Operations Technology CyberSecurity Manager
City : Calgary, AB, CA
Category : Other
Industry : Transportation
Employer : Canadian Pacific
- Req ID: 100476
- Department: Information Services
- Job Type: Full-Time
- Position Type: Non-Union
- Location: Calgary, Alberta
- Country: Canada
- % of Travel: 0-10%
- # of Positions: 1
- Job Available to: Internal & External
PURPOSE OF THE POSITION:
Canadian Pacific’s Enterprise Security team is seeking an experienced, skilled, and hands-on OT Cybersecurity Manager. The main responsibilities of this position will include leading the implementation and growth of an OT cybersecurity practice for CP as well as bridging the gap between operational technology (OT) and information technology (IT) systems. This challenging position requires in-depth experience and knowledge of both OT and IT cybersecurity.
The successful candidate will perform the following activities:
- Serve as a technical liaison between the IT Security and OT business units to ensure Train operations and systems are following security best practices
- Lead the implementation and development of an OT cybersecurity practice
- Define and ensure compliance with security policies, processes, and standards to build a comprehensive OT security program
- Serve as subject matter expert in OT security
- Responsible for the development & implementation of OT-specific Security policies & procedures
- Work with operational teams and provide leadership to address OT security deficiencies
- Work closely with the Security Operations Center (SOC) to perform incident response activities when a security incident is discovered, participate in investigations to determine the root cause of security incidents, and ensure that appropriate protection or corrective measures are taken.
- Work with various operational teams to foster a culture of security maturity enhancements, awareness, and secure practices
- Stay abreast of and advise on current and emerging cyber security threats, related compliance/regulatory requirements, and industry best practices
- Strong knowledge and experience with information technology and cybersecurity.
- University Degree in Information Technology, Computer Science, Security or equivalent educational or professional IT/OT-related experience and/or qualifications
- Strong and progressive cybersecurity experience with a focus on OT environments.
- Experience with securing cross-domain IT/OT communications to and from Business Networks, third parties, and OT networks
- Knowledge of OT cyber security architectures and processes, including OT monitoring and logging
- Strong understanding of network security architecture, such as zones, firewall rules, detection/inspection technologies, and east-west security controls.
- Ability to conduct research and develop new OT cybersecurity solutions, as well as write research papers, proposals, and presentations
NICE TO HAVE
- Working knowledge of various OT technologies and providers is desirable
- Knowledge of OT-specific attack vectors, vulnerabilities, and how malicious actors exploit them is desirable
- Security certifications such as CISSP, GICSP or equivalent certifications are a plus.
WHAT CP HAS TO OFFER:
- Flexible and competitive benefits package
- Competitive company pension plan
- Employee Share Purchase Plan
- Performance Incentive Program
- Annual Fitness Subsidy
As an employer with national presence, the possibility does exist that the location of your position may be changed based on organizational requirements.
The successful candidate will need to successfully complete the following clearances:
- Criminal history check
- Reference check
Management Conductor Program:
Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CP. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.
CP is an equal opportunity employer committed to the principles of employment equity and inclusion. We welcome applications from all qualified individuals. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act ("PIPEDA").