Analyst CyberSecurity

Canadian Pacific (CP) and Kansas City Southern (KCS) are now CPKC. As the only truly North American railway, we are making big moves! Drawing on our strong foundations and heritage, CPKC moves essential goods across our 20,000-mile network to support economic growth throughout Canada, the U.S. and Mexico. Be a part of history as we connect a continent and create exciting career opportunities across our new transnational network. Visit cpkcr.com to learn about the CPKC advantage, our purpose and culture.

PURPOSE OF THE POSITION:

Canadian Pacific’s Cybersecurity team is seeking a passionate security professional to assist with the design and execution of CP’s cybersecurity strategy. This includes coordinating all anti-virus and vulnerability management activities.

POSITION ACCOUNTABILITIES:

The successful candidate may perform the following types of activities:

• Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents;
• Respond to alarms and incidents, follow response playbooks;
• Administer, maintain, and support Vulnerability Management system, Email Hygiene system, Multifactor Authentication system;
• Perform vulnerability scans, analysis, validation and remediation activities;
• Classify and prioritize the risk of new vulnerabilities;
• Provide IT teams with information security advice and guidance on vulnerability remediation;
• Develop, implement and maintain cybersecurity procedures and configurations;
• Research and assess emerging security threats and vulnerabilities and provide position papers;
• Assist with the execution of CP's information security strategy and roadmap;
• Various other duties as required.

POSITION REQUIREMENTS:

• Preference will be given to candidates with a university degree or college diploma in an IT related field
• 1+ year of experience in cybersecurity monitoring and incident response.
• 1+ year of security operations experience, particularly in email hygiene or vulnerability management areas. OR
• 1+ year Experience in management of vulnerability scanning tools such as Qualys, Nessus, Nexpose or similar tools

NICE TO HAVE:

• Preference will be given to candidates with some software development experience.
• Understanding of Linux or Windows operating systems, and security and networking concepts.
• Solid understanding of common web application, network, operating system vulnerabilities (Linux and Windows)
• Experience in management of email hygiene tools would be beneficial
• Experience with multifactor management would be beneficial.
• Experience with application scanning would be beneficial.
• Experience with AWS, O365, or Azure Security would be beneficial.
• IT industry security certification (CISSP,CEH,GIAC etc.) would be an asset
• Knowledge of OWASP/NIST/CIS/ISO27000 security concepts would be an asset

WHAT CPKC HAS TO OFFER:

• Flexible and competitive benefits package
• Competitive company pension plan
• Employee Share Purchase Plan
• Performance Incentive Program
• Annual Fitness Subsidy
• Part-time Studies Program

ADDITIONAL INFORMATION:

As an employer with North American presence, the possibility does exist that the location of your position may be changed based on organizational requirements.

Background Investigation:

The successful candidate will need to successfully complete the following clearances:       

• Criminal history check
• Reference check

Management Conductor Program:

Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CPKC. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.

CPKC is an employment equity employer committed to the principles of employment equity and inclusion. We encourage all qualified candidates to apply including women, Black, Indigenous, People of Colour (BIPOC), members of the LGBTQ+ community, and people with disabilities. Accommodations for the job application process can be provided, as appropriate, upon request. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act (PIPEDA)”.

• Req ID: 100625
• Department: Information Services
• Job Type: Full-Time
• Position Type: Non-Union
• Location: Calgary, Alberta
• Country: Canada
• % of Travel: 0-10%
• # of Positions: 1
• Job Grade: 5
• Job Available to: Internal & External

#LI-GK1

#LI-ONSITE