Canadian Pacific (CP) and Kansas City Southern (KCS) are now CPKC. As the only truly North American railway, we are making big moves! Drawing on our strong foundations and heritage, CPKC moves essential goods across our 20,000-mile network to support economic growth throughout Canada, the U.S. and Mexico. Be a part of history as we connect a continent and create exciting career opportunities across our new transnational network. Visit cpkcr.com to learn about the CPKC advantage, our purpose and culture.

　　PURPOSE OF THE POSITION:

　　Support enterprise security related objectives in the operational technology space, including tactical (threat detection and incident response) and governance aspects. Member of a diverse team of enterprise security experts that works to protect the confidentiality, integrity, and availability of information systems.

　　POSITION ACCOUNTABILITIES:

　　Coordinate with stakeholders such as Internal Controls, Internal Audit etc. for compliance (e.g. SOX) related tasks

　　Assist in managing and improving the security awareness program

　　Work with IT, business, and third-party vendors to perform security risk assessments on new and existing systems, processes, and technologies (including cloud solutions) to identify any security risks and coordinate with stakeholders to mitigate the risk; improve the efficiency of the assessment process.

　　Develop, implement. and maintain cybersecurity policies, standards, directives, and processes. Raise awareness about these amongst the end-users

　　Provide guidance/consultation to the project teams/application teams/business to implement security best practices

　　Manage and lead the improvement initiatives for the existing security risk management tools including improving the process/workflows, designing, and implementing new workflows, updating manuals, raising awareness about the tools, and maintaining the security risk register by documenting and monitoring risks as required

　　Lead initiatives to improve the maturity of the security risk management program by working towards the alignment with NIST framework; conduct gap assessments, and assign and coordinate for the follow-up tasks with different teams, etc.

　　Monitor, analyze, and interpret security/system logs for events, operational irregularities, and potential incidents; respond to alarms and incidents, follow response playbooks

　　Administer, maintain, and support various systems including vulnerability management, email hygiene, and multifactor authentication

　　Perform vulnerability scans, analysis, validation, and remediation activities; classify and prioritize the risk of new vulnerabilities; provide IT and business teams with information security advice and guidance on vulnerability remediation

　　Develop, implement, and maintain cybersecurity procedures and configurations; research and assess emerging security threats and vulnerabilities and provide position papers; assist with the execution of CPKC's information security strategy and roadmap

　　POSITION REQUIREMENTS:

　　1+ years in information technology security, operational technology, information technology, or a similar field

　　Experience in an IT/cyber risk management or security risk assessment role

　　Security or technical experience in operation technology environments

　　WHAT CPKC HAS TO OFFER :

　　Flexible and competitive benefits package

　　Competitive company pension plan

　　Employee Share Purchase Plan

　　Performance Incentive Program

　　Annual Fitness Subsidy

　　Part-time Studies Program

　　ADDITIONAL INFORMATION:

　　As an employer with North American presence, the possibility does exist that the location of your position may be changed based on organizational requirements.

　　Background Investigation:

　　The successful candidate will need to successfully complete the following clearances:

　　Criminal history check

　　Reference check

　　Management Conductor Program:

　　Becoming a qualified conductor or locomotive engineer is the single best way for a management employee to learn the business at CPKC. You may be required to obtain a certification or to maintain your current certification/qualification as a conductor or locomotive engineer.

　　CPKC is an employment equity employer committed to the principles of employment equity and inclusion. We encourage all qualified candidates to apply including women, Black, Indigenous, People of Colour (BIPOC), members of the LGBTQ+ community, and people with disabilities. Accommodations for the job application process can be provided, as appropriate, upon request. All applicant information will be managed in accordance with the federal Personal Information Protection and Electronic Documents Act (PIPEDA).

　　Req ID: 102042

　　Department: Information Services

　　Job Type: Full-Time

　　Position Type: Non-Union

　　Location: Calgary, Alberta

　　Country: Canada

　　% of Travel: 0-10%

　　of Positions: 1Job Grade: 5

　　Job Available to: Internal & External

　　#LI-ONSITE

　　#LI-GK1