Cybersecurity Engineer

Deliver cybersecurity support for system operations, ensuring adherence to Government policies through the review, design, and implementation of security measures, processes, and controls for the client's systems.

Evaluate security audit reports and assessments conducted by auditors, including vulnerability assessments, penetration testing, host configurations, IT general controls, and risk assessments.

Perform reviews and gapanalyses, and provide recommendations within monthly reports while ensuring that system processes remain compliant with client and Government requirements.

Monitor and address known vulnerabilities and risks associated with the Authority's environment and systems.

Conduct comprehensive cybersecurity assessments to identify potential vulnerabilities and risks in the client's systems and processes.

Design and oversee the implementation of cybersecurity solutions to safeguard the Authority's environment against evolving threats and attacks.

Review and validate system security posture, policies, and procedures to confirm best practices are followed and standards are met by appointed contractors and systems.

Offer expert guidance and recommendations on cybersecurity strategies and technologies.

Deliver security awareness training to the client and its appointed contractors as needed to foster a culture of security.

Monitor, investigate, and respond to security incidents and breaches, conducting forensic analyses when required.

Skills & Experience:
Solid understanding of government security ICT/SS policies, cybersecurity standards, governance, risk and data management frameworks, with hands-on government sector experience.
Experience in security assessments (risk, vulnerability, penetration testing, configuration review, IT controls) is an asset.
Strong knowledge of ICT infrastructure, applications, and web/cloud services.
Preferred certifications: CREST, CRISC, CGEIT, CISSP.