Modis, on behalf of our client is looking for a Security Specialist
Security Specialist (57819143)
Contract Duration: (3 months)
Location: Toronto, ON
• Determining the scope of each TRA they are assigned;
• Planning and managing all deliverables required in order to conduct TRAs on each assigned application and/or system:
• Deliverables will be reviewed for quality and completeness and signed off by staff prior to moving to the project's next phase;
• Conducting the TRA for the assigned projects, following the Harmonized Threat and Risk Assessment Methodology or equivalent;
• Developing and implementing a TRA Work Plan, including but not limited to:
• A detailed schedule, including milestones, critical activities and dependencies for the completion of the Specialist's work:
• The Specialist's proposed timelines must be approved by the client, including determination of an agreed-upon deliverable date;
• Identifying employees and assets to be safeguarded in a Statement of Sensitivity;
• Determining threats to employees and assets in Canada and abroad, and assessing the likelihood and impact of threat occurrence;
• Assessing risks based on the adequacy of existing safeguards and vulnerabilities;
• Recommending any supplementary safeguards to reduce the risk to an acceptable level;
• Providing weekly status and progress report updates to the identified staff.
• Completing relevant Information Security-related work assigned by the relevant staff (such as conducting meetings/interviews);
• Assisting with Vulnerability Assessment Risk Treatment Plans and Risk remediation with project teams;
• Completion and submission of a Final TRA report for each system assessed:
• This report must be approved by the client’s Risk Management and Project team prior to the completion of this assignment.
• Knowledge of Formal Threat Risk Assessment (TRA) approaches such as Harmonized Threat and Risk Assessment (HTRA) methodology;
• Experience in delivering written TRA reports;
• Knowledge of identifying assets and risks relating to work management systems, cloud computing, IT/Business processes;
• Demonstrated experience conducting TRAs on complex projects in the public sector;
• Minimum of six years of experience in the information security and/or risk management field;
• Extensive experience applying information security policies, best practices, standards and security controls within an environment such as COBIT, ISO27001;
• Minimum of two years' experience identifying assets and valuation, preparing statement of sensitivity, creating threat assessment tables, vulnerability assessment tables, assessing residual risk and providing recommendations relating to TRA;
• Demonstrated ability to engage stakeholders, consult and manage issues;
• Superior written and oral communication skills with technical and business audiences;
• Timely with deadlines, team player and organized as well as able to conduct information gathering sessions and interviews with stakeholders;
• Is currently a holder of two (2) or more security industry specific certifications such as, but not limited to, CISSP, CRISC, CISA.
Please note that Candidates must be legally eligible to work in Canada. Your resume will not be forwarded to any of our clients without your explicit permission. We thank all applicants, but only suitable applicants with the above qualifications clearly identified in their resumes will be contacted. Modis Canada is an Equal Opportunity Employer.
We’re at the center of exceptional IT connections. Every day, Modis connects premier IT professionals to great opportunities at leading companies. Put our connections to work for you!