Job Description:
Responsibilities:

• Defines, evaluates, and assesses security architecture requirements for systems environments and IT projects.
• Ensures the incorporation of IT security and contingency measures in the development of systems.
• Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities; protection of personal privacy issues; and appropriate industry and international security standards.
• Carry out information and information technology (I&IT) security projects and tasks in the Government as assigned by Corporate Security or cluster I&IT management.

General Skills:

• Strong understanding and expertise in security architecture
• Knowledge of techniques to secure information assets and the planning, design, and implementation of security technologies
• Proven techniques to Client gaps or weaknesses in security architecture to identify and mitigate known security threats or inherent weaknesses
• Knowledge and understanding of relevant legislation and corporate directives related to the security and confidentiality of information (e.g. Freedom of Information and Protection of Privacy Act) in order to identify and assess areas of concern and risk
• Solid knowledge of current security and contingency technology and techniques (e.g. digital signature, encryption, access controls, fire-walls, authentication, virus protection, etc.); and a proven working knowledge of security audit procedures and protocols
• Experience in developing enterprise architecture deliverables (e.g. models)
• Experience in providing specialized security support at the specified experience level
• Experience in establishing secure environments at a network, operating system or application level
• Experience with implementing security on complex and distributed systems.
• Awareness of emerging IT trends and directions, especially as related to security
• Excellent analytical, problem-solving, and decision-making skills; written and verbal communication skills; interpersonal and negotiation skills
• A team player with a track record for meeting deadlines, managing competing priorities and client relationship management experience

Desirable Skills:

• Experience in Threat Risk Assessment methods
• Knowledge and understanding of Information Management principles, concepts, policies and practices
• Experience in business recovery and disaster recovery planning, performing threat and risk assessment, public key infrastructure development and operation and security design as part of systems development projects.
• Experience in intrusion detection systems, mitigation tools for malicious software, vulnerability analysis and penetration testing.
• Experience in network monitoring, security policy development, developing and delivering security education and forensic investigation.
• Knowledge and understanding of Information Management principles, concepts, policies and practices

Deliverables:

• The specialist will design and implement training programs, resources, and awareness initiatives to strengthen cyber resilience across these sectors.
• Key responsibilities include developing sector-specific cybersecurity best practices, coordinating workshops and consultations, and delivering reports to inform policy decisions.

Experience and Skill Set Requirements:

• The Education & Centre of Excellence (ECOE) unit is seeking one (1) Fee-For-Service contingent IT resource in the Senior Cyber Security Specialist, Level 3 category.
• The FFS resources will provide the capacity required to support delivery of the Government Cyber Security Strategy by assisting Cyber Centre of Excellence for Public Sector (run by the ECOE unit) projects to expand current partnerships with the Government and Public Sector.
• Digital Transformation: Transforming through a digital first approach to lower the cost of delivery and make services simpler, faster and better for people, businesses and Government employees priority
• Education Program & Sector Consultations: Expanding cyber security education and consultations for sectors including higher education and health.

Technical Security Architecture Design (25%):

• Provides security design expertise and advice to internal stakeholders on design principles and best practices and the development and implementation of security mechanisms to ensure the protection of information assets of client ministries and compliance with legal requirements, and industry best practices.

Security Liaison and Advice (25%):

• Maintains on-going liaison with IT cyber security staff and senior client ministry program management to facilitate working relationships on all security planning, implementation and management matters by assessing security needs and assisting asset custodians in the identification, design, and implementation of security architecture.

Project Management (25%):

• Leads and/or carries out large scale and sensitive security architecture design projects and/or significant components of other projects with security design elements, to mitigate identified risk to an acceptable level, ensuring compliance and integration with the Enterprise Information Architecture and Cluster architectures; provide supervision/technical direction to teams, coordinate development of design specifications, prepare reports, estimates, and feasibility studies.

Communication and Relationship Management Skills (25%):

• Demonstrated communication, consultative and advisory skills to act as a lead technical resource and provide expertise to ongoing contacts.