At CN, we work together to move our company-and North America-forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks. You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM. The careers we offer are meaningful because the work we do matters. Join us!
Job Summary
The purpose of this role is to establish and maintain an industry leading Security Operations Center (SOC) and Incident Response (IR) practice, develop & mentor a team, and define processes, run books and standards for security operations at CN to meet SLAs and security objectives for availability, confidentiality and integrity of digital systems and data.
Main Responsibilities
Leading Others
Partner with HR to bring new talent to the organization by determining which skills and roles will be required in the future and by making thoughtful hiring decisions
Provide a positive and welcoming onboarding experience to all new employees by ensuring they have access to the tools and resources needed to fulfill the requirements of their job
Recognize employee milestones (service awards, retirements, etc.) as well as significant contributions and enhanced responsibilities
Focus on communications and foster collaboration by regularly providing updates to teams about ongoing initiatives and encouraging teams to work together to accomplish common goals and learning
Manage employee performance by ensuring employees who are not meeting expectations are identified and supported through the performance improvement process
Create and enable a positive and engaging work environment by ensuring individual strengths are uncovered and leveraged through frequent and focused conversations - collaborate, coach and build connections with employees
Participate in succession planning by contributing to the yearly talent review cycle and identifying employees with the potential to move up the management and expertise paths
Support employee development by having regular career conversations with all employees (documented and tracked) and supporting them in reaching their career goals
Ensure knowledge is preserved through cross-training for key skill sets in the team (knowledge transfer)
Security Operations Center Practice Development
Direct and put in place the proper security operations organizational structure and practices to manage safety and security risk while enabling the business for digital transformation.
Ensure the security operations processes are sustainable and properly documented
Build and maintain relevant, current, valid and reliable team knowledge related to incident response, network security, vulnerability management scanning and prioritization, investigations, threat hunting and threat intelligence collection.
Drive key decisions involving security operations.
Advance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members
Ensure the full documentation of run books, threat hunting plans, vulnerability management scanning plans and asset groupings, investigations and operational processes through clear diagrams and well-written documents
Security Operations Center Continuous Improvement
Collaborate with the CISO, cybersecurity team, portfolio managers, architects, and I&T leadership to understand the business direction and consequent impact on the security posture and risk appetite
Monitor threat hunting activities, incident management, and root cause analysis to define the proper course of action and investment strategy by building business cases and driving improvements to the security posture
Engage the cybersecurity vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners
Oversight of Managed Services contracts for security operations which involves 24x7 SOC services to capture after hours activities
Continuously monitor and evaluate the environment through self-assessments and independent security reviews as well as metrics against SLAs. Identify deficiencies and inefficiencies and initiate improvement actions though engaging Governance, Risk & Compliance and Architecture security roadmaps and strategies
Working Conditions
Occasional business travel (Canada and US) in accordance with CN policy
Requirements
Experience
Minimum 15 years overall IT experience
Minimum 10 years experience in IT or cybersecurity operations
Minimum 5 years experience in managing cybersecurity operations
Experience with incident response, security information and event management (asset)
Railroad, transportation, or Global industrial experience is a significant plus (asset)
Education/Certification/Designation
Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, System Analysis or other relevant field (or) an additional 5 years of relevant experience.
At least one recognized cybersecurity certification appropriate for cybersecurity operations: e.g. Certified Information Systems Security Professional (CISSP), GIAC Security Leadership (GSLC), GIAC Certified Incident Handler (GCIH), etc.
IT process related certifications (ITIL, etc.) preferred
Competencies
Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological solutions that provide practical risk mitigation and business enablement
Significant and proven experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations
Ability to identify root causes and highlight opportunities for architectural or governance improvement to feedback into those organizations.
Ability to interact with a broad cross-section of personnel to explain and enforce security measures
Excellent written and verbal communication skills as well as business acumen
Detail-oriented self-starter with a high level of commitment and personal motivation
Knack for prioritizing tasks and working in a fast-paced environment
Technical Skills/Knowledge
Expert knowledge of the processes, methodologies, tools and techniques, used for detecting and responding to cybersecurity events in a large, industrial organization.
Knowledge of standards, regulations and legislation governing information security and privacy, e.g. NIST, ISO 27001, SOX, PIPEDA
Knowledge of general IT security technologies and capabilities including: Mobile Device Management (MDM), Identity and Access Management (IAM), Digital Forensics, End Point Protection & Extended Detection and Response (XDR), Network Security, Vulnerability Management, Security Information & Event Management (SIEM), Threat Hunting, etc. (strong asset)
About CN
CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada's Eastern and Western coasts with the Southern tip of the U.S. through a 19,500 mile rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN is committed to programs supporting social responsibility and environmental stewardship. At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.
For internal candidates, note that the grade level of the position will depend on the employee's experience.
CN is an employment equity employer and we encourage all qualified candidates to apply. We thank all applicants for their interest, however, only candidates under consideration will be contacted. Please monitor your email on a regular basis, as communication is primarily made through email.
MNCJobz.com will not be responsible for any payment made to a third-party. All Terms of Use are applicable.