Senior SA&A / ATO Specialist - Private Cloud (Kubernetes Environment)

About The Position

Requirements

• Demonstrated experience producing SA&A and ATO documentation within a Government of Canada department or Crown corporation
• Strong understanding of GC security frameworks, policies, and accreditation processes
• Experience supporting cloud or private cloud environments
• Working knowledge of Kubernetes and containerized architectures (must be able to understand and document, not necessarily build or deploy)
• Experience with Threat and Risk Assessments (TRA) and security control documentation
• Ability to engage with both technical and non-technical stakeholders

Nice To Haves

• Experience with modern cloud platforms (e.g., Azure, GCP etc.) in a secure or regulated environment
• Familiarity with DevSecOps concepts and container security practices
• Previous experience supporting large-scale digital transformation or modernization initiatives

Responsibilities

• Lead the development and maintenance of SA&A and ATO documentation for private cloud environments
• Interpret and document security controls for cloud-native architectures, including Kubernetes
• Work closely with technical teams to understand system design, data flows, and security posture
• Translate technical implementations into clear, structured documentation aligned with Government of Canada security standards
• Support risk assessments, threat and risk analyses (TRA), and mitigation strategies
• Contribute to the overall ATO lifecycle, including preparation, review, and audit readiness
• Provide guidance on security documentation best practices and compliance requirements