Security Specialist (TRA)
Sorry, this job is no longer available. Please Search for Jobs to conduct a new search
Eagle currently has a career opportunity for a Security Specialist (TRA) and we are looking to speak to qualified candidates with the skills and experience outlined below.
This position is a 2-month contract located in downtown, Toronto to start in December.
As a Security Specialist (TRA), you will be responsible for:
- Determining the scope of each TRA they are assigned;
- Planning and managing all deliverables required in order to conduct TRAs on each assigned application and/or system
- Deliverables will be reviewed for quality and completeness and signed off prior to moving to the project's next phase;
- Conducting the TRA for the assigned projects, following a formal risk assessment methodology such as NIST, Harmonized Threat, and Risk Assessment Methodology or equivalent
- Developing and implementing a TRA Work Plan, including but not limited to: o A detailed schedule, including milestones, critical activities and dependencies for the completion of the Specialist's work
- Identifying employees and assets to be safeguarded in a Statement of Sensitivity
- Determining threats to employees and assets in Canada and abroad, and assessing the likelihood and impact of threat occurrence,
- Assessing risks based on the adequacy of existing safeguards and vulnerabilities;
- Recommending any supplementary safeguards to reduce the risk to an acceptable level;
- Providing weekly status and progress report updates;
- Completing relevant Information Security-related work assigned by the relevant City staff (such as conducting meetings/interviews);
- Provide subject matter expertise on Threat Risk Assessment, Vulnerability Assessment, Penetration Testing and Privacy Impact Assessment of IT operations, capital IT projects, IT systems.;
- Develop the Request for Expression of Interest (REOI) and Request for Quotation (RFQ) for Vulnerability Assessment (VA) services.;
- Assisting with Vulnerability Assessment Risk Treatment Plans and Risk remediation with project teams; and,
- Completion and submission of a Final TRA report for each system assessed.
What we’re looking for:
- Knowledge of Formal Threat Risk Assessment (TRA) approaches such as Harmonized Threat and Risk Assessment (HTRA) methodology, NIST;
- Experience in delivering written TRA reports;
- Minimum of six (6) years of experience in the information security and/or IT risk management field;
- Minimum of four (4) years' experience performing TRA(s) on complex IT projects that include BOTH infrastructure and Application security assessments.
- Demonstrated ability to engage stakeholders, consult and manage issues;
- Superior written and oral communication skills with technical and business audiences;
- Timely with deadlines, team player and organized as well as able to conduct information-gathering sessions and interviews with stakeholders;
- The current holder of the security industry-specific certifications Technical Capabilities:
- Demonstrated understanding of technical and non-technical vulnerabilities and mitigation controls;
- Expert Knowledge of security controls that impact the protection of sensitive/personal information, data integrity, system availability including (but not limited to) internet tools, system interfaces, information security, information architecture, and da
- Well-developed research, analytical and problem-solving skills;
- Understanding of vulnerability assessments and penetration testing lifecycle; and,
- Understanding of Risk remediation and risk treatment.
Don’t miss out on this opportunity, apply online today!
Eagle is an equal opportunity employer and will provide accommodations during the recruitment process upon request. We thank all applicants for their interest; however, only candidates under consideration will be contacted. Please note that your application does not signify the beginning of employment with Eagle and that employment with Eagle will only commence when placed on an assignment as a temporary employee of Eagle.