Overview
USD 650,000.00 per year
Full Time
Skills
Public Sector
Test Strategy
Security Clearance
IT Security
Endpoint Protection
Laptop
Intrusion Prevention
TBS
Strategic Planning
Routing Information Protocol
Migration
POC
Risk Management
AV
Audiovisual
IPS
Microsoft
Storage
USB
Authorization
As-is Process
SEP
MDE
Management
Material Safety Data Sheet
Use Cases
High-level Design
Presentations
Documentation
Roadmaps
Firewall
Security Architecture
Information Security
Antivirus
Symantec Endpoint Protection
Symantec
Microsoft Azure
Cloud Computing
Microsoft Technologies
Cyber Security
Job Details
Top Skills' Details
1. Ten (10) years professional work experience within the last twelve (12) years, as an IT Security Design specialists with recent experience supporting a public sector client to migrate their endpoint protection services to MS Defender. ** recent = last 5 years
2. 1+ projects in the last 5 years building out a roadmap, proof of concept and testing strategy to roll out cloud based solutions for managing endpoint protection, including modules for Antivirus, Managing Portable Storage Devices, Firewall filtration and Intrusion Prevention
3. Must hold Level II (Secret) Clearance
Description
1.0 Microsoft Defender for Endpoint
Client information:
Health Canada (HC) is in need of an IT Security Design Specialist resource to support and re-configure the Microsoft Defender for Endpoint devices (MDE) at Health Canada (HC) running on the end-user provided devices. Also, the support and configuration of the Portable Storage Devices (PSD) restriction within Intune.
Current State: Symantec Enterprise Endpoint Protection (SEP) currently active on desktops/laptops which provides:
- Antivirus
- Firewall/Filtration
- Portable Storage Device (PSD) management
- Intrusion Prevention
HC has M365 E5 licences which includes Microsoft Defender for Endpoint (MDE), currently in passive (listen-only) mode because two active antivirus solutions cannot coexist.
Future State: Retire Symantec for a couple reasons:
- HC already has E5 licenses and other MS Products that perform the same functions as SEP which will cost them $650K per year starting Apr 2026 when SSC stops funding SEP licences
- to align with SSC and TBS mandate for MS Defender as the active antivirus. ;br>Scope:
- Design and implement secure strategy and configurations for Microsoft Defender for Endpoint (MDE) in active mode.
- Plan and execute retirement of Symantec Endpoint Protection (SEP) without introducing vulnerabilities. Need an intellectual approach (strategy, plan, PoC) rather than SSC's suggestion of "rip and replace."
- Develop step-by-step migration plan, including PoC, risk mitigation, and rollback strategy.
- Address SEP's current functions (AV, firewall, USB manageability, IPS) with equivalent Microsoft solutions, eg. Intune for portable storage device governance.
- current PSD governance only allows USB to power devices but does not allow data transfer without prior authorization
3.0 Objective:
The outcome of the process is a series of activities and deliverables culminating in the establishment of Secure and robust IT solutions and services at HC.
The role of this specific resource is for a Security Design Specialist working within a project team to assist with the secure strategy & configurations deliverables required for placing the MDE in active mode, and the removal of the Symantec Endpoint Protection (SEP) virus scan function.
The HC team will provide the resource with IT equipment, accounts, and internal process guidance.
4.0 Tasks:
Tasks include and are not limited to:
Every week, provide a timesheet clearly identifying the amounts of effort with which the client-led project was supported;
Participate in client-led project meetings as and when required;
Review and understand the MDE and SEP configuration deployments and configurations (as is) within HC;
Participate in technical discussions with HC Subject Matter Experts (SMEs) and MS SME focusing on SEP & MDE end state;
Develop and deliver a priority-based approach to retiring the SEP phase approach, and enabling MDE on all endpoint devices using best practices;
Develop a phased approach for deploying & managing our PSDs in the HC environment, using our client use cases;
Make recommendations and propose a high-level design(s) based on best practices;
Develop presentations on the approach for stakeholders and governance committees;
Provide high-level designs and other supporting documentation;
Skills
Security, Roadmap, Design, Firewall, Security architecture, Information security, antivirus, symantec endpoint protection, Defender, Symantec, Cyber security, Cloud, Azure, intune
Additional Skills & Qualifications
Specialization in cloud based Microsoft technologies for cybersecurity
Experience Level
Expert Level
If you have any questions, please apply within.
Job Type & Location
This is a Contract position based out of Kanata, ON.
Pay and Benefits
The pay range for this position is $100.00 - $100.00/hr.
Workplace Type
This is a fully remote position.
propos de TEKsystems et TEKsystems Global Services
Nous sommes un fournisseur de services aux entreprises et de technologies. Nous acclrons la transformation de nos clients. Notre comptence en stratgie, conception, excution et oprations libre la valeur de l'entreprise par un ventail de solutions. Nous sommes une quipe de 80 000 personnes qui collaborent avec plus de 60 000 clients, notamment 80 % du Fortune 500 en Amrique du Nord, Europe et Asie, qui collaborent avec nous dans le cadre de nos capacits full-stack et notre rythme. Nous sommes des penseurs stratgiques, des collaborateurs pratiques qui aident les clients exploiter le changement et matriser le dynamisme de la technologie. Nous btissons le futur en livrant les rsultats et en crant un impact positif dans nos communauts mondiales. TEKsystems et TEKsystems Global Services sont des entreprises d'Allegis Group. Dcouvrez d'autres informations TEKsystems.com.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
1. Ten (10) years professional work experience within the last twelve (12) years, as an IT Security Design specialists with recent experience supporting a public sector client to migrate their endpoint protection services to MS Defender. ** recent = last 5 years
2. 1+ projects in the last 5 years building out a roadmap, proof of concept and testing strategy to roll out cloud based solutions for managing endpoint protection, including modules for Antivirus, Managing Portable Storage Devices, Firewall filtration and Intrusion Prevention
3. Must hold Level II (Secret) Clearance
Description
1.0 Microsoft Defender for Endpoint
Client information:
Health Canada (HC) is in need of an IT Security Design Specialist resource to support and re-configure the Microsoft Defender for Endpoint devices (MDE) at Health Canada (HC) running on the end-user provided devices. Also, the support and configuration of the Portable Storage Devices (PSD) restriction within Intune.
