IT Security TRA and C&A Analyst
Interested in joining a global leader in space engineering and cybersecurity? RHEA Group, one of Canada’s top-leading engineering and cyber security firms is looking to expand its team of security experts.
Our team of mixed cyber security specialists work on the most demanding and complex missions across industries such as manufacturing, energy, aerospace and defence. Directly from our Canadian offices, you will be part of a leading team of security specialists ranging from ex-military officers to top-of-the-line engineers.
A Threat and Risk Assessment (TRA )Analyst, analyzes a software system for vulnerabilities, examines potential threats associated with those vulnerabilities, and evaluates the resulting security risks.
Participate in the conduct of threat and risk assessments of physical and critical infrastructures using leading-edge industry methodologies and techniques such as the RCMP Harmonized Threat and Risk Assessment (HTRA) methodology, CCTA Risk Analysis and Management Method (CRAMM), Information Risk Analysis Methodology (IRAM) etc.;
- Recommend corrective actions to address identified vulnerabilities;
- Propose, coordinate, implement and enforce policies and methodologies for physical and infrastructure security;
- Conduct detailed research and analysis;
- Write technical reports and make technical presentations;
- Perform compliance reviews of security plans; and
- Define and oversee the security incident management process
- Review, analyze, and/or apply risk management methodologies and GC, Provincial or Territorial IT Security Policies, Procedures, Standards, Guidelines.
- Conduct safeguard analysis and implementation for the physical protection of personnel and Information System (IS) assets
- Identify and analyze physical threats to, and vulnerabilities of networks
- Conduct activities related to authorization and authentication in physical and logical environments
- Complete tasks directly supporting the departmental IT Security and Cyber Protection Program
- Develop and deliver training material relevant to the resource category
- Must be able to legally work in Canada
- Valid Government of Canada Security clearance: Secret or Higher
- Bilingualism: Knowledge of French and English required.
- Excellent oral and written English communication skills: Excellent oral French communications skills: Good French writing skills: capable of writing documentation, performing presentations to an internal audience, and interacting with senior management, colleagues and customers.
- University degree, Community college diploma in security or policing with a minimum of 5 years of related experience or, 8+ years related experience.
- A security based professional certifications in a recognized security program (e.g. CISSP, CISM, CISA, OPST, CEH, GPEN, American Society for Industrial Security (ASIS) Certified Protection Professional (CPP) or Emergency Management and Disaster Recovery program
- Experience as a security expert for or with the Canadian federal, provincial or municipal governments
- Participation or leading emergency/disaster recovery programs and exercises
- Expert knowledge of risks associated with physical and critical infrastructures;
- Expert knowledge of physical security trends, practices, and mitigating controls.
- General enterprise infrastructure knowledge (firewalls, routing and load balancing, packet captures, etc.)
- Skilled at problem-solving, highly motivated and self-directing.