Careers

Why be a part of Maplesoft Group?

Maplesoft implements TimeLive for Electronic time tracking.

Please view the demo below on how to enter and approve time.

Watch Video - TimeLive - Timesheet Entry Demo
Watch Video - TimeLive - Timesheet Approval Demo

Do you want to work in a dynamic environment where your contributions count?

At Maplesoft, we value the contributions of all our employees and contractors. We listen and act upon suggestions, advice, and innovative ideas to further our strategic vision. In turn, Maplesoft contributes to the communities where we live and operate. We think globally, but act in our own backyards.

Build your future with Maplesoft’s exciting technologies, deep partnerships, personal approach to consulting services, professional development opportunities and exciting company culture.

To be considered for new opportunities please send us your resume at info@maplesoftgroup.com

Loading


  • Phone Number
  • Filename
    Status
    Size

    Back
    Title IT Security Threat and Risk Assessment and Certification and Accreditation Analyst - L3
    Location Remote
    Start Date 09-27-2022
    Language English
    Salary Negotiable
    Security Clearance Reliability
    Duration 6-Months
    Date Posted 09-20-2022
    Job ID 12711
    Recruiter Email
    Maplesoft Group is currently seeking an IT Security Threat and Risk Assessment and Certification and Accreditation Analyst - L3 for one of our Federal Government clients in the National Capital Region. This work can be done remotely. 

    The following responsibilities are associated with the “Statement Of Work” but are not limited to:

    Tasks
    The consultant will complete the following tasks to the satisfaction of the Project Authority:

    Our client requires the services of Information Technology Security TRA and CAA(s) Level 3 in support of our client's major projects as identified in
    each Task Authorization (TA).

    Tasks
    The individual Task Authorization (TA) will define the tasks to be completed. Working with the client's project team, the Information
    Technology Security TRA and CAA(s) Level 3 tasks include but are not limited to the following:
    a) Review, analyze, and/or apply Federal, Provincial or Territorial IT Security policies, System IT Security Certification & Accreditation
    processes, IT Security products, safeguards and best practices, and the IT Security risk mitigation strategies;
    b) Identify threats to, and vulnerabilities of operating systems (such as MS, Unix, Linux, and Novell), and wireless architectures;
    c) Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal, Provincial or Territorial IT systems;
    d) Develop reports such as: Data security analysis, Concepts of operation, Statements of Sensitivity (SoSs), Threat assessments, Privacy
    Impact Assessments (PIAs), Non-technical Vulnerability Assessments, Risk assessments, IT Security threat, vulnerability and/or risk
    briefings;
    e) Conduct Certification activities such as: Develop Security Certification Plans, Verify that security safeguards meet the applicable
    policies and standards, Validate the security requirements by mapping the system-specific security policy to the functional security
    requirements, and mapping the security requirements through the various stages of design documents, Verify that security safeguards
    have been implemented correctly and that assurance requirement have been met. This includes confirming that the system has been
    properly configured, and establishing that the safeguards meet applicable standards, Conduct security testing and evaluation (ST&E)
    to determine if the technical safeguards are functioning correctly, Assess the residual risk provided by the risk assessment to
    determine if it meets an acceptable level of risk;
    f) Conduct Accreditation activities such as: Review of the certification results in the design review documentation by the Accreditation
    Authority to ensure that the system will operate with an acceptable level of risk and that it will comply with the departmental and
    system security policies and standards and identify the conditions under which a system is to operate (for approval purposes). This
    may include the following types of approvals:
    (i) Developmental approval by both the Operational and the Accreditation Authorities to proceed to the next stage in an IT
    system's life cycle development if sensitive information is to be handled by the system during development;
    (ii) Operational written approval for the implemented IT system to operate and process sensitive information if the risk of
    operating the system is deemed acceptable, and if the system is in compliance with applicable security policies and
    standards;
    (iii) Interim approval—a temporary written approval to process sensitive information under a set of extenuating circumstances
    where the risk is not yet acceptable, but there is an operational necessity for the system under development.
    g) Develop and deliver training material relevant to the resource category; and
    h) Conduct knowledge transfer and coaching of the team members.
    Protected B when completed

    Deliverables
    The Information Technology Security TRA and CAA(s) Level 3 must submit deliverables to the Technical Authority. The individual Task
    Authorization (TA) will define the documents and deliverables required for the specific project. Deliverables include but are not limited to the
    following:
    a) A work plan for the work to be undertaken;
    b) Progress report on a bi-weekly or monthly basis on activities undertaken which includes the following:
    (i) Activities completed within the reporting period;
    (ii) Planned activities for the next reporting period;
    (iii) Risks/issues that will require the attention of the Technical Authority; and
    (iv) Corrective actions required.
    c) Security Assessments;
    d) Risk management documents;
    e) Technical documents, presentations and other materials, as requested by the Technical Authority; and
    f) Knowledge transfer to designated departmental staff, at the request of the Technical Authority.

    Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people.  Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.

    Maplesoft Group is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from all qualified individuals. Maplesoft Group is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants irrespective of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans’ status, Aboriginal peoples or any other legally protected factors. 

    All employment decisions are made based on business needs, job requirements, and individual qualifications. 

    We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at Maplesoft Info at info@maplesoftgroup.com.

    We thank you for your interest in Maplesoft Group and wish to advise you, that only candidates under consideration will be contacted.

    Are you interested in a career with Maplesoft Group? Please see our Career Opportunities page!


    SEE CAREER OPPORTUNITIES