Expert, Security Operation Center - Montréal, Canada - Canadian National Railway

Canadian National Railway

Verified Company

Montréal, Canada

2 weeks ago

Posted by:

Sophia Lee

beBee Recruiter

Description

At CN, we work together to move our company—and North America—forward.

Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion.

From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks.

You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM.

The careers we offer are meaningful because the work we do matters. Join us

Job Summary

As part of a Security Operations Center team and according with CN's workforce strategy, the Expert will interact and help shape permanent employees and a variable number of consultants depending on on-going projects and initiatives.

Some of the projects the Expert will work on will be unchartered territory, and will need to be built from the ground up - it takes vision and an innovative mind-set to make that happen.

The Expert needs to be enthusiastic, driven, conscientious, and accountable and a natural leader as well, with the ability to foster these values within the department.

Main Responsibilities

Operation Support - 25%

Lead the team by providing technical guidance and methodology with regards to the security practice.
Interface and guide product managers, project managers (PMs) and architecture in order to align corporate priorities within the team.
With a constant attention to OPEX/CAPEX costs, ensure solutions are in line with business expectations and CN's vision
Contribute to process improvement and elaboration.
Contribute to RFPs & RCA's
Participate collecting, assessing, and cataloging threat indicators

Practice Evolution - 45%

Enable the Continuous Service Improvement lifecycle which includes:
Reporting and Report Generation for various internal audiences
Conduct regular interactions with Governance
Enable the Security Management Lifecycle
Oversee process improvements, and drive implementation of new capabilities to enhance defense and response of CN systems and networks
High quality standards must be developed and applied to in order to reduce impact on operations, reduce TCO (Total Cost of Ownership).
Provide information security risk analysis and strategic recommendations for the ongoing improvement of the security posture of corporate networks, systems and services.
Develop comprehensive security writeups and presentations, which describe security issues, analysis, and remediation techniques to company leadership
Act as liaison between different departments providing guidance
Provide targeted training and workshops to various teams on a regular basis

Delivery - 30%

Oversee development of new security operations literature for use across CN information security functions by SOC team members.
Maintain knowledge of the threat landscape
Implement a proven testing methodology using industryleading tactics and techniques.
Adapt information security approaches to target realworld enterprise challenges

Organizational Impact

Decision Making & Impacts

Priority setting
Design evaluation
Quality assessment
Process optimization
Project Delivery Analysis
Designs/solutions will service many business and corporate operation functions which requires being optimal, efficient, available and sustainable
Implementation will need to be completed with efficiency, consistency and good planning in order to avoid network interruption, to ensure standardization and quality
Documentation will need to deliver accuracy, quality and proper content to meet decisionmaking and sustainability requirements

Level of Interaction/Influence

The Expert plays a focal role in the communication of technical aspects and orientations within his own group and between multiple disciples interacting with his groups.

Employees Supervised/Org Structure

Individual Contributor

Requirements:

Education/Certification/Designation

Master's Degree in Computer Science or related field OR equivalent work experience
Certifications:
GCFA (Advanced Incident Response, Threat Hunting and Digital Forensics)
GCED (GIAC Certified Enterprise Defender)
CISSP (Certified Information Systems Security Professional)
GCIH (GIAC Certified Incident Handler)
CISM (Certified Information Systems Manager)
GEVA (GIAC Enterprise Vulnerability Assessor)
CRISC (Certified in Risk and Information Systems Control)

Skills/Knowledge

Technical Background:

Expert knowledge of policies, procedures, and protocols in use by the CN Security Operations Center
Solid technical skills and knowledge around infrastructure based (Windows, Unix, Network, OT, and Cloud).
Good analytical skills able to review findings and determine criticality based on infrastructure configurations and security stack.
Knowledge of network