Senior Secret Cleared IT Security Threat and Risk Assessment and Certification & Accreditation Analysts (10+ years) to develop, assess, and authorize secur

Our Valued Public Sector Client is seeking a Senior secret Cleared IT Security Threat and Risk Assessment and Certification & Accreditation Analysts (10+ years) to develop, assess, and authorize security documentation for on-premise and cloud IT systems.

Overview:

The contractors will work with technical and project teams to follow established processes for developing critical Security Assessment & Authorization (SA&A) documents for various IT systems, applications, and platforms. Work will involve both corporate and research environments, focusing on identifying, assessing, and mitigating security risks while ensuring compliance with relevant standards and policies. Contractors will support scoping, documentation, verification, and evaluation activities for both on-premise and cloud-based environments.

Must Haves:

• 5+ years of professional work experience in IT Security within the last 10 years
• 3+ years within the last 5 years as an Analyst developing and updating SA&As for on-premise and cloud IT systems (e.g., email systems, hardware server systems, security systems) - excluding in-house developed software solutions
• Authorized 10+ SA&A packages using the ITSG-33 methodology within the last 5 years
• Completed 8+ SA&As in a research environment within the last 5 years
• One (1) bilingual (English/French) resource; remaining four English essential
• Secret clearance for all proposed resources at contract award

Deliverables include but are not limited to:

• Completed SA&A documents for assigned systems, including review and comparison of safeguards against control profiles
• Security assessment recommendations and risk mitigation plans for achieving acceptable risk levels
• Security testing and evaluation (ST&E) results, including residual risk analysis
• Bi-weekly progress reports outlining activities, status updates, outstanding items, issues, and next steps
• Documentation in MS Office formats or other agreed formats, delivered securely in accordance with classification requirements