Current State: Symantec Enterprise Endpoint Protection (SEP) currently active on desktops/laptops which provides:
- Antivirus
- Firewall/Filtration
- Portable Storage Device (PSD) management
- Intrusion Prevention
HC has M365 E5 licences which includes Microsoft Defender for Endpoint (MDE), currently in passive (listen-only) mode because two active antivirus solutions cannot coexist.
Future State: Retire Symantec for a couple reasons:
- HC already has E5 licenses and other MS Products that perform the same functions as SEP which will cost them $650K per year starting Apr 2026 when SSC stops funding SEP licences
- to align with SSC and TBS mandate for MS Defender as the active antivirus. ;br>Scope:
- Design and implement secure strategy and configurations for Microsoft Defender for Endpoint (MDE) in active mode.
- Plan and execute retirement of Symantec Endpoint Protection (SEP) without introducing vulnerabilities. Need an intellectual approach (strategy, plan, PoC) rather than SSC's suggestion of "rip and replace."
- Develop step-by-step migration plan, including PoC, risk mitigation, and rollback strategy.
- Address SEP's current functions (AV, firewall, USB manageability, IPS) with equivalent Microsoft solutions, eg. Intune for portable storage device governance.
- current PSD governance only allows USB to power devices but does not allow data transfer without prior authorization
3.0 Objective:
The outcome of the process is a series of activities and deliverables culminating in the establishment of Secure and robust IT solutions and services at HC.
The role of this specific resource is for a Security Design Specialist working within a project team to assist with the secure strategy & configurations deliverables required for placing the MDE in active mode, and the removal of the Symantec Endpoint Protection (SEP) virus scan function.
The HC team will provide the resource with IT equipment, accounts, and internal process guidance.
4.0 Tasks:
Tasks include and are not limited to:
Every week, provide a timesheet clearly identifying the amounts of effort with which the client-led project was supported;
Participate in client-led project meetings as and when required;
Review and understand the MDE and SEP configuration deployments and configurations (as is) within HC;
Participate in technical discussions with HC Subject Matter Experts (SMEs) and MS SME focusing on SEP & MDE end state;
Develop and deliver a priority-based approach to retiring the SEP phase approach, and enabling MDE on all endpoint devices using best practices;
Develop a phased approach for deploying & managing our PSDs in the HC environment, using our client use cases;
Make recommendations and propose a high-level design(s) based on best practices;
Develop presentations on the approach for stakeholders and governance committees;
Provide high-level designs and other supporting documentation;
Skills
Security, Roadmap, Design, Firewall, Security architecture, Information security, antivirus, symantec endpoint protection, Defender, Symantec, Cyber security, Cloud, Azure, intune
Additional Skills & Qualifications
Specialization in cloud based Microsoft technologies for cybersecurity
Experience Level
Expert Level
If you have any questions, please apply within.
Job Type & Location
This is a Contract position based out of Kanata, ON.
Pay and Benefits
The pay range for this position is $100.00 - $100.00/hr.
Workplace Type
This is a fully remote position.
propos de TEKsystems et TEKsystems Global Services
Nous sommes un fournisseur de services aux entreprises et de technologies. Nous acclrons la transformation de nos clients. Notre comptence en stratgie, conception, excution et oprations libre la valeur de l'entreprise par un ventail de solutions. Nous sommes une quipe de 80 000 personnes qui collaborent avec plus de 60 000 clients, notamment 80 % du Fortune 500 en Amrique du Nord, Europe et Asie, qui collaborent avec nous dans le cadre de nos capacits full-stack et notre rythme. Nous sommes des penseurs stratgiques, des collaborateurs pratiques qui aident les clients exploiter le changement et matriser le dynamisme de la technologie. Nous btissons le futur en livrant les rsultats et en crant un impact positif dans nos communauts mondiales. TEKsystems et TEKsystems Global Services sont des entreprises d'Allegis Group. Dcouvrez d'autres informations TEKsystems.com.
About TEKsystems and TEKsystems Global Services
We're a leading provider of business and technology services. We accelerate business transformation for our customers. Our expertise in strategy, design, execution and operations unlocks business value through a range of solutions. We're a team of 80,000 strong, working with over 6,000 customers, including 80% of the Fortune 500 across North America, Europe and Asia, who partner with us for our scale, full-stack capabilities and speed. We're strategic thinkers, hands-on collaborators, helping customers capitalize on change and master the momentum of technology. We're building tomorrow by delivering business outcomes and making positive impacts in our global communities. TEKsystems and TEKsystems Global Services are Allegis Group companies. Learn more at TEKsystems.com.
The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.