Home |  Corporate Overview |  Service Offerings |  Supply Contracts/Arrangements |  Clients |  Projects |  Resource Availability |  Opportunities |  Contacts

Security/Continuity Analyst (Stream 3 - IT Security)

Education & Experience

Level 1:

A - Successful completion of a post-secondary degree in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of three (3) years professional work experience in the Information Technology (IT) field, of which two (2) of the last five (5) years must be directly related to the development of information security deliverables. OR

A - A two (2) or three (3) year college diploma in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of five (5) years professional work experience in the IT field, of which three (3) of the last five (5) years must be directly related to the development of information security deliverables.

OR

A minimum of eight (8) years professional work experience in the IT field, of which four (4) of the last six (6) years must be directly related to the development of information security deliverables.

Level 2:

A - Successful completion of a post-secondary degree in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of five (5) years professional work experience in the IT field, of which four (4) of the last five (5) years must be directly related to the development of information security deliverables. OR

A - A two (2) or three (3) college diploma in Computer Science, Systems Engineering or related field, from a recognized academic institution;

And

B - A minimum of eight (8) years professional work experience in the IT field, of which four (4) of the last seven (7) years must be directly related to the development of information security deliverables. OR

A minimum of ten (10) years professional work experience in the IT field, of which six (6) of the last eight (8) years must be directly related to the development of information security deliverables.

Roles and Deliverables could include but are not limited to:

  • Develop risk management deliverables.
  • Produce written reports, analysis, technical, operational and procedural documentation.
  • Contribute to the design and implementation of security infrastructures such as PKI, firewalls, intrusion detection and DMZŐs.
  • Demonstrate knowledge of Information Technology Security (ITS) interoperability, connectivity and integration issues related to distributed or centralized IT infrastructures.
  • Understand and effectively communicate to senior management the trends, methods and strategies of IT Security.
  • Prepare and assist in oral and/or formal presentations.
  • Identify project-related scope, risks, issues and changes.
  • Work with various Canada Revenue Agency (CRA) project teams.

Specialties could include but are not limited to:

  • X.400 message handling standards
  • Network protocols (HTTP, FTP, Telnet)
  • GoC approved cryptographic
  • Intrusion detection systems
  • GoC Harmonized TRA
  • MS, Unix and Linux OS
  • TCP/IP, UDP, DNS, SMTP
  • Wireless security
  • Credential and access management
  • Certification and accreditation
  • Business continuity planning
  • X500 directory standards
  • Government of Canada (GoC) approved TRA, C&A and DRP methodologies
  • Forensic ITS investigations
  • Internet security protocols (SSL, SSH,S HTTP, S-MIME, IPSec
  • Vulnerability assessments
  • Disaster recovery planning
  • Methodology
  • Certification testing and evaluation related to supporting system certification and accreditation
  • Security standards development
  • IBM mainframe
  • ERP software (SAP/PeopleSoft
  • Project management
  • Virtualization
  • Web development
  • Knowledge of GoC Policy on Government Security (PGS), policies of Treasury Board, Communications Security Establishment and other lead security agencies, such as the RCMP, as they related to PkI
  • CSE Security Authorization
  • Secure coding
  • Database
  • Business impact analysis
  • Knowledge of theories, principles and techniques of IT security specifically as they relate to Public Key Cryptography
  • Public Key infrastructure (PKI) Knowledge of PKI software.
  • Copyright 2005 - 2011 The Devon Group Ltd. All Rights Reserved.