Security Specialist – Senior



Job Description:RFS No RQ01096 – Security Specialist – SeniorClient Ministry of HealthStart Date-2021-04-01End Date 2022-03-31Location -TorontoMust Haves:-7+ years of broad and progressive information security experience-2+ years of information security experience working with Azure Cloud-Professional security certification from ISC2 (CISSP) or equivalent is requiredResponsibilities:Ensures the incorporation of IT security and contingency measures in the development of systems.Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities; protection of privacy issues; and appropriate industry and international security standards.General Skills: Knowledge of techniques to secure information assets and the planning, design, and implementation of security technologies Proven techniques to Client gaps or weaknesses in security architecture toidentify and mitigate known security threats or inherent weaknesses Knowledge and understanding of relevant legislation and corporate directives related to the security and confidentiality of information (e.g. Freedom of Information and Protection of Privacy Act, PHIPPA) in order to identify and assess areas of concern and risk Solid knowledge of current security and contingency technology and techniques (e.g. digital signature, encryption, access controls, fire-walls, authentication, virus protection, etc.); and a proven working knowledge of security audit procedures and protocols Experience in establishing secure environments at a network, operating system or application level Experience with implementing security on complex and distributed systems. Awareness of emerging IT trends and directions, especially as related to security Excellent analytical, problem-solving, and decision-making skills; written and verbal communication skills; interpersonal and negotiation skills A team player with a track record for meeting deadlines, managing competing priorities and client relationship management experienceDesirable Skills: Experience in Threat Risk Assessment methods Experience in business recovery and disaster recovery planning. Experience in performing threat and risk assessment. Experience in security design as part of systems development projects. Experience in vulnerability analysis and penetration testing. Experience in security policy development. Experience in developing and delivering security education. Knowledge and understanding of Information Management principles, concepts, policies and practicesExperience and Skill Set Requirements Criteria Criteria Details Criterion Maximum Rating Security Experience Demonstrated and expert level knowledge with: secure application development practices, including modern web application threats and mitigations Microsoft and Oracle technology stacks including Operating System, Server, Middleware, Storage (Database), and Development various information security controls (strengths, weaknesses, and application) and experience conducting security assessments including TRAs, security reviews, implementing information security recommendations, analyzing technical controls and applying security control standards for cloud and on-prem solutions 30% Azure Cloud Experience Demonstrated experience in working with Azure cloud solutions and migrating solutions to cloud including: cloud computing concepts and virtualization providing security design, security requirements and controls, risk identification, and recommendations for mitigation strategies Conducting security assessments including threat and risk assessments, technical vulnerability assessments and pen tests 30% Security Governance Demonstrated experience in developing security policies, procedures and plan. 20% Soft skills Strong communication, collaboration, and leadership skills 20% Total 100% Job ID: 10981900
2iSolutions Inc.

View original article here Source