IT Security Engineer

Why Technitask

Technitask is a Canadian company and a trusted provider of IT management, systems integration, software delivery, and consulting services. Our expert team of SAP functional consultants, developers, project managers, data engineers, and security analysts create value for customers in the utilities, telecommunications, and public services sectors. We work with our clients to discover and define business problems, then collaborate with them to implement people, process, and technology solutions to realize benefits across the business.

• We bring SAP technical expertise across technical PMO, architecture, integration, data & reporting, security, custom development, system build & administration, and testing.

• We’ve worked with some of the biggest enterprises in utilities and the public sector such as Hydro One, Liberty Utilities, the Government of Canada, and the Province of Ontario.

• We’re a team of 50+ staff and a network of 200+ alumni with 17+ years of experience delivering SAP solutions.

What you’ll do

• a. Design secure implementations of:

  • Directory Standards such as X.400, X.500, and SMTP.

  • Operating Systems such as MS, Unix, Linux, and Novell.

  • Networking Protocols such as HTTP, FTP, and Telnet.

  • Communications using security protocols such as IPSec, IPv6, SSL, and SSH;

  • Domain Name Services (DNS) and Network Time Protocols (NTP);

  • Network routers, multiplexers, and switches.

  • Application, host and/or Network hardening and security best practices such as shell scripting, service identification, and access control.

  • Intrusion detection/prevention systems, malicious code defence, file integrity, Enterprise Security Management and/or firewalls.

• Identify technical threats to, and vulnerabilities of, networks.

• Manage IT Security configurations.

• Analyze IT Security tools and techniques.

• Analyze security data and provide advisories and reports.

• Analyze IT Security statistics.

• Prepare technical reports such as IT Security Solutions option analysis and implementation plans.

• Provide Independent Verification and Validation (IV&V) support to IT Security related projects including:

  • IT Security audits, including applicable reports, presentations, and other documentation.

  • Review of contingency plans, Business Continuity Plans and Disaster Response Plans.

  • Design/development and conduct IT Security protocols tests and exercises; and

  • Project oversight.

• Develop and deliver training material related to IT security engineering.

• Brief senior management.

• Review and provide comments related on documents relating to IT security engineering; and

• Perform other related services as required by the Technical Authority.

What you'll need

Mandatory Qualifications

• Security Clearance: Top Secret

• A degree from a recognized university in the sciences, engineering or information management, or a diploma (3 years program) from a recognized college in the sciences, engineering or information management.

• Any 5 of the following:

  • Certified Information Systems Security Professional (CISSP)

  • Certified Information Systems Auditor (CISA)

  • Certified Information Security Manager (CISM)

  • ISACA Certification and Risk and Information Systems Control; and

  • ISO 27001 Lead Auditor Certification.

  • Control Objectives for Information Technologies COBIT 5 Assessor

  • Information Systems Security Management Professional (ISSMP)

  • Certified Secure Software Lifecycle Professional (CSSLP)

  • Global Information Assurance Certification (GIAC) Security Essentials (GSEC)

  • Global Information Assurance Certification (GIAC) Information Security Professional (GISP)

  • Any TOGAF Certification

  • AWS Architecture Certification

Experience

• The Contractor must clearly demonstrate that the proposed resource has a minimum of ten (10) years’ experience, within the last fifteen (15) years, conducting at least two (2) of the following assessment activities:

  (i) Developing security assessment plans;

  (ii) Verify that security safeguards meet the applicable policies and

  standards;

  (iii) Validating the security requirements by mapping the system specific

  security policy to the functional security requirements, and

  mapping the security requirements through the various stages of

  design documents;

  (iv) Verifying that security safeguards have been implemented

  correctly and that assurance requirement have been met (this

  includes confirming that the system has been properly configured,

  and establishing that the safeguards meet applicable standards);

  (v) Conducting security testing and evaluation (ST&E) to determine if

  the technical safeguards are functioning correctly;

  (vi) Assessing the residual risk provided by the risk assessment to determine if it meets an acceptable level of risk.

  Resources who possess at least six (6) months of experience with each area will be accepted, so long as their total experience adds up to at least 10 years within the last 15 years.

• The Contractor must clearly demonstrate the proposed resource has a minimum of ten (10) years’ experience within the last fifteen (15) years, working in the development and implementation of IT security applications and infrastructures on *secure domain IM/IT architecture projects. This includes efforts in:

  • Documenting systems current-state and/or deficiencies;

  • Conducting product assessment;

  • Conducting proof of concept test and validation activities; 

  • Providing integration/implementation strategy and transition planning documentation to support rollout of deliverables; and

  • Identifying in-service support impacts.

Who you are

• Problem solver: You quickly formulate approaches from problem statements and target outcomes, undertake research using creative strategies, solve complex problems independently, and quickly learn and adapt to new situations.

• Highly organized: You think in systems and process, create structure in ambiguity, and relentlessly prioritize to pursue what drives the business forward.

• Team player: You effectively partner with others to get things done.

• Clear communicator: You are an excellent writer (memos, slides) and excel at distilling complex information into simple messaging.

• Outcomes driven: You collaborate with your clients, partners, and stakeholders to deeply understand their needs and ruthlessly prioritize to meet those needs.

Additional information

• Contract role

• Duration: 24 months

• Onsite

• Background check required

Our belief is that diversity & inclusion enables us to build solutions that work. We encourage applications from Indigenous peoples, racialized people, people with disabilities, people from gender and sexually diverse communities, and / or people with intersectional identities.

We also believe that unique experiences may not always fall along the beaten track. We’re dedicated to adding new perspectives to the team, so if your experience and skills can help us solve our customers’ problems, please consider applying.