This client is looking for a Technical Control Analyst that can help with Refresh and Redesigning of the controls.
Remote Work
3 - 6 months contract to start
Looking for someone with an understanding of dev that is now working in Risk Controls.
Understanding code and designing the controls that the developers will adhere to.
...
Design and Implement Controls
Advantages
Ability to continue on contract
great experience
ability to grow within an organization
Responsibilities
To ensure that information security requirements for systems under development must be considered when designing systems, please confirm the following :-
1. The system design phase must involve analysis of the information lifecycle in systems under development, including:
a) data inputs and connections to systems
b) transmission of data between system components
c) storage of information, access to databases and other types of storage
d) outbound connections to other systems and applications
e) inbound connections that provide application data from other systems
f) security of information outputs
g) secure erasure of information.
2. The system design phase must involve the integration of a security architecture that can support the technical security requirements, such as performance, capacity, continuity, scalability, connectivity and compatibility.
3. The system design phase must involve consideration of potential threats (often referred to as threat modelling) and review of industry standards to help determine:
a) significant threats (including those that are adversarial, accidental or environmental), such as nation states, organized criminal groups, inexperienced developers or poorly informed contractors)
b) threat events common to most development projects that must be defended against
c) vulnerabilities that must be avoided
d) the priority of threat events in terms of the risk they pose
e) appropriate measures to reduce the level of threat and vulnerability.
To ensure that system build activities (including program coding and software package customization) must be carried out in accordance with industry good practice, performed by individuals provided with adequate skills/tools, and inspected to identify unauthorized modifications or changes, please confirm the following :-
1. The build of systems under development must be inspected to identify unauthorized modifications or changes which may compromise security controls.
2. When building systems:
a) developers must use approved secure programming techniques
b) developers must comply with good practice for program coding
c) the use of insecure design techniques must be prohibited
d) development tools, such as Integrated Development Environments (IDE), must be configured to help enforce the creation of secure code
e) ensure that sections of code incorporated into the application are maintainable, tracked and originate from proven, reputable sources
f) protect application source code from unauthorized access and tampering
g) use automated tools to ensure adherence to coding standards.
Qualifications
Needs:
Computer science or engineering degree
Refresh and Redesign
Experience in software development and/or system administration
Knowledge of development tools (i.e. Bitbucket, Jenkins)
Understanding of best practices and controls that align with the following objective: business applications under development are developed in a secure environment, using an approved system development methodology and meet business and information security requirements – the resource is expected to have sufficient knowledge to be able to design and implement such controls – I have provided below a sample requirements for controls to be designed
Excellent teamworking and communication skills
Strong problem-solving skills
Good attention to detail
Summary
IF you are interested in this role please apply to the following job posting.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
This client is looking for a Technical Control Analyst that can help with Refresh and Redesigning of the controls.
Remote Work
3 - 6 months contract to start
Looking for someone with an understanding of dev that is now working in Risk Controls.
Understanding code and designing the controls that the developers will adhere to.
Design and Implement Controls
Advantages
Ability to continue on contract
great experience
ability to grow within an organization
Responsibilities
To ensure that information security requirements for systems under development must be considered when designing systems, please confirm the following :-
1. The system design phase must involve analysis of the information lifecycle in systems under development, including:
a) data inputs and connections to systems
b) transmission of data between system components
c) storage of information, access to databases and other types of storage
d) outbound connections to other systems and applications
e) inbound connections that provide application data from other systems
f) security of information outputs
g) secure erasure of information.
...
2. The system design phase must involve the integration of a security architecture that can support the technical security requirements, such as performance, capacity, continuity, scalability, connectivity and compatibility.
3. The system design phase must involve consideration of potential threats (often referred to as threat modelling) and review of industry standards to help determine:
a) significant threats (including those that are adversarial, accidental or environmental), such as nation states, organized criminal groups, inexperienced developers or poorly informed contractors)
b) threat events common to most development projects that must be defended against
c) vulnerabilities that must be avoided
d) the priority of threat events in terms of the risk they pose
e) appropriate measures to reduce the level of threat and vulnerability.
To ensure that system build activities (including program coding and software package customization) must be carried out in accordance with industry good practice, performed by individuals provided with adequate skills/tools, and inspected to identify unauthorized modifications or changes, please confirm the following :-
1. The build of systems under development must be inspected to identify unauthorized modifications or changes which may compromise security controls.
2. When building systems:
a) developers must use approved secure programming techniques
b) developers must comply with good practice for program coding
c) the use of insecure design techniques must be prohibited
d) development tools, such as Integrated Development Environments (IDE), must be configured to help enforce the creation of secure code
e) ensure that sections of code incorporated into the application are maintainable, tracked and originate from proven, reputable sources
f) protect application source code from unauthorized access and tampering
g) use automated tools to ensure adherence to coding standards.
Qualifications
Needs:
Computer science or engineering degree
Refresh and Redesign
Experience in software development and/or system administration
Knowledge of development tools (i.e. Bitbucket, Jenkins)
Understanding of best practices and controls that align with the following objective: business applications under development are developed in a secure environment, using an approved system development methodology and meet business and information security requirements – the resource is expected to have sufficient knowledge to be able to design and implement such controls – I have provided below a sample requirements for controls to be designed
Excellent teamworking and communication skills
Strong problem-solving skills
Good attention to detail
Summary
IF you are interested in this role please apply to the following job posting.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
