This job board retrieves part of its jobs from: Human Resources Jobs | Toronto Jobs | Work From Home

The top job offers in Canada!

To post a job, login or create an account |  Post a Job   

A simple jobs board with daily updated offers from Canada

previous arrow
next arrow

Kongsberg Geospatial: Security Consultant

Kongsberg Geospatial

This is a Full-time position in Ottawa, ON posted January 25, 2021.

Job descriptionWe’re looking for a website security consultant to do occasional work for us reviewing the deployment of our public website and suggesting and / or implementing changes to help prevent interruption of availability or the execution of malicious code.This is a contract position that will require occasional work on specific tasks.This is a work-from-home / casual position.What we’re looking forWe’re looking for a website security consultant to look at our public facing website and provide a security audit and recommendations for security procedures to prevent data loss or the successful execution of malicious code (such as the installation of spam SMTP scripts).Our website is pretty typical of those for mid-size companies: we have a website running on a Joomla / LAMP stack, on a commercial web host that uses cPanel for site management.

In our case, we use BlueHost’s dedicated hosting features.While we maintain site backups and regularly update our open-source site components, we have noticed a steady drumbeat of attacks on our site, probing us with common exploits for popular CMS platforms and site configurations.

We want to make certain that we are doing everything appropriate, and possible within the limitations of our technology stack to ensure that our site is not compromised.We are especially concerned about the possibility of our primary domain being blacklisted in the event that an attacker successfully implements an SMTP spam script.

Since we are a defense technology company, it would be detrimental to our brand if our website falls victim to a common exploit.While commercial web hosts like ours do implement organizational security, we are not able to evaluate how effective their security is.We would like an audit of our deployment, and recommendations for hardening and maintaining our site security.The good news is that this is a simple brochureware website, with no ecommerce components and no online client or consumer data that can be stolen or compromised.

For this reason, this is a small engagement that should only take a few days to complete.Duties IncludeExamine the current website technology stack (with the understanding that we do not intend to replace the current site)Talk with the hosting support team to determine and evaluate the security implemented at their organizational levelMake recommendations for any immediate changes or hardening requiredCreate a strategy for ongoing security procedures and site updates (in addition to those already in place)Create a disaster recovery strategy in the event of a successful hackYou HaveA Canadian security clearance or eligibility to obtain oneA post-secondary degree in a field related to Computer Science or Engineering or equivalent relevant experienceDemonstrated experience with popular open source CMS platforms like Joomla and DrupalDemonstrated knowledge of commercial website hosting services like GoDaddy and BlueHostExperience in the following areas:Common website security strategiesEnterprise website security practicesIt Would be Great if You Have…Experience in some of the following areas depending on the project and role:Experience with or knowledge of the cPanel ecosystemExperience with disaster recovery in the event of site hacks, domain blacklists and other similar incidents