Enterprise Security Manager - Application, Identity and Vulnerability Management

  • Req ID: 73364
  • Department: Information Services
  • Job Type: Full-Time
  • Position Type: Non-Union
  • Location: Calgary, Alberta
  • Country: Canada
  • % of Travel: 0-10%
  • # of Positions: 1
  • Job Available to: Internal & External
  • Deadline to apply: 07/31/2019


About Canadian Pacific:


Canadian Pacific is a transcontinental railway in Canada and the United States with direct links to major ports on the west and east coasts. CP provides North American customers a competitive rail service with access to key markets in every corner of the globe. CP is growing with its customers, offering a suite of freight transportation services, logistics solutions and supply chain expertise. Visit cpr.ca to see the rail advantages of CP. CP-IR




Canadian Pacific’s Cybersecurity team is seeking a passionate, skilled, and hands-on application security manager. You will be managing a team of technical analysts and specialists who work in a fast paced environment. It is important that you have good leadership and strong technical competencies. You will also provide advice to both business and technical teams. This role will report to the Director, Enterprise Security.



The successful candidate will perform the following activities:

  • Manage a team of analysts and specialists who protect Canadian Pacific from a variety of cybersecurity related threats.
  • Manage the application security and vulnerability management functions.
  • Design, maintain, and help build scalable and reliable security solutions.
  • Develop a roadmap for future work, track progress against it, and evaluate the team’s performance.
  • Forge partnerships with application and infrastructure teams to collaboratively solve cybersecurity issues.
  • Understand the root cause of security issues and help teams to address the issues.
  • Provide technical advice and assistance on general cybersecurity related matters.
  • Conduct research to maintain and expand knowledge on the latest cybersecurity technologies and standards.
  • Various other duties as required.


  • University degree in Computer Science or related field.
  • 5+ years of progressive cybersecurity and general information technology experience.
  • 2+ years of experience leading or managing a technical team.
  • Good understanding and experience around application security and secure coding practices.
  • Familiarity with core security concepts including:
    • Application security
    • Cryptography
    • Directory services such as Microsoft Active Directory
    • Email security
    • Identity and access management
    • Network and web security protocols
    • Operating systems such as Linux and Windows
    • Secure coding practices
    • Vulnerability management
  • Familiarity with cybersecurity frameworks and/or standards such as NIST Cybersecurity Framework, ISO 27001, ISO 27002, etc.
  • Good communication abilities with technical and non-technical audiences.
  • Good analytical, investigate and problem solving mindset.




  • Flexible and competitive benefits package
  • Competitive company pension plan
  • Employee Share Purchase Plan
  • Performance Incentive Program
  • Annual Fitness Subsidy



As an employer with national presence, the possibility does exist that the location of your position may be changed based on organizational requirements.


Background Investigation:

The successful candidate will need to successfully complete the following clearances:     

  • Criminal history check
  • Reference check


Management Conductor Program:

Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CP. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.


CP is an equal opportunity employer committed to the principles of employment equity and inclusion. We welcome applications from all qualified individuals. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act ("PIPEDA").


Find similar jobs: