Talent.com
Upstaff
Senior Security Risk Assessment Consultant (Digital Trust)Upstaff • Fredericton South New Brunswick Provincial Government, NB, ca
Senior Security Risk Assessment Consultant (Digital Trust)

Senior Security Risk Assessment Consultant (Digital Trust)

Upstaff • Fredericton South New Brunswick Provincial Government, NB, ca
12 hours ago
Job type
  • Full-time
Job description
Job Description
Job Description – Senior Security Risk Assessment Consultant (Digital Trust)
Requisition ID: RQ00365
Client: Service New Brunswick (SNB)
Project: Digital Trust – Security Risk Assessment (SRA)
Location: Hybrid and Onsite - Fredericton, New Brunswick, if required
Start Date: 07/30/2026
About the Opportunity
Service New Brunswick (SNB) is seeking an experienced Senior Security Risk Assessment Consultant to lead a comprehensive Security Risk Assessment (SRA) for its Digital Trust solution. The successful consultant will perform an end-to-end architectural security assessment, application security testing, mobile security testing, and penetration testing across a modern digital identity ecosystem consisting of mobile applications, cloud services, identity platforms, APIs, vendor solutions, and government systems.
This engagement requires extensive expertise in security risk assessments, application security, mobile security, cloud security, identity and access management, and OWASP security frameworks.

Requirements

Key Responsibilities
The successful consultant will:
  • Lead the end-to-end Security Risk Assessment (SRA) for the Digital Trust solution.
  • Perform architectural risk assessments across mobile applications, cloud services, portals, APIs, vendor components, and internal government systems.
  • Conduct application security testing using OWASP ASVS Level 3 methodologies.
  • Perform mobile application security testing utilizing OWASP MASVS at the highest applicable testing level.
  • Execute penetration testing against solution components.
  • Perform static application security testing (SAST).
  • Perform dynamic application security testing (DAST).
  • Validate authentication and authorization controls.
  • Assess identity proofing, credential issuance, credential management, credential revocation, authentication, authorization, and workflow orchestration services.
  • Review integrations between Ping Identity, Microsoft Entra, AMANDA, BizTalk, cloud storage services, and Digital Trust applications.
  • Assess APIs, data flows, business logic, user roles, permissions, audit logging, and integration components supporting Digital Trust.
  • Evaluate end-to-end Verifiable Credential (VC) lifecycle processes including issuance, presentation, updates, revocation, and verification.
  • Produce comprehensive Security Risk Assessment documentation with findings, risk ratings, recommendations, and mitigation strategies.
  • Present assessment results to project stakeholders and participate in project meetings.
  • Work occasional evenings or weekends as required to support assessment activities.
Mandatory Requirements (M1–M2)
Candidates must clearly demonstrate the following:
M1
  • Written and spoken English communication skills are mandatory.
M2
  • Minimum 5 years of experience conducting Security Risk Assessments.
Candidates who do not clearly demonstrate all mandatory requirements will not be considered.
Scored Requirements (S1–S4)
Candidates will be evaluated based on demonstrated experience in the following areas:
S1
  • 3+ years conducting security assessments involving:
    • OWASP ASVS
    • OWASP MASVS
S2
  • 1+ year conducting security assessments involving:
    • Identity platforms
    • Authentication platforms
S3
  • 1+ year of experience with:
    • Service New Brunswick security assessment processes, or
    • Similar government security assessment methodologies.
S4
  • 3+ years producing Security Risk Assessment (SRA) deliverables or equivalent assessments for:
    • Complex enterprise environments
    • Public sector organizations
    • Regulated industries
    • Privacy-sensitive services.
Required Technical Skills
The ideal candidate will possess experience with:
  • Security Risk Assessments (SRA)
  • Penetration Testing
  • Vulnerability Assessments
  • Application Security Testing
  • Mobile Application Security Testing
  • Static Application Security Testing (SAST)
  • Dynamic Application Security Testing (DAST)
  • OWASP ASVS Level 3
  • OWASP MASVS
  • OWASP security methodologies
  • Secure authentication and authorization validation
  • Identity and Access Management (IAM)
  • Identity proofing
  • Digital Identity platforms
  • API security assessments
  • Cloud security assessments
  • Mobile security testing
  • Verifiable Credentials (VC)
  • Risk analysis and mitigation
  • Security architecture reviews
  • Enterprise integrations
  • Audit logging and compliance reviews
  • Technical documentation and reporting
Desired Experience
Preference will be given to candidates with experience in:
  • Ping Identity platform (PingOne Verify, PingOne DaVinci, PingOne Credentials)
  • Microsoft Entra
  • AMANDA (Granicus)
  • Citizen Portal for AMANDA
  • BizTalk integrations
  • Cloud storage security
  • Government Digital Identity solutions
  • Public sector security programs
  • Privacy-sensitive or regulated environments
  • Mobile identity applications
  • Government security governance and assessment methodologies.
Deliverables
The successful consultant will be responsible for delivering:
  • Vendor Security Assessment
  • Penetration Testing Assessment
  • OWASP ASVS Application Security Testing
  • OWASP MASVS Mobile Security Assessment
  • Comprehensive Security Risk Assessment documentation
  • Assessment reports with recommendations
  • Participation in stakeholder meetings and technical review sessions.
Reporting Structure
The consultant will report to Service New Brunswick's:
  • Departmental Information Security Officer (DISO)
  • Security Strategist
  • Digital Trust Project Manager.



