Job Description

Job Title: RQ07398 - Security Specialist - Senior
Client: Ministry of Public and Business Service Delivery (former MGCS)
Work Location: 222 Jarvis Street, Toronto, Ontario, Hybrid
Estimated Start Date: 2024-04-15
Estimated End Date: 2025-03-31
#Business Days: 241.00
Extension: Probable after the initial mandate
Hours per day or Week: 7.25 hours per day
Security Level: CRJMCMust Haves
At least 3 years\xe2\x80\x99 experience must be related to Oracle Identity and Access Management Suite Plus.
Experience with OIAM 12C is preferred.
5+ years\xe2\x80\x99 experience designing, developing, deploying, and sustaining large application implementations based on the following technology products: Oracle Fusion Middleware, Oracle Identity and Access Management Suite, OHS, Tomcat, Windows Internet Information Server (IIS), IBM HTTP Server, Apache, IBM WebSphere, Oracle database 19C, Oracle Directory Server Enterprise Edition, Solaris, Windows, AIX and Linux.Note:
This position is currently listed as "Hybrid"; however, the consultant will be remote due to COVID-19 related Work from Home (WFH) direction. Once the I&IT cluster staff are required to return to the office, the resource under this request will be required to work onsite as well.

• Hybrid - 3 days on site and 2 remote

Experience and Skill Set Requirements Sustainment of Large Identity and Access Management Systems \xe2\x80\x93 40%

• 5+ years\xe2\x80\x99 experience sustaining (e.g. administration, operations, support, patching, monitoring, starting/ stopping) COTS based identity and access management systems.
• At least 3 years\xe2\x80\x99 experience must be related to Oracle Identity and Access Management Suite Plus. Experience with OIAM 12C is preferred.
• At least 4 years\xe2\x80\x99 experience must be related to implementations with over 10,000 registered users.
• 3+ years\xe2\x80\x99 experience with the Oracle unified Methodology (OUM) for COTS implementations.
• 2+ years of experience with Nagios and other system monitoring tools (e.g. Big Brother)
• Working Knowledge and understanding of IT Security Technologies, particularly encryption and authentication technologies such as PKI, PMI and SSL.
• Experience of solution design for business application to integrate with access management service using SAML2, OIDC industry standard protocol

Sustainment of Large Application Implementations \xe2\x80\x93 30%

• 5+years\xe2\x80\x99 experience designing, developing, deploying, and sustaining large application implementations based on the following technology products: Oracle Fusion Middleware, Oracle Identity and Access Management Suite, OHS, Tomcat, Windows Internet Information Server (IIS), IBM HTTP Server, Apache, IBM WebSphere, Oracle database 19C, Oracle Directory Server Enterprise Edition, Solaris, Windows, AIX and Linux.
• Experience with ITIL processes such as Service Level Management, Problem Management, Change Management, Release Management, and Capacity Management.

Incident and Problem Management \xe2\x80\x93 20%

• 5+ years experience triaging, analysing, diagnosing (a.k.a troubleshooting), evaluating options, and resolving application problems, especially those related to identity and access management systems and the above technologies.
• Experience with decision making processes.

Quality Assurance \xe2\x80\x93 10%

• 5+ years experience with quality control and assurance methodologies and practices as applied to the implementation of applications with over 10,000 users.

Description
Responsibilities:

• Defines, evaluates, and assesses security architecture requirements for systems environments and IT projects.
• Ensures the incorporation of IT security and contingency measures in the development of systems.
• Advises on the identification, analysis, and resolution of specific security factors, risks, vulnerabilities; protection of personal privacy issues; and appropriate industry and international security standards.
• Carry out information and information technology (I&IT) security projects and tasks in the Ontario Public Service as assigned by Corporate Security or cluster I&IT management

General Skills:

• Strong understanding and expertise in security architecture
• Knowledge of techniques to secure information assets and the planning, design, and implementation of security technologies
• Proven techniques to discover gaps or weaknesses in security architecture to identify and mitigate known security threats or inherent weaknesses
• Knowledge and understanding of relevant legislation and corporate directives related to the security and confidentiality of information (e.g. Freedom of Information and Protection of Privacy Act) in order to identify and assess areas of concern and risk
• Solid knowledge of current security and contingency technology and techniques (e.g. digital signature, encryption, access controls, fire-walls, authentication, virus protection, etc.); and a proven working knowledge of security audit procedures and protocols
• Experience in developing enterprise architecture deliverables (e.g. models)
• Experience in providing specialized security support at the specified experience level
• Experience in establishing secure environments at a network, operating system or application level
• Experience with implementing security on complex and distributed systems.
• Awareness of emerging IT trends and directions, especially as related to security
• Excellent analytical, problem-solving, and decision-making skills; written and verbal communication skills; interpersonal and negotiation skills
• A team player with a track record for meeting deadlines, managing competing priorities and client relationship management experience.

Desirable Skills:

• Experience in developing enterprise architecture deliverables (e.g. models) based on Ontario Government
• Enterprise Architecture processes and practice
• Experience in Threat Risk Assessment methods
• Knowledge and understanding of Information Management principles, concepts, policies and practices
• Experience in business recovery and disaster recovery planning.
• Experience in performing threat and risk assessment.
• Experience in public key infrastructure development and operation.
• Experience in security design as part of systems development projects.
• Experience in intrusion detection systems.
• Experience in mitigation tools for malicious software. Experience in vulnerability analysis and penetration testing.
• Experience in network monitoring. Experience in security policy development.
• Experience in developing and delivering security education.
• Experience in forensic investigation.
• Knowledge and understanding of Information Management principles, concepts, policies and practices

Powered by JazzHR

S M Software Solutions