ADGA is hiring a Senior Cybersecurity Engineer to assist the System of Training & Operational Readiness Modernization (STORM) project with the development and evaluations of proposed high-level business architectures and business solutions.

The Senior Cybersecurity Engineer will perform tasks in support of the Directorate Project Delivery – Command and Control (DPDCC), on an as and when requested basis, which may include, but are not limited to performing the following tasks:

1. Review, analyze, and/or apply Federal, Provincial or Territorial IT Security policies, System IT Security Certification & Accreditation processes, IT Security products, safeguards and best practices, and IT Security risk mitigation strategies as they apply to the STORM project;
2. Identify threats to, and vulnerabilities of the proposed network and security architecture which includes both wired and wireless architecture, and encompass UNCLASS, CLASS and Top Secret domains;
3. Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal, Provincial or Territorial IM/IT applications and systems;
4. Develop reports such as: Data security analysis, Concepts of Security, Statements of Sensitivity (SoS), Threat assessments, Privacy Impact Assessments (PIAs), Non-technical Vulnerability Assessments, Risk assessments, IT Security threat, vulnerability and/or risk briefings;
5. Conduct Certification activities such as: Develop Security Certification Plans; verifying that security safeguards meet the applicable policies and standards; validating the security requirements by mapping the system-specific security policy to the functional security requirements, and mapping the security requirements through the various stages of design documents; verify that security safeguards have been implemented correctly and that assurance requirements have been met (this includes confirming that the system has been properly configured, and establishing that safeguards meet applicable standards);  conduct Security Testing and Evaluation (ST&E) to determine if the technical safeguards are functioning correctly; and assess the residual risk provided by the risk assessment to determine if it meets an acceptable level of risk;
6. Conduct Accreditation activities such as: review of certification results in the design review documentation by the Accreditation Authority to ensure that the system will operate with an acceptable level of risk and that it will comply with departmental and system security policies and standards and identify conditions under which a system is to operate (for approval purposes). This may include the following types of approvals:
   • Developmental approval by both the Operational and the Accreditation Authorities to proceed to the next stage in an IT system's life cycle development if sensitive information is to be handled by the system during development;
   • Operational written approval for the implemented IT system to operate and process sensitive information if the risk of operating the system is deemed acceptable, and if the system is in compliance with applicable security policies and standards; or
   • Interim approval - a temporary written approval to process sensitive information under a set of extenuating circumstances where the risk is not yet acceptable, but there is an operational necessity for the system under development; and
7. Develop and deliver training material relevant to IT Security TRA and SA&A process;
8. Review and provide comments related to IT Security TRA and SA&A; and
9. Perform other related services as required by the Technical Authority.

• Must have one of the following:
  • An Engineering or Science degree from a recognized Canadian University;
  • A non-Canadian Engineering or Science degree that must be accredited by one of the following institutions:
    • Canadian Information Centre for International Credentials (CICIC);
    • World Education Services (WES); or
    • University of Toronto Comparative Education Services.
  • A diploma or certificate, minimum 2 years from a recognized college in an Information Management/Information Technology (IM/IT) field;
  • A recognized security certification such as one of the following:
    • CISM –Certified Information Security Manager;
    • CRISC – Certified in Risk and Information Systems Control;
    • CISSP – Certified Information Systems Security Professional.
• Must demonstrate a minimum of 10 years of experience within the last 20 years as an Information Technology Security Engineer.
• Must demonstrate a minimum 5 years of experience within the last 10 years providing IT Security TRA and C&A services.

• Must demonstrate a minimum 5 years of experience within the last 10 years applying Secure IT architecture fundamentals, standards, communications and security protocols for Data-at-Rest (DaR) and Data-in-Transit (DiT) of sensitive information such as IPSec, IPv6, SSL, and SSH, and analyzing IT Security Tools and techniques.

• Must demonstrate a minimum 5 years of experience within the last 10 years of developing and recommending organization security strategy, a set of security standards and best practices, and recommending security enhancements to management for protected data.

• Must demonstrate experience within the last 2 years with emerging technologies in cybersecurity and security features available on the market.

ADGA commits to putting diversity into action to build a stronger, more representative team and help our customers and communities thrive. We are a proudly Canadian company, striving to further diversity, equity, and inclusion in the workplace and provide every individual with the opportunities and resources to help them reach their full potential.

Since being acquired by Commissionaires Ottawa, ADGA has adopted the social mandate of Commissionaires to create meaningful employment opportunities and generate financial resources for veterans of the CAF, RCMP, their families, and fellow citizens who share a passion to contribute to the security and well-being of Canadians.

ADGA s'engage à mettre la diversité en action pour bâtir une équipe plus forte et plus représentative et aider nos clients et nos communautés à prospérer. Nous sommes une entreprise fièrement canadienne. Nous nous engageons pour promouvoir la diversité, l'équité et l'inclusion dans le milieu de travail et d'offrir à chaque personne les possibilités et les ressources qui lui permettront de réaliser son plein potentiel.

Depuis son acquisition par Les Commissionnaires Ottawa, ADGA a adopté le mandat social de Les Commissionnaires qui consiste à créer des possibilités d'emploi significatives et à générer des ressources financières pour les anciens combattants des FAC, de la GRC, leurs familles et leurs concitoyens qui partagent la passion de contribuer à la sécurité et au bien-être des Canadiens.