Previous Job
Previous
IT Security TRA an C&A Analyst
Ref No.: 17-00022
Location: Gatineau, Quebec
Location Ottawa
Language English Required
Security Clearance Secret Security Clearance Required
 
Role and Responsibilities

Our Federal Government client requires a IT Security Specialist 
to gather, verify and validate evidence against the controls\risks identified in the GC Docs Security Action Plan. In addition, the resource will be required to facilitate meetings with key stakeholders, advice and guide stakeholders on documentation that addresses ITSG 33 controls and provide reports to Management.

The scope of this work encompasses:
  • Researching, developing, writing, and editing various IT security related documents;
  • Gather evidence to support security requirements identified in the systems Security Requirement Traceability Matrix (SRTM) and\or related documents associated with the GC Docs Security initiative;
  • Provide advice and guidance to stakeholders on improving documentation to address ITSG controls\risk identified in SRTM\SAP; and
  • Document and/or review and improve policies, procedures, and system documentation in support of evidence for the security requirements identified in the SRTM and\or related documents associated with the GC Docs Security initiative.

The role requires a Senior IT Security Analyst with superior oral and written communication skills, an organized and analytical approach, and the knowledge and ability to align deliverables to both the Department's priorities and the wider GC strategic priorities and IM/IT legislative context.

Responsibilities include:
  • Analyzing relevant Policy instruments and guidance documentation;
  • Analyzing business related documentation relevant to the system such as but not limited to a business case and functional requirements;
  • Researching, developing, writing, and editing various IT security related documents;
  • Gather evidence to support security requirements identified in the systems Security Requirement Traceability Matrix (SRTM) and Security Action Plan (SAP);
  • Document and/or review and improve policies, procedures, and system documentation in support of evidence for the security requirements identified in the SRTM and SAP
  • Facilitate meetings with stakeholders responsible for identified ITSG 33 controls\risks, including GC Docs, Client IT Security Directorate;
  • Gather, verify, validate and document evidence against controls;
  • Track, update and report SRTM and SAP progress;
  • Document Work Breakdown Structures in Plans;
  • Presentation(s) for stakeholders and formal committees;
  • Requirements and meetings documentation;
  • Project status & progress reports;
  • Various IT security related documentation, including but not limited to:
    • Policies, procedures, build books, risk assessments, security action plans, and security test reports; and SRTM