Requirements
Mandatory Requirements (M1–M2) Candidates must clearly demonstrate the following: M1 Written and spoken English communication skills are mandatory. M2 Minimum 5 years of experience conducting Security Risk Assessments. Candidates who do not clearly demonstrate all mandatory requirements will not be considered. Scored Requirements (S1–S4) Candidates will be evaluated based on demonstrated experience in the following areas: S1 3+ years conducting security assessments involving: OWASP ASVS OWASP MASVS S2 1+ year conducting security assessments involving: Identity platforms Authentication platforms S3 1+ year of experience with: Service New Brunswick security assessment processes, or Similar government security assessment methodologies. S4 3+ years producing Security Risk Assessment (SRA) deliverables or equivalent assessments for: Complex enterprise environments Public sector organizations Regulated industries Privacy-sensitive services. Required Technical Skills The ideal candidate will possess experience with: Security Risk Assessments (SRA) Penetration Testing Vulnerability Assessments Application Security Testing Mobile Application Security Testing Static Application Security Testing (SAST) Dynamic Application Security Testing (DAST) OWASP ASVS Level 3 OWASP MASVS OWASP security methodologies Secure authentication and authorization validation Identity and Access Management (IAM) Identity proofing Digital Identity platforms API security assessments Cloud security assessments Mobile security testing Verifiable Credentials (VC) Risk analysis and mitigation Security architecture reviews Enterprise integrations Audit logging and compliance reviews Technical documentation and reporting Desired Experience Preference will be given to candidates with experience in: Ping Identity platform (PingOne Verify, PingOne DaVinci, PingOne Credentials) Microsoft Entra AMANDA (Granicus) Citizen Portal for AMANDA BizTalk integrations Cloud storage security Government Digital Identity solutions Public sector security programs Privacy-sensitive or regulated environments Mobile identity applications Government security governance and assessment methodologies.
Create a job alert for this search

Senior Security Risk Assessment Consultant (Digital Trust) • Fredericton South New Brunswick Provincial Government, NB, ca

Similar jobs

Senior It Security Manager Overseeing Incident Response And Strategy

J.D. IrvingFredericton, Canada
Full-time

Step into the role of Senior IT Security Manager, focusing on securing information systems and digital assets.Lead your team in developing strategies, managing risks, and ensuring compliance—all in... Show more

 • Promoted

Senior Project Manager Healthcare Digital Assets

MindtrisFredericton, NB, CA
Full-time

Join Mindtris as a Senior Project Manager specializing in digital assets for the healthcare sector.This 12-month remote role, with monthly onsite meetings, drives integration of crucial health tech... Show more

 • Promoted

Senior Change Manager - eHealth Transformation Lead Hybrid

UpstaffFredericton, NB, CA
Full-time

A leading firm in change management is seeking a Senior Change Manager in Fredericton, New Brunswick.You will spearhead the Provincial Digital Referral Program to enhance healthcare access via a di... Show more

 • Promoted

Senior ERP Solutions Architect — Oracle Fusion, Remote

TEEMAFredericton, NB, CA
Remote
Full-time

A leading company is seeking an Application Architect/Solution Architect with extensive experience in IT and ERP systems, particularly Oracle Fusion.The role involves architectural assessment, mode... Show more

 • Promoted

Business Intelligence Lead

Odyssey GlobalFredericton, NB, CA
Full-time

Be among the first 25 applicants.Get AI-powered advice on this job and more exclusive features.Business Intelligence Lead – Symbio (Government of New Brunswick).Location: Remote (Monthly travel to ... Show more

 • Promoted

Experienced Environmental Professional Managing Assessments and Remediation

Exp Global Inc.Fredericton, NB, CA
Full-time

Step into a leadership role as an Experienced Environmental Professional managing impactful investigations and remediation projects.Work in a collaborative, hybrid setting while delivering exceptio... Show more

