Canadian Pacific Railway Specialist Application Security in Calgary, Canada
Req ID: 73926
Department: Information Services
Job Type: Full-Time
Position Type: Non-Union
Location: Calgary, Alberta
% of Travel: 0-10%
of Positions: 1
Job Available to: Internal & External
Deadline to apply: 03/25/2019
Canadian Pacific is a transcontinental railway in Canada and the United States with direct links to major ports on the west and east coasts. CP provides North American customers a competitive rail service with access to key markets in every corner of the globe. CP is growing with its customers, offering a suite of freight transportation services, logistics solutions and supply chain expertise. Visit cpr.ca to see the rail advantages of CP.
PURPOSE OF THE POSITION:
Canadian Pacific’s Cybersecurity team is seeking a passionate security professional to help us secure our applications and infrastructure systems. You will be responsible for conducting application and infrastructure vulnerability assessments, validating security vulnerability findings and providing advice to both application and infrastructure teams.
The successful candidate will perform the following activities:
Educate, evangelize and promote secure coding and software development practices with application teams.
Develop, implement and maintain security architecture, directives and standards for application security.
Analyze, assess and respond to various security vulnerabilities.
Understand the root cause of security vulnerabilities to help teams fix them.
Administer and manage various application security and vulnerability management technologies including:
Qualys Vulnerability Management
Veracode Application Security Platform.
Develop, implement and maintain security strategy and controls for Internet of Things (IoT).
Identify and test security-related gaps with existing and new applications.
Conduct security testing activities on existing and new applications.
Work with Enterprise Architecture and Application teams to secure existing and new applications.
Advise project and operational teams on good security practices.
Participate in security incident investigation and response activities.
Provide technical advice and assistance on general cybersecurity related matters.
Participate in the rotational after-hours on-call support.
Conduct research to maintain and expand knowledge on the latest cybersecurity technologies and standards.
Various other duties as required.
University degree or college diploma in an IT or Engineering related field.
4+ years of cybersecurity experience.
4+ years of general information technology experience in domains such as application development, networking or server administration.
Good working knowledge of Microsoft Active Directory, Linux or Windows operating systems, application development concepts and networking concepts.
Understanding of application, security, networking and technology concepts.
Good communication abilities with technical and non-technical audiences
Good analytical, investigative and problem solving mindset.
Must be team oriented and at the same able to work with limited supervision.
CISSP, CSCSD or equivalent certification is an asset.
WHAT CP HAS TO OFFER:
Flexible and competitive benefits package
Competitive company pension plan
Employee Share Purchase Plan
Performance Incentive Program
Annual Fitness Subsidy
As an employer with national presence, the possibility does exist that the location of your position may be changed based on organizational requirements.
The successful candidate will need to successfully complete the following clearances:
Criminal history check
Management Conductor Program:
Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CP. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.
CP is an equal opportunity employer committed to the principles of employment equity and inclusion. We welcome applications from all qualified individuals. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act ("PIPEDA").