We are seeking experienced IT Security Threat and Risk Assessment (TRA) and Certification & Accreditation (C&A) Analysts, Level 2 for remote, part-time contracts. Candidates must hold a Secret security clearance and have strong experience developing and updating Security Assessment and Authorization (SA&A) documentation for both on-premise and c
...
loud-based IT systems, including ERP, SharePoint, storage systems, research systems, collaboration platforms, intranet applications, and specialized IT-enabled research equipment. Responsibilities include conducting threat and risk assessments, security testing and evaluation, reviewing design and operational documents, mapping security requirements, and providing risk mitigation recommendations. Candidates must have 5+ years of IT Security experience (with at least 3 years as an Analyst focused on SA&A and cloud IT systems) and have authorized at least 10 SA&A packages using ITSG-33 methodology. Preferred qualifications include relevant IT Security certifications (CISSP, CAP, CISM, CSSP, CISA, CRISC, or CIAPP) or a degree in Computer Science.
*** Candidate must possess Government of Canada Secret level security clearance
*** Five roles in total
*** Part-time and remote
Advantages
•Remote work: Fully remote, offering flexibility and work-life balance.
•Specialized experience: Hands-on work in IT Security assessments across diverse systems, boosting expertise and career growth.
Responsibilities
•Develop SA&A documentation: Create and update Security Assessment and Authorization packages, including Data Security Analyses, Threat and Risk Assessments, Statements of Sensitivity, and Concepts of Operation.
•Security assessment activities: Review system design, operational, and management documents to ensure security safeguards meet applicable policies, standards, and functional requirements.
•Certification tasks: Follow established processes to validate that systems are properly configured and safeguards are implemented correctly.
•Security testing and evaluation (ST&E): Conduct technical testing to verify that security controls function as intended.
•Risk management and mitigation: Assess residual risk, provide IT Security guidance, and recommend remediation plans to achieve acceptable risk levels.
•Collaboration: Work with technical teams, project staff, and subject matter experts to gather information, explain SA&A processes, and communicate assessment progress.
•Policy compliance: Ensure deliverables align with government IT Security strategies, frameworks, and policies (e.g., TBS, CSEC, PS, SSC).
•Reporting: Prepare Security Assessment recommendations, risk briefings, and documentation for approval by senior management.
•Support diverse systems: Work across ERP, SharePoint, storage systems, research systems, cloud services, intranet applications, collaboration platforms, and specialized IT-enabled research equipment.
Qualifications
•Security Clearance: Must hold a Secret security clearance.
•Experience: Minimum 5 years in IT Security, including at least 3 years as an Analyst developing and updating SA&A packages for on-premise and cloud IT systems.
•SA&A Expertise: Must have authorized at least 10 SA&A packages using the ITSG-33 methodology, with at least 8 in a research environment within the last 5 years.
•Technical Knowledge: Experience with ERP, SharePoint, storage systems, collaboration platforms, intranet applications, cloud services, specialized IT-enabled research equipment, and other enterprise or research IT systems.
•Certifications/Degree: Preferred certifications include CISSP, CAP, CISM, CSSP, CISA, CRISC, CIAPP, or a Computer Science degree. Proof of education or certification is required.
•Project Experience: Must provide detailed examples of recent projects demonstrating SA&A and IT Security expertise, including client, duration, roles, responsibilities, and references.
Summary
If you're interested in learning more please submit your résumé and one of our senior Recruiters would be happy to give you a call to discuss further.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
We are seeking experienced IT Security Threat and Risk Assessment (TRA) and Certification & Accreditation (C&A) Analysts, Level 2 for remote, part-time contracts. Candidates must hold a Secret security clearance and have strong experience developing and updating Security Assessment and Authorization (SA&A) documentation for both on-premise and cloud-based IT systems, including ERP, SharePoint, storage systems, research systems, collaboration platforms, intranet applications, and specialized IT-enabled research equipment. Responsibilities include conducting threat and risk assessments, security testing and evaluation, reviewing design and operational documents, mapping security requirements, and providing risk mitigation recommendations. Candidates must have 5+ years of IT Security experience (with at least 3 years as an Analyst focused on SA&A and cloud IT systems) and have authorized at least 10 SA&A packages using ITSG-33 methodology. Preferred qualifications include relevant IT Security certifications (CISSP, CAP, CISM, CSSP, CISA, CRISC, or CIAPP) or a degree in Computer Science.
*** Candidate must possess Government of Canada Secret level security clearance
...
*** Five roles in total
*** Part-time and remote
Advantages
•Remote work: Fully remote, offering flexibility and work-life balance.
•Specialized experience: Hands-on work in IT Security assessments across diverse systems, boosting expertise and career growth.
Responsibilities
•Develop SA&A documentation: Create and update Security Assessment and Authorization packages, including Data Security Analyses, Threat and Risk Assessments, Statements of Sensitivity, and Concepts of Operation.
•Security assessment activities: Review system design, operational, and management documents to ensure security safeguards meet applicable policies, standards, and functional requirements.
•Certification tasks: Follow established processes to validate that systems are properly configured and safeguards are implemented correctly.
•Security testing and evaluation (ST&E): Conduct technical testing to verify that security controls function as intended.
•Risk management and mitigation: Assess residual risk, provide IT Security guidance, and recommend remediation plans to achieve acceptable risk levels.
•Collaboration: Work with technical teams, project staff, and subject matter experts to gather information, explain SA&A processes, and communicate assessment progress.
•Policy compliance: Ensure deliverables align with government IT Security strategies, frameworks, and policies (e.g., TBS, CSEC, PS, SSC).
•Reporting: Prepare Security Assessment recommendations, risk briefings, and documentation for approval by senior management.
•Support diverse systems: Work across ERP, SharePoint, storage systems, research systems, cloud services, intranet applications, collaboration platforms, and specialized IT-enabled research equipment.
Qualifications
•Security Clearance: Must hold a Secret security clearance.
•Experience: Minimum 5 years in IT Security, including at least 3 years as an Analyst developing and updating SA&A packages for on-premise and cloud IT systems.
•SA&A Expertise: Must have authorized at least 10 SA&A packages using the ITSG-33 methodology, with at least 8 in a research environment within the last 5 years.
•Technical Knowledge: Experience with ERP, SharePoint, storage systems, collaboration platforms, intranet applications, cloud services, specialized IT-enabled research equipment, and other enterprise or research IT systems.
•Certifications/Degree: Preferred certifications include CISSP, CAP, CISM, CSSP, CISA, CRISC, CIAPP, or a Computer Science degree. Proof of education or certification is required.
•Project Experience: Must provide detailed examples of recent projects demonstrating SA&A and IT Security expertise, including client, duration, roles, responsibilities, and references.
Summary
If you're interested in learning more please submit your résumé and one of our senior Recruiters would be happy to give you a call to discuss further.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
