Management, Project Management, Virtual Infrastructure (i.e. VM Ware), Data Flow Modelling / Use Case Diagrams, Payment Card Industry Data Security Standard (PCI DSS), Enterprise Storage Network Networks, WAN/LAN Infrastructure, Wireless Security, Desktop and Laptop PC encryption and security implementation, Antivirus, Spyware and Malicious code detection, Incident and Response Reporting, Documentation of IT Policies and Procedures, Web Technologies and Application Security (i.e. IIS, OWSAP), Cloud Services Provider3 solutions, Information Management, Personally Identifiable Information (PII) and Data Privacy;
- Using Industry Standard Risk Assessment methodologies such as: Fault Tree Analysis, Root Cause Analysis, Bow Tie Analysis, Service (IaaS), Software as a Service (SaaS) or Platform as a Service (PaaS) – to other businesses or individuals;
- Confirming with departmental sponsor TRA scope;
- Planning and facilitating workshops with stakeholders to identify threats, vulnerabilities and controls against service and project assets;
- Submitting the TRA deliverable draft for the requesting departmental project for review;
- Finalizing the TRA deliverable per comments from stakeholders;
- Preparing and presenting a TRA summary presentation for the project executive;
- Participating and contributing in other privacy and security deliverables such as Privacy Impact Assessments or Vulnerability Assessments, as related to the departmental service and project;
- Using risk management best practices to identify, analyze, evaluate and document ICTS risks to the departmental service and project;
- Reviewing and analyzing results from other available and relevant TRAs or security scans conducted as part of the project;
- Producing a Threat Risk Assessment Report that includes recommendations to manage identified ICTS risks assessed as high or critical to the departmental service and project; and,
- Preparing and delivering technical presentations to the departmental project sponsor and ICTS staff.
Skills and Qualifications
The qualified candidate must have:
- Minimum of (5) years of demonstrated IT related experience within one or more of the following fields: IT Infrastructure, IT Networks, Cyber Security/Risk Management, Enterprise Architecture, Privacy, Data Centre’s, Telecommunications or Cloud Service delivery;
- Demonstrated experience in conducting Information, Communications, and Technology service TRAs;
- Relevant subject matter experience;
- Experience facilitating workshops and bringing stakeholder groups to consensus;
- Proven analytical and creative problem-solving abilities;
- Strong writing skills to produce accurate and comprehensive documentation; and,
- Ability to use the Federal government of Canada PBMM profile to demonstrate service compliance to this recommended security level for sensitive government information and assets.
Don’t miss out on this opportunity, apply online today!
Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.