We are seeking a highly accomplished Senior Security Specialist - Threat Risk Assessment to lead advanced threat evaluation, risk profiling, and security architecture governance for mission-critical software systems and enterprise infrastructure. Operating as a senior technical authority within a highly secure public sector domain, you will assume end-to-end ownership of identifying, analyzing, and mitigating complex security liabilities across physical, cyber, and operational environments. You will partner closely with engineering squads, project managers, and executive leadership to engineer defensive safeguards, evaluate procurement security, and compile comprehensive risk frameworks that protect vital data assets and assure business continuity.
Location: Orillia, ON (Fully Onsite)
Duration: 5-month contract
AdvantagesImpactful Security Mandate: Lead high-profile threat profiling and risk engineering for vital, mission-critical public safety systems.
End-to-End Governance: Direct full-lifecycle security tracks, from raw gap analysis to formal executive risk reporting and signed off mitigations.
Advanced Technical Footprint: Exercise master-tier risk methodologies (such as the RCMP Harmonized TRA) over complex, distributed system architectures.
Strategic Procurement Control: Act as a definitive evaluator, shaping future-state technology choices by establishing technical security procurement standards.
ResponsibilitiesThreat Risk Assessment Governance: Lead formal and informal Threat Risk Assessments (TRA) for enterprise-grade software, distributed systems, and modern digital solutions to discover and prioritize systemic vulnerabilities.
Threat & Impact Analysis: Evaluate internal and external threats, calculate the real-world likelihood and operational impact of various attack vectors, and reduce risks through secure system or organizational design.
Security Architecture & Controls Engineering: Define, assess, and enforce security architecture requirements across IT projects, ensuring the explicit incorporation of security controls and data protection measures into systems development.
Active Defense & Incident Response: Implement and periodically audit specialized safeguards to prevent, detect, and respond to cyber threats, updating security postures whenever business processes modify or security incidents occur.
Risk Reporting & Documentation: Collaborate across development, project management, and compliance teams to document technical risks and mitigation matrices, compiling them into clear, formal risk assessment reports tailored for both technical developers and senior leadership.
Regulatory Compliance & Privacy Advisory: Provide expert technical counsel on complex risk factors, protection of personal privacy, and alignment with corporate security directives and industry regulations.
Procurement Security Evaluation: Outline precise cybersecurity requirements for upcoming procurement documents and actively lead technical security evaluations during the formal vendor selection process.
Disaster Recovery & Business Continuity: Analyze information security risks and technical issues to support Business Continuity Planning (BCP) and Business Impact Analysis (BIA) tracks across complex technical environments.
QualificationsCore Risk Seniority: 5+ years of dedicated professional experience conducting comprehensive Threat Risk Assessments (TRA) and specialized security evaluations for enterprise software and hardware systems.
Public Sector Expertise: Proven background executing information technology security projects and risk evaluations within the Public Sector is strictly required.
Threat Engineering Acumen: 5+ years of verified experience evaluating internal/external system vulnerabilities, calculating scenario impacts, and systematically removing risks via robust infrastructure design.
Systems Security Integration: 5+ years of hands-on experience ensuring the integration of data security and contingency measures directly into the software development lifecycle (SDLC).
Methodological Framework Literacy: Practical experience planning, facilitating, and delivering risk workshops utilizing the RCMP Harmonized Threat Risk Assessment (HTRA) or a matching rigorous risk assessment methodology.
Technical Security Breadth: Strong knowledge of current data protection mechanisms, including encryption keys, access control models, firewalls, digital signatures, and authentication protocols.
Legislative & Privacy Savvy: Sound operational understanding of legislative frameworks and corporate directives regarding data privacy, confidentiality, and freedom of information.
Soft Skills: Outstanding analytical, decision-making, and verbal/written communication skills, with a track record of building consensus and maintaining strong client relationships across multi-disciplinary teams.
Nice to Have:
Hands-on experience with vulnerability scanning, network monitoring, penetration testing, or business and disaster recovery planning (DRP).
SummaryIf you're interested in the "Senior Security Specialist - Threat Risk Assessment" role based in Orillia, we encourage you to apply online at www.randstad.ca. Only qualified candidates will be contacted for the next steps. We look forward to hearing from you!
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to
accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
