Security Assessment & Authorization Consultant

Job Description

About the job
Are you looking for a new opportunity in a fast-moving global company with a family feel? A job where you could have an impact?

The Security Assessment and Authorization Consultant will play a pivotal role in ensuring that critical systems are protected from security threats. The role involves conducting comprehensive security assessments, identifying vulnerabilities, and developing strategies to mitigate risks while adhering to regulatory and organizational standards.

The consultant is expected to be available to work on-site, as required – while not strictly formal, the consultant should remain available for the occasional on-site meeting.

Tasks and Activities

The scope of work will include:

Conduct end-to-end security assessments of critical systems to evaluate potential physical and cyber vulnerabilities.Develop and implement assessment methodologies that integrate physical security with information security controls.Analyze and document physical access controls, site security, and environmental protections for facilities housing critical systems.Assess cyber defenses, including network infrastructure, software, hardware configurations, and access management.Collaborate with cross-functional teams, including IT, facilities management, and security, to understand system dependencies and threat models.Develop and present risk assessments and recommendations for improvement to senior stakeholders.Simulate physical and cyber attack scenarios to identify and document potential weaknesses in system security.Evaluate the effectiveness of physical safeguards, such as surveillance, access control mechanisms, and intrusion detection systems.Review cybersecurity measures such as firewalls, encryption protocols, and endpoint protection to ensure comprehensive threat prevention.Document findings in compliance with organizational and regulatory standards, ensuring clear articulation of risk and proposed mitigations.Conduct follow-up reviews to verify that recommended security improvements have been implemented effectively.Stay current with emerging security threats and technologies and provide expert guidance on proactive defense strategies.

Skills and Experience

The following skills and experience are mandatory:

MUST have previous experience with ITSG-33MUST have previous experience with Security Assessment and AuthorizationMUST hold a Government of Canada security clearance at the SECRET level.MUST have post-secondary education in a relevant discipline (or equivalent experience). Military education and training will be considered equivalent.

Why should you apply?

You will have the opportunity to work with a larger company and an international teamWe encourage everyone to think outside the box and to push the boundaries of traditional knowledge. This role is an opportunity to join a forward-thinking company and allows for a deeper understanding of the industry.Benefits include: competitive remuneration packages; unique career opportunities, personalized training and development programmesWe welcome applications from people with disabilities, members of ethnic minorities, all genders, LGBTQ+ individuals and ex-service personnel.

About RHEA Canada

RHEA Canada is a professional engineering and solutions company, offering IT, Physical Security, and Cyber Security services and solutions for government, defence, and other critical infrastructure organizations across Canada. Our clients include the Government of Canada, Department of National Defence, NATO, and commercial engineering companies.