IT Security Design (C7) Level 3

1. Protect and maintain the confidentiality of all documents, data, and proprietary information.

2. Work independently on assigned tasks while providing expert advice and technical support to the project team.

3. Return all DND materials and property upon completion of the contract or specific tasks.

4. Safeguard all documentation and sensitive materials in secure facilities or locked cabinets.

5. Participate in meetings, working groups, technical reviews, consultations, teleconferences, and coordination sessions with internal and external stakeholders, as directed by the Technical Authority.

2. Develop and maintain detailed work plans, schedules, and progress tracking for assigned deliverables.

3. Review, analyze, and apply recognized enterprise and government architectural frameworks, methods, and models to support system design and integration.

4. Assess emerging market and technology trends such as web services security, incident management, and identity management, and evaluate their applicability to enterprise architecture roadmaps and solution designs.

5. Review, analyze, design, configure, integrate, and implement a range of security technologies across multiple systems, application architectures, and hardware/software platforms, including but not limited to:

a. Directory standards (e.g., X.500, LDAP).

b. Operating systems (e.g. Microsoft, Unix, Linux).

c. Networking protocols (e.g., HTTP, FTP, Telnet).

d. Network routers, multiplexers, and switches.

e. Domain Name Services (DNS) and Network Time Protocols (NTP).

f. Secure IT architecture, communications, and security protocols (e.g., IPSec, TLS, SSH, S/MIME, HTTPS); and

g. Endpoint and data protection technologies (e.g., Data Loss Prevention, Endpoint Protection).

Apply and integrate IT security protocols and controls across all layers of the Open Systems Interconnection (OSI) and Transmission Control Protocol/Internet Protocol (TCP/IP) stacks to ensure comprehensive network defence and system resilience.

2. Apply and promote best practices and standards related to network zoning, segmentation, and defence in-depth security principles.

3. Analyze IT security data, tools, and metrics to identify threats and vulnerabilities, and provide security architecture, design, and engineering support to ensure security requirements are integrated into system and application design, implementation, and operation, including the development of advisories, alerts, and technical reports.

4. Conduct data security classification and designation studies in accordance with departmental policy and applicable Government of Canada standards.

5. Produce technical analyses and decision-support deliverables, including requirements analysis, options analysis, technical architecture documentation, and risk models.

6. Develop and maintain comprehensive engineering and design documentation, including requirements, system and solution designs, build and configuration records, concepts of operations, implementation and life cycle support plans, test documentation, operating procedures, user guides, and system performance documentation.

Develop and deliver knowledge transfer sessions, briefings, and training materials relevant to IT security architecture and design.