Enable job alerts via email!
IT Security Threat and Risk Assessment (TRA) and Certification and Accreditation Analysts (CAA([...]
Maplesoft Group
United States
Remote
USD 80,000 - 120,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
Join Maplesoft Group as an IT Security Threat Analyst where you'll engage in risk assessments, develop security strategies, and ensure compliance with IT security policies. This role requires analytical expertise in cybersecurity operations, making significant contributions to the federal government client’s security posture. Be part of a culture that values diversity and individual contributions; your work will matter at Maplesoft.
Qualifications
- Experience with Federal IT Security Certification & Accreditation processes.
- Ability to conduct risk analyses and develop mitigation strategies.
- Knowledge of development and delivery of training materials.
Responsibilities
- Review and apply IT Security policies and best practices.
- Identify vulnerabilities of operating systems and networks.
- Develop reports and deliver training for team members.
Skills
Education
Tools
Job description
Maplesoft implements TimeLive for Electronic time tracking.
Please view the demo below on how to enter and approve time.
Do you want to work in a dynamic environment where your contributions count?
At Maplesoft, we value the contributions of all our employees and contractors. We listen and act upon suggestions, advice, and innovative ideas to further our strategic vision. In turn, Maplesoft contributes to the communities where we live and operate. We think globally, but act in our own backyards.
Build your future with Maplesoft’s exciting technologies, deep partnerships, personal approach to consulting services, professional development opportunities and exciting company culture.
If you are interested in any of following job openings, please apply directly to info@maplesoftgroup.com , citing the position titleandjob id in the email subject line.
Title IT Security Threat and Risk Assessment (TRA) and Certification and Accreditation Analysts (CAA(s)) – Level 3
Maplesoft Group is currently seeking an IT Security Threat and Risk Assessment (TRA) and Certification and Accreditation Analysts (CAA(s)) – Level 3 for our Federal Government client.
Tasks and Responsibilities include, but are not limited to the following:
a) Review, analyze, and/or apply Federal, Provincial or Territorial IT Security policies, System IT
Security Certification & Accreditation processes, IT Security products, safeguards and best
practices, and the IT Security risk mitigation strategies;
b) Identify threats to, and vulnerabilities of operating systems (such as MS, Unix, Linux, and Novell),
and wireless architectures;
c) Identify personnel, technical, physical, and procedural threats to and vulnerabilities of Federal,
Provincial or Territorial IT systems;
d) Develop reports such as: Data security analysis, Concepts of operation, Statements of Sensitivity
(SoSs), Threat assessments, Privacy Impact Assessments (PIAs), Non-technical Vulnerability
Assessments, Risk assessments, IT Security threat, vulnerability and/or risk briefings;
e) Conduct Certification activities such as: Develop Security Certification Plans, Verify that security
safeguards meet the applicable policies and standards, Validate the security requirements by
mapping the system-specific security policy to the functional security requirements, and mapping
the security requirements through the various stages of design documents, Verify that security
safeguards have been implemented correctly and that assurance requirement have been met.
This includes confirming that the system has been properly configured, and establishing that the
safeguards meet applicable standards, Conduct security testing and evaluation (ST&E) to
determine if the technical safeguards are functioning correctly, Assess the residual risk provided
by the risk assessment to determine if it meets an acceptable level of risk;
f) Conduct Accreditation activities such as: Review of the certification results in the design review
documentation by the Accreditation Authority to ensure that the system will operate with an
acceptable level of risk and that it will comply with the departmental and system security policies
and standards and identify the conditions under which a system is to operate (for approval
purposes). This may include the following types of approvals:
(i) Developmental approval by both the Operational and the Accreditation Authorities to
proceed to the next stage in an IT system's life cycle development if sensitive information
is to be handled by the system during development;
(ii) Operational written approval for the implemented IT system to operate and process
sensitive information if the risk of operating the system is deemed acceptable, and if the
system is in compliance with applicable security policies and standards;
(iii) Interim approval—a temporary written approval to process sensitive information under a
set of extenuating circumstances where the risk is not yet acceptable, but there is an
operational necessity for the system under development.
g) Develop and deliver training material relevant to the resource category; and
h) Conduct knowledge transfer and coaching of the team members.
Deliverables:
The Information Technology Security TRA and CAA(s) Level 3 must submit deliverables to the Technical
Authority.
a) A work plan for the work to be undertaken;
b) Progress report on a bi-weekly or monthly basis on activities undertaken which includes the
following:
(i) Activities completed within the reporting period;
(ii) Planned activities for the next reporting period;
(iii) Risks/issues that will require the attention of the Technical Authority; and
(iv) Corrective actions required.
c) Security Assessments;
d) Risk management documents;
e) Technical documents, presentations and other materials, as requested by the Technical
Authority; and
f) Knowledge transfer to designated departmental staff, at the request of the Technical Authority.
Maplesoft Group prides itself on its distinct corporate culture and recognizes that success is a direct reflection of our most valuable asset - our people. Therefore, attitude and ambition are key personality traits we seek out, along with skill and aptitude, in potential employees.
Maplesoft Group is committed to having a diverse, representative workforce and continuing to build an inclusive environment. We encourage applications from all qualified individuals. Maplesoft Group is an equal opportunity employer committed to diversity and inclusion. We are pleased to consider all qualified applicants irrespective of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veterans’ status, Aboriginal peoples or any other legally protected factors.
All employment decisions are made based on business needs, job requirements, and individual qualifications.
We are committed to developing inclusive, barrier-free recruitment and selection processes, and a work environment that supports our diverse workforce. Please let us know if you require accommodations at any stage of the recruitment process. We can be reached at Maplesoft Info at info@maplesoftgroup.com.
We thank you for your interest in Maplesoft Group and wish to advise you, that only candidates under consideration will be contacted.
Think you're a great fit for our team? Explore our Job Opportunities page.
job faster
Follow us
