Length: Approximately 120 workdays
Respond By: June 13, 2008
You must meet the following MANDATORY requirements before further
considerations:
1. Legal work status in Canada;
2. Good English communication skills;
3. Possess the skills set and actual work experience as defined in
this posting.
Remarks:
There could be infrequent meetings to attend in Toronto, ON.
Mandatory:
Thorough knowledge and experience in the following areas:
* Leading and preparing TRAs, preferably in health care settings;
* Business process mapping, business network and security
architecture diagrams;
* Security-enhancing technologies;
* Analyzing program processes and technical designs against
security and privacy principles;
* Identifying and resolving complex security and related privacy
risks;
* Defining technology requirements as they relate to privacy and
security;
* Developing and implementing security strategies and solutions;
* Providing advice to project team members with respect to
security and privacy risks and potential issues;
* Conducting risk and impact *****sments and developing mitigation
strategies;
* IT security requirements;
* Planning and managing projects.
The consultant should possess:
* Excellent inter-personal skills and the ability to meet strict
deadlines and adapt quickly to change;
* Excellent analytical, written and verbal communication,
organizational and project management skills.
Desirables:
* Familiarity with the ISO Standards 17799:2005 and 27001:2005 and
the Personal Health Information Protection Act and other applicable
privacy legislation is definitely an asset.
Responsibilities:
* Project Plan for Security Architecture Deliverables (to be
defined jointly by the consultant and client's Security Architect);
* Conceptual Security Architecture;
* Privacy & Security Requirements;
* Conceptual Threat-Risk *****sment (TRA);
* Conceptual Business Continuity Plan (BCP);
* Conceptual Disaster Recovery Plan (DRP);
* Logical TRA;
* Physical TRA;
* Input and Material for client's Enterprise Architecture Reviews
and Gating Presentations;
* May be assigned to sup****t other initiatives.
The three TRAs indicated above will include but are not limited to the
following elements:
* Executive Summary;
* Introduction that includes a description of the proposed
initiative, including scope, business rationale and partners;
* Diagrams or charts to ensure that:
~ Major data flows of information have been *****sed,
especially personal health information;
~ Application access and controls are identified for all
categories of users;
~ All data elements, their persistence and location
characteristics and data flow have been identified;
~ Existing safeguards have been considered; and
~ Identified vulnerabilities are clearly do***ented.
* Security analysis and recommendations for development or changes
to security policies and practices;
* Identification of security and privacy risks and mitigating
strategies, including ones that are addressed prior to completion of
the final re****t;
* Identification of security concerns that need to be addressed
(ensuring linkage with the related privacy impact *****sment work);
* Review of applicable security and information security standards
to ensure compliance;
* Do***entation of the chain of accountability (to enable
identification of responsibility and management of potential
vulnerabilities); and
* Conclusions and list of recommendations.
How To Respond:
A). Provide your resume in Word (It will only be presented with your
permission);
B). Provide three work references with contact info - a mandatory
submission requirement from our client;
C). Quote the above noted posting number;
D). Please help us to know your work experience better by answering
the following questions in your reply:
1. How many years of experience do you have in the following:
a) IT environment (including b below)?
b) Security /Threat Impact *****sment Specialist?
c) When were the most recent month and year you worked as a
Security /Threat Impact *****sment Specialist?
2. When are you available to start?
3. Are you incor****ated, registered partner****p, sole proprietor****p
or individual?
4. What is your expected hourly rate?
Company Profile:
Year 2008 witnesses our 23rd Anniversary as a major Canadian-based IT
consulting and recruitment services company in Toronto, where TLW
continues to be a preferred supplier for numerous organizations since
our inception in 1985. Our clients include governments, private
sector, the World Bank and various UN organizations. To date, we have
ample project and placement profiles for reference and well above
20,000 IT professionals covering a gamut of skill sets registered in
our ever-growing network of resources. In essence, TLW provides all
roles and services for all computing environments to a wide spectrum
of applications.
Human Resources
T.L.W. Enterprise Inc.
255 Duncan Mill Road, Suite 312
Toronto, Ontario M3B 3H9 Canada
416.510.3011 hr@[EMAIL PROTECTED]
www.tlwenterprise.com
"23 Dedicated Years in IT Consulting & Recruitment Services since
1985"
You are welcome to bookmark www.tlwenterprise.com for more job
postings.
Selected candidates will be contacted.
|