 • Promoted

Sr. Project Manager - Digital Assets

MindtrisFredericton, NB, CA
Full-time

Senior Project Manager - Digital Assets.Canada, Remote (onsite in Fredericton, NB - once a month).Any (candidate must be authorized to work in CA).The Public sector client is seeking the services o... Show more

 • Promoted

Equity Partner & National Leader AI Business Solutions

People Machinefredericton, nb, ca
Full-time

Equity Partner & National Leader, AI Business Solutions.This role can be located in any major city centre across Canada.Digital services within the firm.The role will focus on sales, delivery excel... Show more

 • Promoted

Senior Information Technology Project Manager

NEOGOVfredericton, nb, ca
Full-time

This role is a CONTRACT & REMOTE from anywhere in Canada ***.Senior PMO Manager – Product Delivery(SaaS/Remote/Contract).NEOGOV is a proud SaaS leader in the Public Sector for HR, Recruiting, emplo... Show more

 • Promoted

Equity Partner & National Leader AI Business Solutions - People Machine

People Machinefredericton, nb, ca
Full-time

Equity Partner & National Leader, AI Business Solutions.This role can be located in any major city centre across Canada.Digital services within the firm.The role will focus on sales, delivery excel... Show more

 • Promoted

On-Site IT Security Manager – Leader of Risk & Defense

J.D. IrvingFredericton, New Brunswick, Canada
Full-time

A leading Canadian company is seeking a Manager, IT Security, responsible for leading a security team to protect digital assets and ensure compliance with relevant regulations.The ideal candidate w... Show more

 • Promoted

Senior Information Technology Project Manager - fredericton

NEOGOVfredericton, nb, ca
Full-time

This role is a CONTRACT & REMOTE from anywhere in Canada ***.Senior PMO Manager – Product Delivery(SaaS/Remote/Contract).NEOGOV is a proud SaaS leader in the Public Sector for HR, Recruiting, emplo... Show more

 • Promoted

Fire Protection Engineering Manager

Stantec Consulting International Ltd.Fredericton, NB, CA
Full-time

Lead fire protection initiatives in a hybrid work environment as a Senior Fire Protection Engineer.Design sophisticated fire safety systems for institutional and industrial projects across Canada.Y... Show more

 • Promoted

Senior Environmental Lead & Project Leader (Hybrid)

EXPFredericton, NB, CA
Full-time

A leading environmental consulting firm in Fredericton, NB is seeking an Intermediate / Senior Environmental Professional Lead to join their dynamic team.This full-time position involves providing ... Show more

 • Promoted

Senior Change Manager (CM3)

UpstaffFredericton, NB, CA
Temporary

Job Title: Senior Change Manager (CM3).Hybrid Remote – Fredericton, New Brunswick.Provincial Digital Referral Program.Health transformation project in New Brunswick.This program aims to implement a... Show more

 • Promoted

Life Underwriting Specialist/Consultant

Empire Lifefredericton, nb, ca
Full-time +2

Life Underwriting Specialist/Consultant.Location: Any Canadian Location, CA.The total target compensation (TTC) range, including salary and target bonus, is $95,920 - $144,970.This TTC range is app... Show more

 • Promoted

Senior Information Technology Project Manager - NEOGOV

NEOGOVfredericton, nb, ca
Full-time

This role is a CONTRACT & REMOTE from anywhere in Canada ***.Senior PMO Manager – Product Delivery(SaaS/Remote/Contract).NEOGOV is a proud SaaS leader in the Public Sector for HR, Recruiting, emplo... Show more

 • Promoted

Innovative ERP Solutions Architect with Strong Technical Expertise

TEEMAFredericton, NB, CA
Full-time

Step into a Solutions Architect role specializing in ERP solutions.Utilize your deep experience in application architectures and project management while working remotely in a collaborative environ... Show more

 • Promoted

Senior IT Security Manager Overseeing Incident Response and Strategy

J.D. IrvingFredericton, New Brunswick, Canada
Full-time

Step into the role of Senior IT Security Manager, focusing on securing information systems and digital assets.Lead your team in developing strategies, managing risks, and ensuring compliance—all in... Show more

 • Promoted

Senior Fire Protection Engineer

Stantec Consulting International Ltd.Fredericton, NB, CA
Full-time

Senior Fire Protection Engineer – Canada.The built environment shapes how communities live, work, and interact.Our Buildings practice brings together multidisciplinary expertise to design safe, res... Show more