• Job Description

  Req#: 102044

  Canadian Pacific (CP) and Kansas City Southern (KCS) are now CPKC. As the only truly North American railway, we are making big moves! Drawing on our strong foundations and heritage, CPKC moves essential goods across our 20,000-mile network to support economic growth throughout Canada, the U.S. and Mexico. Be a part of history as we connect a continent and create exciting career opportunities across our new transnational network. Visit cpkcr.com to learn about the CPKC advantage, our purpose and culture.

  PURPOSE OF THE POSITION:

  Support enterprise security related objectives in the operational technology space, including tactical (threat detection and incident response) and governance aspects. Member of a diverse team of enterprise security experts that works to protect the confidentiality, integrity, and availability of information systems.

  POSITION ACCOUNTABILITIES:

  • Coordinate with stakeholders such as Internal Controls, Internal Audit etc. for compliance (e.g. SOX) related tasks
  • Assist in managing and improving the security awareness program
  • Work with IT, business, and third-party vendors to perform security risk assessments on new and existing systems, processes, and technologies (including cloud solutions) to identify any security risks and coordinate with stakeholders to mitigate the risk; improve the efficiency of the assessment process.
  • Develop, implement. and maintain cybersecurity policies, standards, directives, and processes. Raise awareness about these amongst the end-users
  • Provide guidance/consultation to the project teams/application teams/business to implement security best practices
  • Manage and lead the improvement initiatives for the existing security risk management tools including improving the process/workflows, designing, and implementing new workflows, updating manuals, raising awareness about the tools, and maintaining the security risk register by documenting and monitoring risks as required
  • Lead initiatives to improve the maturity of the security risk management program by working towards the alignment with NIST framework; conduct gap assessments, and assign and coordinate for the follow-up tasks with different teams, etc.
  • Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents; respond to alarms and incidents, follow response playbooks
  • Administer, maintain, and support various systems including vulnerability management, email hygiene, and multifactor authentication
  • Perform vulnerability scans, analysis, validation, and remediation activities; classify and prioritize the risk of new vulnerabilities; provide IT and business teams with information security advice and guidance on vulnerability remediation
  • Develop, implement, and maintain cybersecurity procedures and configurations; research and assess emerging security threats and vulnerabilities and provide position papers; assist with the execution of CPKC's information security strategy and roadmap

  POSITION REQUIREMENTS:

  • 5+ years in information technology security, operational technology, information technology, or a similar field
  • Experience in an IT/cyber risk management or security risk assessment role
  • Security or technical experience in operation technology environments

  WHAT CPKC HAS TO OFFER :

  • Flexible and competitive benefits package
  • Competitive company pension plan
  • Employee Share Purchase Plan
  • Performance Incentive Program
  • Annual Fitness Subsidy
  • Part-time Studies Program

  ADDITIONAL INFORMATION:

  As an employer with North American presence, the possibility does exist that the location of your position may be changed based on organizational requirements.

  Background Investigation:

  The successful candidate will need to successfully complete the following clearances:

  • Criminal history check
  • Reference check

  Management Conductor Program:

  Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CPKC. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.

  CPKC is an employment equity employer committed to the principles of employment equity and inclusion. We encourage all qualified candidates to apply including women, Black, Indigenous, People of Colour (BIPOC), members of the LGBTQ+ community, and people with disabilities. Accommodations for the job application process can be provided, as appropriate, upon request. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

  • Req ID: 102044
  • Department: Information Services
  • Job Type: Full-Time
  • Position Type: Non-Union
  • Location: Calgary, Alberta
  • Country: Canada
  • % of Travel: 0-10%
  • # of Positions: 1
  • Job Grade: 4
  • Job Available to: Internal & External

  #LI-ONSITE

  #LI-GK1

• About the company

  The Canadian Pacific Railway, known as CP Rail between 1968 and 1996 and simply Canadian Pacific, is a historic Canadian Class I railway incorporated in 1881.

Notice