Maplesoft Group is currently seeking an IT Security Threat and Risk Assessment (TRA) and Certification and Accreditation Analysts (CAA(s)) – Level 3 for our Federal Government client.

Tasks and Responsibilities include, but are not limited to the following:

a) Review, analyze, and/or apply Federal, Provincial or Territorial IT Security policies, System IT 
Security Certification & Accreditation processes, IT Security products, safeguards and best 
practices, and the IT Security risk mitigation strategies;
b) Identify threats to, and vulnerabilities of operating systems (such as MS, Unix, Linux, and Novell), 
and wireless architectures;
c) Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal, 
Provincial or Territorial IT systems;
d) Develop reports such as: Data security analysis, Concepts of operation, Statements of Sensitivity 
(SoSs), Threat assessments, Privacy Impact Assessments (PIAs), Non-technical Vulnerability 
Assessments, Risk assessments, IT Security threat, vulnerability and/or risk briefings;
e) Conduct Certification activities such as: Develop Security Certification Plans, Verify that security 
safeguards meet the applicable policies and standards, Validate the security requirements by 
mapping the system-specific security policy to the functional security requirements, and mapping 
the security requirements through the various stages of design documents, Verify that security 
safeguards have been implemented correctly and that assurance requirement have been met. 
This includes confirming that the system has been properly configured, and establishing that the 
safeguards meet applicable standards, Conduct security testing and evaluation (ST&E) to 
determine if the technical safeguards are functioning correctly, Assess the residual risk provided 
by the risk assessment to determine if it meets an acceptable level of risk;
f) Conduct Accreditation activities such as: Review of the certification results in the design review 
documentation by the Accreditation Authority to ensure that the system will operate with an 
acceptable level of risk and that it will comply with the departmental and system security policies 
and standards and identify the conditions under which a system is to operate (for approval 
purposes). This may include the following types of approvals:
(i) Developmental approval by both the Operational and the Accreditation Authorities to 
proceed to the next stage in an IT system's life cycle development if sensitive information 
is to be handled by the system during development;
(ii) Operational written approval for the implemented IT system to operate and process 
sensitive information if the risk of operating the system is deemed acceptable, and if the 
system is in compliance with applicable security policies and standards;
(iii) Interim approval—a temporary written approval to process sensitive information under a 
set of extenuating circumstances where the risk is not yet acceptable, but there is an 
operational necessity for the system under development.
g) Develop and deliver training material relevant to the resource category; and
h) Conduct knowledge transfer and coaching of the team members.

Deliverables:
The Information Technology Security TRA and CAA(s) Level 3 must submit deliverables to the Technical 
Authority.  
a) A work plan for the work to be undertaken; 
b) Progress report on a bi-weekly or monthly basis on activities undertaken which includes the 
following: 
(i) Activities completed within the reporting period;
(ii) Planned activities for the next reporting period;
(iii) Risks/issues that will require the attention of the Technical Authority; and
(iv) Corrective actions required.
c) Security Assessments;
d) Risk management documents; 
e) Technical documents, presentations and other materials, as requested by the Technical 
Authority; and
f) Knowledge transfer to designated departmental staff, at the request of the Technical Authority.



Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people.  Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.

Maplesoft Group is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from all qualified individuals. Maplesoft Group is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants irrespective of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans’ status, Aboriginal peoples or any other legally protected factors. 

All employment decisions are made based on business needs, job requirements, and individual qualifications. 

We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at Maplesoft Info at info@maplesoftgroup.com.

We thank you for your interest in Maplesoft Group and wish to advise you, that only candidates under consideration will be contacted.