Sr. IT Security Architect

MaxSys Staffing and Consulting is hiring for a Senior IT Security Architect for one of their Federal Government clients in NCR. Role: Sr IT Security Architect Location: Hybrid in Ottawa, ON Duration : 21 April 2025 to 20 March 2026 Level of Effort: Full time Language: English Clearance: Reliability Qualifications: Must have a valid Enhanced Reliability Clearance or must be eligible to get one. Must demonstrate having 10 years of experience within the past 20 years of IT Security, Architecture and Engineering in any of the following: Electronic Health Records / Medical Records (EHR/EMR) systems, Health Information Management Systems (HIMS), Health Information Technologies (HIT), Public Health Information Systems (PHIS) Must demonstrate 10 years of extensive experience within the past 15 of developing security controls for complex information systems to manage cyber risks identified in at least four (4) of the following cybersecurity-related areas: National Institute of Standards and Technology (NIST) Special Publications (various 800 Series) Government of Canada - Communications Security Establishment Canada IT Security Guidelines (various ITSGs) Directive on Departmental Security Management Directive on Identity Management (DIM) Policy on Management of Information Technology Policy on Risk Management Management of Information Technology Security (MITS) Operational Standard ISO/IEC 27001 ISO/IEC 27002 TBS Integrated Risk Management Framework TBS Management Accountability Framework Harmonized TRA Methodology CCCS Security Categorization Guidance for Cloud Based Services Responsibilities: Collect, collate and prioritize client IT Security and Information Infrastructure Protection requirements Develop reports including but not limited to: Data security analysis, Security Concepts of Operation, Statements of Sensitivity (SoSs), Threat Risk assessments (HTRA), Risk assessments, IT Security threat, vulnerability and/or risk briefings. Work with the appropriate business stakeholders to assist, conduct and/or draft a preliminary privacy impact assessments (PPIAs) and privacy impact assessments (PIAs) to support the EHRP Project, in accordance with the requirements of: Treasury Board Privacy Impact Assessment Policy, Treasury Board Privacy Impact Assessment Policy Guidelines, Other relevant standards, procedures and guidelines. Leverage ITSG-33 to assist the EHRP Project in identifying and planning the required Information System Security Risk Management activities. Assist in planning to ensure the project aligns with the ITSG-33 Information System Security Implementation Process (ISSIP) across the system development lifecycle of the Project.