Apply now »

CyberSecurity Director

  • Req ID: 100744
  • Department: Information Services
  • Job Type: Full-Time
  • Position Type: Non-Union
  • Location: Calgary  , Alberta
  • Country: Canada
  • % of Travel: 0-10%
  • # of Positions: 1
  • Job Available to: Internal & External


Canadian Pacific is a transcontinental railway in Canada and the United States with direct links to major ports on the west and east coasts. CP provides North American customers a competitive rail service with access to key markets in every corner of the globe. CP is growing with its customers, offering a suite of freight transportation services, logistics solutions and supply chain expertise. Visit to see the rail advantages of CP. 



Leading the Information Services (IS) Cybersecurity team, the Director, Enterprise Security is responsible for the entire organization’s overall IT Security, including the development, implementation and compliance of information security solutions including maintenance and monitoring of all environments across Canadian Pacific. The Director is responsible for managing risks related to information security, policy development and enforcement, identity management, crisis management, privacy and compliance. Additionally, the Director also represents Canadian Pacific as a member of North American rail industry security committees and working groups.



  • Leads and manages a high performing security team to ensure the appropriate levels of service in the management of user identities, authentication and authorization for all IS platforms.
  • Guides and directs Security team members in personnel development as well as adhering to budgeting, planning and systems development controls within the IT organization
  • Develops and implements information security standards, processes, procedures, and guidelines for the entire organization
  • Plans and executes any required risk or vulnerability inspections, tests and investigations
  • Ensures and monitors security compliance with industry and government rules and regulations
  • Coordinates with technology and business groups to assess, implement, remediate and monitor information security risks/hazards
  • Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balances this with security controls
  • Reports security performance against established security metrics
  • Creates and implements information security policies and procedures required to maintain and improve a risk-based information security posture
  • Creates and executes IT and Data Security strategies that will enhance and increase the reliability and security of IS systems and services
  • Creates an information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security
  • Researches and evaluates new information security technologies. Maintains awareness of trends in cybersecurity, including ICS/SCADA. Conducts and participates in the review, evaluation, and recommendation of security products, productivity tools, and external services. Possesses advanced knowledge of information assurance technologies and principles
  • Audits and reviews all information security issues in the organization, partners with other organizations on IT security issues and policies (such as CP Police, Legal, Human Resources, Internal Controls and Internal Audit), and manages all information security incidents and threats – both internal and external
  • Represents IS management in all internal/external audits and control reviews including liaison with senior executives and key stakeholders



  • Bachelor’s or Master’s degree in computer science, management information systems, business administration, or related discipline
  • Strong experience leading an information security team - analyzing and applying information security, risk management and privacy practices – for a 7X24 enterprise
  • Expert in strategic planning, budgeting and resource allocation
  • Holder of a valid CISSP certification
  • Holder of, or able to obtain Canadian government secret clearance
  • Experienced in effectively utilizing resources throughout the organization as well as external vendors
  • Background in security issues related to traditional IS technologies as well as SCADA infrastructure



  • Flexible and competitive benefits package
  • Competitive company pension plan
  • Employee Share Purchase Plan
  • Performance Incentive Program 
  • Annual Fitness Subsidy




As an employer with national presence, the possibility does exist that the location of your position may be changed based on organizational requirements.


Background Investigation:

The successful candidate will need to successfully complete the following clearances:     

  • Criminal history check
  • Reference check


Management Conductor Program:

Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CP. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.


CP is an equal opportunity employer committed to the principles of employment equity and inclusion. We welcome applications from all qualified individuals. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act ("PIPEDA").  


Apply now »