EMPLOYER: High Tech Genesis
JOB DESCRIPTION:
High Tech Genesis is hiring an IT Security Engineer with secret clearance. You will be responsible for reviewing, analyzing, and applying various IT security standards, protocols, and technologies, including directory standards, operating systems, networking protocols, secure IT architectures, and cryptographic algorithms. The role requires a degree in a related IT discipline, 10+ years of experience in IT security engineering, and proficiency in various security assessment and analysis tasks.
Roles and responsibilities:
1. Assess, analyze, and/or implement:
- Directory Standards such as X.500, and SMTP;
- Operating Systems such as MS, Unix, and Linux;
- Networking Protocols such as HTTP, HTTPS, FTP, SFTP, SSH and Telnet;
- Secure IT architectures fundamentals, standards, communications and security protocols such as IPSec, SSL/TLS, and SSH;
- IT Security protocols at all layers of the Open Systems Interconnection (OSI) and Transmission Control;
- Protocol/Internet Protocol (TCP/IP) stacks;
- Domain Name Services (DNS) and Network Time Protocols (NTP);
- Network routers and switches
- Application and Operating System hardening and security acceptable practices such as shell scripting, and access control;
- Intrusion detection/prevention systems, endpoint security for malware, Enterprise Security Management and firewalls;
- Wireless technology; and,
- Cryptographic Algorithms;
2. Identify the technical threats to, and vulnerabilities of, systems;
3. Manage the IT Security configuration;
4. Analyze IT Security tools and techniques;
5. Analyze the security data and provide advisories and reports;
6. Analyze IT Security statistics;
7. Prepare technical reports such as IT Security Solutions option analysis and implementation plans;
8. Provide Independent Verification and Validation (IV&V) support to IT Security related projects including:
- Perform IT security assessments and consultations, including the preparation of necessary reports, presentations, and documentation as needed.
- Review of contingency plans, Business Continuity Plans and Disaster Response Plans;
- Create and execute tests and exercises for IT security protocols, and,
- Project oversight
9. Develop and deliver training material relevant to the resource category;
10. Conduct assessments, perform analysis and report on the state of departmental IT security solutions (existing and proposed processes and tools) and the overall security posture;
11. Carry out IT security advisory engagements, including design, development and conduct of IT security protocols evaluation/testing and data analytic exercises;
12. Assess system under development including those using agile methodology techniques;
13. Perform gap analysis over the entire spectrum of IT security in the Department, including a roll-up of previously conducted audits and studies. This may lead to the identification of high-risk engagements which could be included in future departmental Risk-Based Audit Plans;
14. Access, analyze and report on adherence to IT security policies, standards, procedures and guidelines pursuant to the requirements of GoC’s IT security regulatory framework and supporting operational standards, procedures and guidelines;
15. Assess departmental IT security implementation of tools, techniques, procedures, and practices in the areas of assurance, standard certification and accreditation frameworks for IT systems, information infrastructure protection, product evaluation, privacy, business continuity planning, contingency planning and disaster response planning, research and development;
16. Develop work plans, plan and approach documents based on Project Authority or their delegate’s direction;
17. Conduct scoping exercises to determine direction of projects and identify scope including limitations;
18. Analyze if sampling techniques are required or if tests are to be conducted on entire population or select a sample as required;
19. Design, develop and conduct interview questionnaire, checklists, and/or surveys;
20. Consult, interview and follow-up with key stakeholders, as appropriate;
21. Facilitate meetings of IT security related sessions and provide summary of discussions and next steps;
22. Perform document review and analysis based on collected evidence through walkthroughs, screen shots and demonstrations of practices;
23. Examine compliance monitoring and reporting and report on deviation from industry best practices;
24. Conduct quality assurance exercises over vulnerability analysis specialists’ work;
25. Prepare technical and assessment reports, presentations and provide executive-level advice and remediation options; and
26. Prepare management reports, presentations and provide executive-level advice and remediation options.
Required skills and experience:
- A degree, diploma or certificate from a recognized university or college in a related information technology discipline.
(Proof of education/certification/equivalence MUST be provided)
- 10+ years of experience as Information Technology Security Engineer (with experience in below areas)
Must have one or more certifications in:
- Global Information Assurance Certification (GIAC)
- Security Essentials (GSEC);
- GIAC Security Expert (GSE);
- GIAC Auditing Wireless Networks (GAWN);
- GIAC Reverse Engineering Malware (GREM);
- GIAC Cloud Security Automation (GCSA);
- GIAC Certified Incident Handler (GCIH);
- GIAC Continuous Monitoring Certification (GMON);
- Core Impact Certified Professional (CICP);
- Certified Information Systems Security Professional (CISSP);
- Certified Information System Security Officer (CISSO);
- Certified in Risk and Information Systems Control (CRISC);
- Certified Cyber Forensics Professional (CCFP);
- Systems Security Certified Practitioner (SSCP);
- Information Systems Security Architecture Professional (ISSAP);
- Certified Cloud Security Professional (CCSP);
- Microsoft Certified Azure Security Engineer Associate.
Note 1: You MUST be legally entitled to work in Canada (i.e., possess Canadian Citizenship, Permanent Residency or Valid Work Permit).
Note 2: High Tech Genesis Inc. is an Equal Opportunity Employer.
Note 3: Please submit an MS Word version of your resume when applying for this position.
Note 4: Salary is commensurate with experience.
Begin your exciting career with us by applying on-line at: https://jobs.hightechgenesis.com/o/information-technology-security-engineers
START DATE: 03/07/2024