Senior Cyber Security Consultant to review, analyze, and update SA&A documentation, for a public sector client.

Our valued client is searching for a Senior Cyber Security Consultant to review, analyze, and update SA&A documentation.

Background:

After reviewing and perofrming in-depth analysis of their security protocols, the organization identified the need to implement a continual SA&A process to conduct security assessments following changes made to the system. Moreover, they have also identified a lack of SA&A documentation.

Tasks:

• Updated SA&A package for the main system and its associated systems
• Conduct and/or manage IT Security SA&A assessments that include: Security impact assessments, threat risk assessments, vulnerabilities assessments, privacy impact assessments, and business impact assessments;
• Review, analyze, create and/or update relevant SA&A documentation such as: Concept of Operation, IT Security Architecture, Statement of Sensitivity, and Statement of Acceptable Risk and strategy documents for each SA&A package
• Analyze, review, and make recommendations concerning the IT security posture of the organization's system, interfaces, functionality, and associated systems such as Electronic Information Exchange (EIE);
• Assess compliance with applicable departmental security policies and standards which are based on Government of Canada guidelines;
• Provide knowledge transfer to the organization and other contracted resources through formal documentation, informal sessions, and job shadowing on an on-going basis.

Must Haves:

• 10+ years of Security experience
• Strong knowledge of SA&A
• Knowledge of ITSG-33

Nice to Haves:

• Knowledge of SAP