Top Secret Cleared SA&A Consultant to apply TBS and ITSG-33 guidelines and create security controls on high-integrity systems.

Our Valued Public Sector Client is seeking a Top Secret Cleared SA&A Consultant to apply TBS and ITSG-33 guidelines and create security controls on high-integrity systems.

Project Description:

The Digital Services Sector requires IT Security expertise to perform Security Assessment and Authorization (SA&A) for On Premise and Cloud systems within 3 classified environments (Secret, Top Secret, Top Secret + (SI/TK)),

Must Haves:

• SA&A / TRA (10+ years)
• ITSG-33 (10+ years)
• Top Secret
• Following Canadian Centre for Cyber Security (5+ projects)
• Applying TBS security directives (5+ projects)
• Applying security zoning as defined by CSE (5+ projects)
• High-integrity systems (5+ projects)
• 2 Certifications out of the following:
• CISSP, CCSP, CISA, Certified ISO 27001 Lead Auditor

Responsibilities:

• Perform Security Assessment and Authorization (SA&A) on departmental systems and applications while following the directives of department’s Risk Management Framework.
• Create and provide SA&A Plan to the project team or (SA&A guidance for project team based on RMF).
• Evaluate and approve project created system’s System Profile Description (SPD).
• Write a tailored list of IT Security controls via a security requirements traceability matrix (SRTM) which the system will have to meet.
• Evaluate evidence provided by the system’s technical team and provide rational and way forward in the case of Partial Pass and/or Failed controls
• Develop a Security Assessment Report (SAR), Management Action Plan (MAP) and Authorization to Operate letter (ATO).
• Maintain responsibility for knowledge transfer throughout the project, ensuring LAC staff are fully briefed and capable of taking over tasks.