This is a remote position.
Overview
This is a remote consulting opportunity supporting a government client.
Subcontractor Opportunity: This is not an employee position. The successful consultant must be incorporated and able to provide services through their corporation.
Role Summary
The Security Analyst provides specialized expertise in information security, supporting enterprise initiatives by ensuring that IT projects are designed, assessed, and implemented in accordance with security and privacy requirements.
The role is responsible for conducting security assessments, defining security requirements, and developing documentation that supports secure, compliant, and resilient solutions aligned with industry standards.
Key Responsibilities
Capture and assess current-state security solutions to establish baselines for new IT projects
Conduct on-premise and cloud-based security assessments for proposed systems and initiatives
Identify security risks, vulnerabilities, and gaps in system design and implementation
Conduct privacy impact assessments for new IT projects in collaboration with business units
Ensure alignment with relevant privacy legislation and regulatory requirements
Apply industry standards such as NIST to assess and guide security practices
Lead security requirements gathering activities for IT projects in collaboration with business analysts
Develop and maintain enterprise security documentation including policies, standards, baselines, guidelines, and procedures
Lead or support vulnerability assessments, penetration testing, and security audits for IT projects
Participate in planning and design of business continuity and disaster recovery strategies
Collaborate with project teams, IT operations, and business stakeholders to provide security guidance
Conduct research into emerging security threats, tools, and technologies
Key Deliverables
Security assessment reports and risk analyses
Privacy impact assessments and compliance documentation
Security requirements and control frameworks for IT projects
Enterprise security policies, standards, and guidelines
Vulnerability assessment and penetration testing results
Business continuity and disaster recovery security inputs
Security documentation maintained within the enterprise repository
Requirements
Qualifications
Education and Certifications
Bachelor’s degree in Computer Science, Information Technology, or a related field preferred
Certifications related to information security such as CISSP, CISM, or equivalent considered an asset
Certifications aligned with NIST or security frameworks considered an asset
Training or certification in privacy and compliance disciplines considered an asset
Experience
Extensive experience with industry security solutions, particularly Microsoft security technologies
Experience conducting on-premise and cloud security assessments for IT projects
Experience developing security documentation for enterprise environments
Experience performing privacy impact assessments
Strong understanding of networking protocols including IP and TCP/IP
Experience gathering and defining IT security requirements for projects
Excellent analytical, problem-solving, and documentation skills
Strong communication skills, both written and verbal
Ability to manage priorities and deliver in high-pressure environments