Apply now »

Cybersecurity Specialist (Hybrid)

COVID-19 Vaccination Requirement:

Pursuant to the Government of Canada’s mandate that all federally regulated employers require their employees to be fully vaccinated against COVID-19, CP requires all prospective employees to confirm their vaccination status as part of the hiring process and as a condition of continued employment.


  • Req ID: 96211
  • Department: Information Services
  • Job Type: Full-Time
  • Position Type: Non-Union
  • Location: Winnipeg, Manitoba
  • Country: Canada
  • % of Travel:
  • # of Positions: 1
  • Job Grade: 3
  • Job Available to: Internal & External
  • Deadline to apply: 07/11/2022


Canadian Pacific is a transcontinental railway in Canada and the United States with direct links to major ports on the west and east coasts, providing North American customers a competitive rail service with access to key markets in every corner of the globe. CP is growing with its customers, offering a suite of freight transportation services, logistics solutions and supply chain expertise. Visit to see the rail advantages of CP.



Canadian Pacific’s Enterprise Security team is seeking a passionate, skilled, and hands-on Cybersecurity Specialist. This role will be responsible for working with Solution Architects, the Enterprise Security team, and other IS members to develop, deliver, and support solutions that reduce overall cybersecurity risk.  You will provide cybersecurity advice and guidance to both business and technical teams.  This role requires an individual who is a self-starter, analytical, inquisitive and a quick learner. Each day will be fast-paced, challenging, rewarding and meaningful and you will be inspired to bring your best, every day.



The successful candidate will perform the following activities:

  • Work with the broader Enterprise Security team and other IS teams
  • Work with Enterprise Architecture and Application teams to secure existing and new applications
  • Assist IT teams and projects with the secure design of business and technology solutions, as well as good security practices
  • Provide technical assistance and advice on general cybersecurity issues, as well as recommendations on how to best mitigate cybersecurity risks
  • Lead or participate in the design and implementation of security solutions
  • Develop, implement and maintain cybersecurity procedures and configurations
  • Provide operational support, troubleshooting, and maintenance of Security-related processes, controls, or products
  • Administer solutions managed by the Enterprise Security team such as Public Key Infrastructure
  • Conduct research to keep up to date on the latest cybersecurity technologies and standards, as well as provide position papers
  • Assist with the execution of CP's information security strategy and roadmap;
  • Work closely with the Security Operations Center (SOC) to perform incident response activities when a security incident is discovered, participate in investigations to determine the root cause of security incidents, and ensure that appropriate protection or corrective measures are taken
  • Participate in the rotational after-hours on-call support
  • Various other duties as required



  • Strong knowledge and experience with information technology and cybersecurity.
  • University Degree in Information Technology, Computer Science, Security or equivalent educational or professional security experience and/or qualifications
  • 5+ years of relevant experience IT and cybersecurity experience
  • Extensive understanding of IT risk and cybersecurity controls.
  • Strong understanding of cybersecurity principles such as encryption, ports, protocols, and services, policies, procedures, physical security, risk management, asset management, configuration management, access control, security architecture, business continuity, contingency planning, and application security, among others.
  • Strong knowledge of network architecture and secure network design, including zones, firewall rules, detection/inspection technologies, and east-west security controls.
  • Experience with Amazon Web Services (AWS) and/or Azure security model and controls
  • Ability to conduct research and develop new cybersecurity solutions, as well as write position papers, proposals, and presentations
  • Good working knowledge of the latest attack techniques and how to prevent various attacks
  • Good working knowledge of several of the following (or similar) technologies is an asset: Active Directory, CyberArk PAM, Microsoft PKI, Venafi, and Proofpoint
  • A CISSP or similar certification is a plus.
  • Good written and verbal communication abilities with technical and non-technical audiences
  • Good analytical, investigative and problem solving mindset
  • Must be team oriented and at the same able to work with limited supervision
  • Communicate exceptionally well with management, peers, and customers
  • Have high attention to detail and commitment to quality
  • Ability to work effectively in a fast-paced, changing environment
  • Ability to work as a key member of cross-functional teams and achieve consensus on recommendations
  • Excellent time management skills
  • Desire for continuous improvement and a commitment to best practices



  • Flexible and competitive benefits package
  • Competitive company pension plan
  • Employee Share Purchase Plan
  • Performance Incentive Program
  • Annual Fitness Subsidy



As an employer with national presence, the possibility does exist that the location of your position may be changed based on organizational requirements.

Background Investigation:

The successful candidate will need to successfully complete the following clearances:     

  • Criminal history check
  • Reference check


Management Conductor Program:

Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CP. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.


CP is an equal opportunity employer committed to the principles of employment equity and inclusion. We welcome applications from all qualified individuals. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act ("PIPEDA").  

Apply now »