Intermediate Security Analyst
Ottawa Region, Ontario
Job Informations: Profile Description
As an member of CGI's Centre Of Expertise (COE) and the NCR BU InfoSec practice, you will provide CGI clients with a strong combination of security skills and experience in the following areas:
o IT security, including technical security best practices;
o Security management best practices, especially those related to the Government of Canada (eg Treasury Board Standard for Management of Information Technology Security); and
o Other standards and best practices (eg Sarbanes-Oxely, ISO 17799, ISO 27001/2, etc).
Working alone, or as part of a close-knit team, you will be capable of providing CGI clients with sound advice and services in the area of security-related regulatory compliance, threat & risk assessment, privacy impact assessment, statements of sensitivities and vulnerability assessment. You will be fully conversant with Government of Canada Security Policy, as well as all associated security standards, policies, and methodologies.
Depending upon your level of experience, you may also be called upon to act as a team lead, or otherwise assist in the development of opportunities and the fulfillment of client needs, thus contributing to CGI's strong track record of client satisfaction and commitment.
Key Responsibilities and Deliverables (include but are not limited to the following):
o Preparation and delivery of the following deliverables:
o Threat & Risk Assessments;
o Vulnerability Assessments;
o Statements of Sensitivity;
o Privacy Impact Assessments; and
o Certification and Accreditation Plans.
o Advice and reports to clients on compliance with the federal Government Security Policy (GSP), the Management of Information Technology Security (MITS), and the Personal Information Protection and Electronic Documents Act (PIPEDA);
o Advice and reports to clients on other aspects of legal and regulatory compliance, including the Privacy Act, Sarbanes Oxley, Bill 198, ISO 17799 and associated standards and best practices; and
o Act as Team Lead for smaller InfoSec projects and/or provide support and assistance to InfoSec Leads and Project Managers on larger scale projects, as required
Education and Certifications
The skills, knowledge & abilities for this role are typically acquired through experience directly associated with this field. The successful candidate will demonstrate a minimum of 7 years of over the last 10 years in directly applicable experience in Information Security policies, standards, procedures, technologies, and methodologies, as outlined above.
A Degree or equivalent college diploma in one of the following would be highly desirable:
o Computer sciences;
o Computer engineering;
o Electrical engineering; or
o Information Technology.
In addition, the following certifications are desirable:
o CISSP;
o DISA;
o SANS GCIA or equivalent;
o Common Criteria EAL1 or higher;
o ITIL Foundations or higher;
o CIPP; or
o CBCP.
Technical Requirements
Knowledge and experience with
o Secure information technology technical and architectural best practices and standards;
o Industry-standard information security products and best-of-breed technologies;
o Medium to large (enterprise-level) network infrastructure and security-associated best practices;
o Security-related product test and evaluation, particularly Common Criteria is a definite asset;
o Both Windows and Unix (particularly Solaris) environments; and
o Software development and programming is desirable.
Additional Requirements
o Strong judgment and innovative problem-solving skills;
o Strong organizational and communication skills, both written and verbal;
o Bilingualism (French & English) is an asset;
o A strong team player;
o Possession of a Government of Canada security clearance to a minimum of Level II (Secret); and
o Willingness to travel and participate in projects outside the NCR, as/if required.
Skills:
o CBCP
o CISSP
o ITIL Fundamentals
o Risk Management Framework
o Sarbanes-Oxley
o Security Audits
o Threat & Risk Assessment
o Vulnerability Assessment
o Security-Related Product Testing and Evaluation
Founded in 1976, CGI Group Inc. is one of the largest independent information technology and business process services firms in the world. CGI and its affiliated companies employ approximately 27,000 professionals. CGI provides end-to-end IT and business process services to clients worldwide from offices in Canada, the United States, Europe, Asia Pacific as well as from centers of excellence in North America, Europe and India.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position; however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
WE ARE AN EQUAL OPPORTUNITY EMPLOYER.
Skills:CISSPITIL FundamentalsSarbanes-OxleySecurity AuditsThreat & Risk Assessment
As an member of CGI's Centre Of Expertise (COE) and the NCR BU InfoSec practice, you will provide CGI clients with a strong combination of security skills and experience in the following areas:
o IT security, including technical security best practices;
o Security management best practices, especially those related to the Government of Canada (eg Treasury Board Standard for Management of Information Technology Security); and
o Other standards and best practices (eg Sarbanes-Oxely, ISO 17799, ISO 27001/2, etc).
Working alone, or as part of a close-knit team, you will be capable of providing CGI clients with sound advice and services in the area of security-related regulatory compliance, threat & risk assessment, privacy impact assessment, statements of sensitivities and vulnerability assessment. You will be fully conversant with Government of Canada Security Policy, as well as all associated security standards, policies, and methodologies.
Depending upon your level of experience, you may also be called upon to act as a team lead, or otherwise assist in the development of opportunities and the fulfillment of client needs, thus contributing to CGI's strong track record of client satisfaction and commitment.
Key Responsibilities and Deliverables (include but are not limited to the following):
o Preparation and delivery of the following deliverables:
o Threat & Risk Assessments;
o Vulnerability Assessments;
o Statements of Sensitivity;
o Privacy Impact Assessments; and
o Certification and Accreditation Plans.
o Advice and reports to clients on compliance with the federal Government Security Policy (GSP), the Management of Information Technology Security (MITS), and the Personal Information Protection and Electronic Documents Act (PIPEDA);
o Advice and reports to clients on other aspects of legal and regulatory compliance, including the Privacy Act, Sarbanes Oxley, Bill 198, ISO 17799 and associated standards and best practices; and
o Act as Team Lead for smaller InfoSec projects and/or provide support and assistance to InfoSec Leads and Project Managers on larger scale projects, as required
Education and Certifications
The skills, knowledge & abilities for this role are typically acquired through experience directly associated with this field. The successful candidate will demonstrate a minimum of 7 years of over the last 10 years in directly applicable experience in Information Security policies, standards, procedures, technologies, and methodologies, as outlined above.
A Degree or equivalent college diploma in one of the following would be highly desirable:
o Computer sciences;
o Computer engineering;
o Electrical engineering; or
o Information Technology.
In addition, the following certifications are desirable:
o CISSP;
o DISA;
o SANS GCIA or equivalent;
o Common Criteria EAL1 or higher;
o ITIL Foundations or higher;
o CIPP; or
o CBCP.
Technical Requirements
Knowledge and experience with
o Secure information technology technical and architectural best practices and standards;
o Industry-standard information security products and best-of-breed technologies;
o Medium to large (enterprise-level) network infrastructure and security-associated best practices;
o Security-related product test and evaluation, particularly Common Criteria is a definite asset;
o Both Windows and Unix (particularly Solaris) environments; and
o Software development and programming is desirable.
Additional Requirements
o Strong judgment and innovative problem-solving skills;
o Strong organizational and communication skills, both written and verbal;
o Bilingualism (French & English) is an asset;
o A strong team player;
o Possession of a Government of Canada security clearance to a minimum of Level II (Secret); and
o Willingness to travel and participate in projects outside the NCR, as/if required.
Skills:
o CBCP
o CISSP
o ITIL Fundamentals
o Risk Management Framework
o Sarbanes-Oxley
o Security Audits
o Threat & Risk Assessment
o Vulnerability Assessment
o Security-Related Product Testing and Evaluation
Founded in 1976, CGI Group Inc. is one of the largest independent information technology and business process services firms in the world. CGI and its affiliated companies employ approximately 27,000 professionals. CGI provides end-to-end IT and business process services to clients worldwide from offices in Canada, the United States, Europe, Asia Pacific as well as from centers of excellence in North America, Europe and India.
This is a great opportunity to join a winning team. CGI offers a competitive compensation package with opportunities for growth and professional development. Benefits for full-time, permanent members start on the first day of employment and include a paid time-off program and profit participation and stock purchase plans.
We wish to thank all applicants for their interest and effort in applying for this position; however, only candidates selected for interviews will be contacted.
No unsolicited agency referrals please.
WE ARE AN EQUAL OPPORTUNITY EMPLOYER.
Skills:CISSPITIL FundamentalsSarbanes-OxleySecurity AuditsThreat & Risk Assessment
This job was taken from : jobserve.com