Job Title

MaxSys Staffing and Consulting is hiring for a Senior IT Security Architect for one of their Federal Government clients in NCR.Role: Sr IT Security ArchitectLocation: Hybrid in Ottawa, ONDuration: 21 April 2025 to 20 March 2026Level of Effort: Full timeLanguage: English Clearance: ReliabilityQualifications:Must have a valid Enhanced Reliability Clearance or must be eligible to get one.Must demonstrate having 10 years of experience within the past 20 years of IT Security, Architecture and Engineering in any of the following: Electronic Health Records / Medical Records (EHR/EMR) systems, Health Information Management Systems (HIMS), Health Information Technologies (HIT), Public Health Information Systems (PHIS)Must demonstrate 10 years of extensive experience within the past 15 of developing security controls for complex information systems to manage cyber risks identified in at least four (4) of the following cybersecurity-related areas:National Institute of Standards and Technology (NIST) Special Publications (various 800 Series)Government of Canada - Communications Security Establishment Canada IT Security Guidelines (various ITSGs)Directive on Departmental Security ManagementDirective on Identity Management (DIM)Policy on Management of Information TechnologyPolicy on Risk ManagementManagement of Information Technology Security (MITS) Operational StandardISO/IEC 27001ISO/IEC 27002TBS Integrated Risk Management FrameworkTBS Management Accountability FrameworkHarmonized TRA MethodologyCCCS Security Categorization Guidance for Cloud Based ServicesResponsibilities:Collect, collate and prioritize client IT Security and Information Infrastructure Protection requirementsDevelop reports including but not limited to: Data security analysis, Security Concepts of Operation, Statements of Sensitivity (SoSs), Threat Risk assessments (HTRA), Risk assessments, IT Security threat, vulnerability and/or risk briefings.Work with the appropriate business stakeholders to assist, conduct and/or draft a preliminary privacy impact assessments (PPIAs) and privacy impact assessments (PIAs) to support the EHRP Project, in accordance with the requirements of: Treasury Board Privacy Impact Assessment Policy, Treasury Board Privacy Impact Assessment Policy Guidelines, Other relevant standards, procedures and guidelines.Leverage ITSG-33 to assist the EHRP Project in identifying and planning the required Information System Security Risk Management activities.Assist in planning to ensure the project aligns with the ITSG-33 Information System Security Implementation Process (ISSIP) across the system development lifecycle of the Project.