The Role

We're looking for a Member of Technical Staff (MTS) - Systems Security to join our Engineering Team at our Ottawa office (ability to work out of Richmond, BC office if preferred).

As a member of the Engineering team you will work on our programs such as Remotely Piloted Aircraft Systems (RPAS), Canadian Surface Combatant (CSC), Royal Canadian Navy Intelligence, Surveillance, Target Acquisition and Reconnaissance (RCN-ISTAR), Aeronautical Navigation products. You will work as part of a technical team to develop new capabilities, enhance existing capabilities and deliver solutions to our customers.

The Position

As a Member of Technical Staff (MTS) - Systems Security, you would have responsibilities for security elements of 49North's RPAS Program and other large defence contracts such as CSC and RCN ISTAR.

Excellent internal and external communication skills are necessary in order to work closely with the customer, with other technical teams, and to support the development of robust, secure and cost effective systems.

The successful candidate will have a blend of deep security knowledge, systems engineering experience, and experience working within defence contracts.

As a member of the Security Engineering team, you will ensure expert support is provided to various product/project teams to ensure that they address the security target and comply with applicable policies, procedures and standards. You will define the target security posture and/or the security requirements for projects and solutions during their definition and development. You will provide insight into vulnerability management and response within complex information systems.

Responsibilities:

As a Member of Technical Staff (MTS) - Systems Security, you may have a wide range of responsibilities that include:

• Consulting on the overall system architectures, operations concepts, or system enhancements from a security perspective
• Derive security requirements, designs, solutions and mechanisms in response to customer requirements, standards and internal policies
• Develop and maintain all security related system artefacts (e.g. specifications, profiles, test documents, vulnerability assessments, threat models, customer reports, etc.) from the customer level down to the major subsystem level for projects in development and/or in-service
• Oversee the verification of security related aspects of the product/system
• Perform threat assessments and threat models of MDA systems/products and advise on required actions to mitigate risks
• Review vulnerability and compliance scanning results, develop and prioritize necessary remediation actions for project staff to undertake
• Support engineering program delivery through the development and generation of security plans and budgets; and
• Coach and mentor junior team members.

Mandatory experience and skills

• A degree or diploma in Engineering, Computer Science, Information Technology or relevant experience in Systems Security
• Certified Information Systems Security Professional certification
• 5 or more years working in an engineering or information systems environment
• Understanding of DND project delivery and execution processes from requirements through commissioning and support
• Appreciation of the delivery and accreditation process of systems against CSE ITS guidance (e.g. ITSG-11/22/33/38)
• Experience maintaining close working relationships with other system engineers and customer representatives
• Excellent verbal and written communications and customer interaction skills
• Exceptional leadership skills, problem solving abilities and project execution strengths

Preferred experience and skills

• Experience in accreditation (risk assessment and governance) of Classified systems for DND involving information systems, cross domain solutions and multi-domain interoperability;
• Experience with NIST SP-800 suite (e.g.-53, -160) ISO/IEC, DISA STIGs, CIS, SANS standards;
• Experience in designing, deploying and working in Security Operation Centres; including technologies such as Security Information and Event Management (SIEM), Intrusion Detection System (IDS), Intrusion prevention System (IPS), and machine learning technologies is an asset.
• Hands-On experience with one or more of the following products: Microsoft Enterprise network suite of software, SIEMs, vulnerability assessment tools, virtualization technologies continuous monitoring and data loss prevention tools;
• Familiarity with any of the following:
  
  • Establishing Business Continuity Plans and Disaster Recovery Programs;
  • Open Source Security Testing Methodology Manual;
  • OWASP References and SQL Vulnerabilities,
  • Requirements management software such as DOORS
• Certifications such as:
  
  • Certified Cloud Security Professional (CCSP), or Certified Information Security Manager (CISM)

Comments/Special Considerations:

Successful candidates must obtain and hold security clearance at the secret level, and pass security assessment for the Controlled Goods Program (CGP) and ITAR.

Benefits statement:

49North provides competitive compensation and benefits packages for its employees at all locations. As a team member of 49North, you and your qualified dependents are eligible to participate in a benefit plan that ensures a comprehensive level of protection through competitive health care including; extended healthcare and flexible drug plans, dental and vision benefits, disability income protection, life insurance, group retirement savings plans; and an employee and family assistance program.

The compensation range for this position is 115,000 - $144,000 annually. The specific compensation offered will be based on the qualifications and experience of the successful candidate.

#IND

#LI-GD1