Senior SA&A to provide guidance on security authorizations (ATO) and on regulations, policies following ITSG-33 guidelines for a RPA/cloud based applic
S.i. Systèmes
Ottawa, ON-
Nombre de poste(s) à combler : 1
- Salaire À discuter
-
Emploi Contrat
- Publié le 17 février 2025
-
Date d'entrée en fonction : 1 poste à combler dès que possible
Description
Our Valued Public Sector Client is seeking a Senior SA&A to provide guidance on security authorizations (ATO) and on regulations, policies following ITSG-33 guidelines for a RPA/cloud based application.
Project Description:
Provide SA&A support to re-certify a suite of applications.
Must Have:
- SA&A (10+ years)
- RPA [Robotic Process Automation] (1+ year)
- Cloud security project for Government of Canada (3+ years)
Responsibilities:
- Review, analyze, create and/or update relevant SA&A documentation such as: Concept of Operation, IT Security Architecture, Statement of Sensitivity, and Statement of Acceptable Risk.
- Provide subject matter expertise on relevant regulations and policies and relevant frameworks/standards such as ITSG-33. ISO27001, NIST.
- Capture compliance requirements and a list of outcomes for expected activities in the areas of people, process and technology for the program;
- Provide operational security experience (SOC, Vulnerability management, Incident Response, Audits, etc.).
- Provide Security Authorization (“ATO” - the Authority to Operate) by advising and maintaining current security risk management decisions.
- Support information security incidents investigation, coordinate incident response and reporting
- Provide support for internal/external audit and information security assessments by client
- Conduct security testing and evaluation (ST&E) to determine if the technical safeguards are functioning correctly, Assess the residual risk provided by the risk assessment to determine if it meets an acceptable level of risk
Nice to Haves:
- Security Certification (ex: CISSP, CISA, CISM, ASEA, CCSP)
Exigences
non déterminé
non déterminé
non déterminé
non déterminé
D'autres offres de S.i. Systèmes qui pourraient t'intéresser