Security Design Specialist - Gatineau, Canada - Maplesoft Group

Maplesoft Group

Verified Company

Gatineau, Canada

1 week ago

Posted by:

Sophia Lee

beBee Recruiter

Description

Title

Security Design Specialist

Location

Gatineau, QC

Start Date

Language

Bilingualism in both official languages (English and French)

Salary

Negotiable

Security Clearance

Enhanced Reliability

Duration

55 Days

Date Posted

Job ID

13074

Maplesoft Group is currently seeking a Security Design Specialist for our Federal Government client.

The following responsibilities are associated with the "Statement of Work" but are not limited to:
Accreditation processes, IT Security products, safeguards and best practices, and the IT Security

risk mitigation strategies;

Identify threats to, and vulnerabilities of operating systems and wireless architectures (Azure

and MS Power Platform);

Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal

IT systems;

Develop reports such as:
Data security analysis, Concepts of operation, Statements of

Sensitivity (SoSs), Threat assessments, Privacy Impact Assessments (PIAs), Non-technical

Vulnerability Assessments, Risk assessments, IT Security threat, vulnerability and/or risk

briefings;

Conduct Certification activities such as:
Develop Security Certification Plans, Verify that

security safeguards meet the applicable policies and standards, Validate the security

requirements by mapping the system-specific security policy to the functional security

requirements, and mapping the security requirements through the various stages of design

documents, Verify that security safeguards have been implemented correctly and that

assurance requirement have been met. This includes confirming that the system has been

properly configured, and establishing that the safeguards meet applicable standards, Conduct

security testing and evaluation (ST&E) to determine if the technical safeguards are functioning

correctly, Assess the residual risk provided by the risk assessment to determine if it meets an

acceptable level of risk;

Conduct Accreditation activities such as:
Review of the certification results in the design review

documentation by the Accreditation Authority to ensure that the system will operate with an

acceptable level of risk and that it will comply with the departmental and system security

policies and standards and identify the conditions under which a system is to operate (for

approval purposes).

This may include the following types of approvals;

Developmental approval by both the Operational and the Accreditation Authorities to proceed

to the next stage in an IT system's life cycle development if sensitive information is to be

handled by the system during development;

Operational written approval for the implemented IT system to operate and process sensitive

information if the risk of operating the system is deemed acceptable, and if the system is in

compliance with applicable security policies and standards;

Interim approval - a temporary written approval to process sensitive information under a set of

extenuating circumstances where the risk is not yet acceptable, but there is an operational

necessity for the system under development; and

Develop and deliver training material relevant to the resource category.

Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people.

Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.

All employment decisions are made based on business needs, job requirements, and individual qualifications.