Rq05987 - Specialized It Consultant - Senior

We would like to present to you a new job opportunity and I think you may find it interesting.

If you are interested kindly send the following documents to by Thursday, August 31 at 2:00 PM ESTif that interests you and matches your profile.

Without mandatory documents, we cannot submit a candidate.

• Expected hourly rate (Mandatory)
• Skills Matrix and References (Mandatory)
• Updated Resume in word format (Mandatory)

Job Title:

Client: Ministry of Education

Work Location 777 Bay St.,Toronto, Ontario, Hybrid

Estimated Start Date: 2023-09-04

Estimated End Date: 2024-03-31

Business Days: 185.00

Extension: Probable after the initial mandate

Hours per day or Week: 7.25 hours per day

Security Level: CRJMC

If you are interested to learn more about this opportunity, please check it out on our career siteor If not please feel free to send over any names or forward this email to anyone who may be interested.

(Click above for Skill matrix and for more details)

Must Have

• 7+ years’ experience applying cyber security industry frameworks such as NIST CSF v1.1, COBIT, CIS Controls v8 and ISO 27001 (NIST is a must)
• Knowledge of the new draft NIST Cyber Security Framework v2.0
• Threat risk assessments
• Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
• 7+ years’ experience with cyber security and privacy audits and assessments including:
• Cyber security assessments
• 7+ years’ experience producing cyber security and privacy risk logs and preparing risk remediation plans, preferably for the public sector or broader public sector

Nice to Haves:

• Privacy certification (Certified Information Privacy Professional (CIPP)
• Privacy impact assessments

Description

The Specialized IT Consultant, Level 3, role requires extensive knowledge and experience with both cyber security and privacy controls to reduce the impact of evolving cyber threats in the Ontario K-12 school board environment. This resource is responsible for, but not limited to:

• Performing cyber security and privacy assessments to identify vulnerable areas of the K-12 school boards including:
• Providing subject matter expertise and advice in improving cyber protection processes, including supporting the development of cyber security standards for K-12 school boards.
• Privacy impact assessments
• Presenting to various stakeholders, as needed.
• Privacy protection for minors
• Cyber security
• Delivering on other duties as assigned.
• Providing status and project status reports on all other deliverables assigned.
• Providing hands-on subject matter expertise and implementation guidance to support enhancements of cyber protection for K-12 school board networks, including improvements recommendations in:
• Providing guidance for mitigation strategies following root cause analysis of security or privacy breaches in the K-12 school board networks.
• Cyber security and risk assessments
• Threat risk assessments
• Providing subject matter expertise, guidance and support to K-12 school boards cyber security personnel by producing risk logs, and proposing remediation actions.
• Developing school board-specific, prioritized action and remediation plans to support K-12 school boards in improving their cyber resilience and risk posture.

This work involves working in close partnership with the K-12 education sector. The resource may need to travel the same day or overnight in Ontario.

The manager will have the right to assign additional work, directly or indirectly related to this initiative as needed to support unit priorities as and when required

Experience And Skill Set Requirements

Cyber Security and Privacy – 55%

• Knowledge of the new draft NIST Cyber Security Framework v2.0
• 10+ years of demonstrated experience applying privacy frameworks such as the NIST Privacy Framework, ISO/IEC 27701
• 10+ years’ experience producing cyber security and privacy risk logs and preparing risk remediation plans, preferably for the public sector or broader public sector
• Threat risk assessments
• Excellent knowledge and exposure to Internet of Things (IoT) security issues
• Excellent knowledge of Ontario, federal and international privacy laws applicable to the Ontario K-12 sector (such as Municipal Freedom of Information and Protection of Privacy Act (MFIPPA), Canadian Privacy Act, General Data Protection Regulation (GDPR) etc.)
• Cyber security assessments
• Privacy impact assessments
• 10+ years’ experience with cyber security and privacy audits and assessments including:
• 10+ years’ experience with cyber security processes and regulations, and standards, preferably for the public sector or broader public sector
• 10+ years’ experience applying cyber security industry frameworks such as NIST CSF v1.1, COBIT, CIS Controls v8 and ISO 27001

Communication Skills and Experience – 25%

Strong communication skills as demonstrated through:

• 10+ years’ experience in preparing written materials (e.g., security and privacy reports, status reports, recommendations, briefing notes)
• 10+ years’ experience in effectively presenting to management teams and external stakeholders

Industry Certifications / Relevant Degrees – 15%

• Security certification is mandatory (Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM))
• Privacy certification is mandatory (Certified Information Privacy Professional (CIPP))

Public Sector Experience – 5%

• Applied experience with Ontario’s cyber security standards. The security standards (GO-ITS 25.X) can be found on the Government of Ontario information technology standards
• 5+ years’ hands-on experience working with Ontario’s public sector or Ontario’s broader public sector

Powered by JazzHR

JPV23YXtRt