RQ07046 - Security Specialist Senior

Responsibilities :

• Definesevaluates and assesses security architecture requirements forsystems environments and ITprojects.
• Ensuresthe incorporation of IT security and contingency measures in thedevelopment ofsystems.
• Adviseson the identification analysis and resolution of specific securityfactors risks vulnerabilities; protection of personal privacyissues;

and appropriate industry and international securitystandards.

Carryout information and information technology (I&IT) securityprojects and tasks in the Ontario Public Service as assigned byCorporate Security or cluster I&ITmanagement

GeneralSkills :

• Strongunderstanding and expertise in securityarchitecture
• Knowledgeof techniques to secure information assets and the planning designand implementation of securitytechnologies
• Proventechniques to discover gaps or weaknesses in security architectureto identify and mitigate known security threats or inherentweaknesses
• Knowledgeand understanding of relevant legislation and corporate directivesrelated to the security and confidentiality of information (e.

g.Freedom of Information and Protection of Privacy Act) in order toidentify and assess areas of concern andrisk

Solidknowledge of current security and contingency technology andtechniques (e.g. digital signature encryption access controlsfirewalls authentication virus protection etc.

and a provenworking knowledge of security audit procedures andprotocols

• Experiencein developing enterprise architecture deliverables (e.g.models)
• Experiencein providing specialized security support at the specifiedexperiencelevel
• Experiencein establishing secure environments at a network operating systemor applicationlevel
• Experiencewith implementing security on complex and distributedsystems.
• Awarenessof emerging IT trends and directions especially as related tosecurity
• Excellentanalytical problemsolving and decisionmaking skills; written andverbal communication skills; interpersonal and negotiationskills
• Ateam player with a track record for meeting deadlines managingcompeting priorities and client relationship managementexperience

DesirableSkills :

• Experiencein developing enterprise architecture deliverables (e.g. models)based on Ontario Government Enterprise Architecture processes andpractice
• Experiencein Threat Risk Assessment methods Knowledge and understanding ofInformation Management principles concepts policies andpractices
• Experiencein business recovery and disaster recoveryplanning.
• Experiencein performing threat and riskassessment.
• Experiencein public key infrastructure development andoperation.
• Experiencein security design as part of systems developmentprojects.
• Experiencein intrusion detectionsystems.
• Experiencein mitigation tools for malicioussoftware.
• Experiencein vulnerability analysis and penetrationtesting.
• Experiencein networkmonitoring.
• Experiencein security policydevelopment.
• Experiencein developing and delivering securityeducation.
• Experiencein forensicinvestigation.
• Knowledgeand understanding of Information Management principles conceptspolicies andpractices

Requirements

Experienceand Skill SetRequirements :

MustHaves :

• Atleast 3 years experience must be related to Oracle Identity andAccess Management Suite Plus. Experience with OIAM 12C ispreferred.
• 5years experience designing developing deploying and sustaininglarge application implementations based on the following technologyproducts : Oracle Fusion Middleware Oracle Identity and AccessManagement Suite OHS Tomcat Windows Internet Information Server(IIS) IBM HTTP Server Apache IBM WebSphere Oracle database 19COracle Directory Server Enterprise Edition Solaris Windows AIX andLinux.

SkillSetRequirements :

Sustainmentof Large Identity and Access ManagementSystems :

• 5years experience sustaining (e.g. administration operations supportpatching monitoring starting / stopping) COTS based identity andaccess managementsystems.
• Atleast 3 years experience must be related to Oracle Identity andAccess Management Suite Plus. Experience with OIAM 12C ispreferred.
• Atleast 4 years experience must be related to implementations withover 10000 registeredusers.
• 3years experience with the Oracle unified Methodology (OUM) for COTSimplementations.
• 2years of experience with Nagios and other system monitoring tools(e.g. BigBrother)
• WorkingKnowledge and understanding of IT Security Technologiesparticularly encryption and authentication technologies such as PKIPMI andSSL.
• Experienceof solution design for business application to integrate withaccess management service using SAML2 OIDC industry standardprotocol

Sustainment of LargeApplicationImplementations :

• 5years experience designing developing deploying and sustaininglarge application implementations based on the following technologyproducts : Oracle Fusion Middleware Oracle Identity and AccessManagement Suite OHS Tomcat Windows Internet Information Server(IIS) IBM HTTP Server Apache IBM WebSphere Oracle database 19COracle Directory Server Enterprise Edition Solaris Windows AIX andLinux.
• Experiencewith ITIL processes such as Service Level Management ProblemManagement Change Management Release Management and CapacityManagement.

Incident and ProblemManagement :

• 5years experience triaging analysing diagnosing (a.k.atroubleshooting) evaluating options and resolving applicationproblems especially those related to identity and access managementsystems and the abovetechnologies.
• Experiencewith decision makingprocesses.

QualityAssurance :

5years experience with quality control and assurance methodologiesand practices as applied to the implementation of applications withover 10000users.

Experience and Skill Set Requirements : Must Haves : At least 3 yearsexperience must be related to Oracle Identity and Access ManagementSuite Plus.

Experience with OIAM 12C is preferred. 5+ yearsexperience designing, developing, deploying, and sustaining largeapplication implementations based on the following technologyproducts : Oracle Fusion Middleware, Oracle Identity and AccessManagement Suite, OHS, Tomcat, Windows Internet Information Server(IIS), IBM HTTP Server, Apache, IBM WebSphere, Oracle database 19C,Oracle Directory Server Enterprise Edition, Solaris, Windows, AIXand Linux.

Skill Set Requirements : Sustainment of Large Identityand Access Management Systems : 5+ years experience sustaining (e.

g.administration, operations, support, patching, monitoring,starting / stopping) COTS based identity and access managementsystems.

At least 3 years experience must be related to OracleIdentity and Access Management Suite Plus. Experience with OIAM 12Cis preferred.

At least 4 years experience must be related toimplementations with over 10,000 registered users. 3+ yearsexperience with the Oracle unified Methodology (OUM) for COTSimplementations.

2+ years of experience with Nagios and othersystem monitoring tools (e.g. Big Brother) Working Knowledge andunderstanding of IT Security Technologies, particularly encryptionand authentication technologies such as PKI, PMI and SSL.

Experience of solution design for business application to integratewith access management service using SAML2, OIDC industry standardprotocol Sustainment of Large Application Implementations : 5+ yearsexperience designing, developing, deploying, and sustaining largeapplication implementations based on the following technologyproducts : Oracle Fusion Middleware, Oracle Identity and AccessManagement Suite, OHS, Tomcat, Windows Internet Information Server(IIS), IBM HTTP Server, Apache, IBM WebSphere, Oracle database 19C,Oracle Directory Server Enterprise Edition, Solaris, Windows, AIXand Linux.

Experience with ITIL processes such as Service LevelManagement, Problem Management, Change Management, ReleaseManagement, and Capacity Management.

Incident and ProblemManagement : 5+ years experience triaging, analysing, diagnosing(a.k.a troubleshooting), evaluating options, and resolvingapplication problems, especially those related to identity andaccess management systems and the above technologies.

Experiencewith decision making processes. Quality Assurance : 5+ yearsexperience with quality control and assurance methodologies andpractices as applied to the implementation of applications withover 10,000 users.