CN Rail Careers – Expert, Network Security Architecture

Job Description:

The purpose of this role is to evaluate network solutions, configurations, and designs against security requirements, and define cybersecurity reference architectures and standards for all network environments at CN.

At CN, we work together to move our company—and North America—forward. Be part of our Information & Technology (I&T) team, a critical piece of the engine that keeps us in motion. From enterprise architecture to operational technology, our teams use the agile methodology to automate and digitize our railroad ensuring our operations run optimally and safely and our employees can focus on value-added tasks. You will be able to develop your skills and career in our close-knit, safety-focused culture working together as ONE TEAM. The careers we offer are meaningful because the work we do matters. Join us!

Job Responsibilities:

• Define the proper course of action and investment strategy by building business cases and security roadmaps.
• Ensure the network security architecture is maintainable, sustainable and properly documented.
• Put in place the proper sets of network security architecture controls to manage safety and security risk while enabling the business for technology systems such as: service-oriented-architectures; cloud technologies and containers; advanced analytics; AI; Industrial IoT;, networking infrastructure; mobile technologies; etc.
• Ensure the full documentation of security designs, as built architectures and operational processes through clear diagrams and well-written documents.
• Maintain and build relevant, current, valid and reliable team knowledge related to network security architecture.
• Advance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Collaborate with the CISO, Sr Mgr Network Security Architecture, cybersecurity team, portfolio managers, other architects, and I&T leadership to understand the business direction and consequent impact on the security posture.
• Engage the network security vendor ecosystem to understand capabilities and limitations to drive improvements in the security posture of current products, and assist in the selection of the right partners.
• Facilitate key decisions involving network architecture and technologies.
• Continuously monitor and evaluate the environment through self-assessments and independent security reviews. Enable management to identify deficiencies and inefficiencies and to initiate improvement actions though security roadmap and strategies.

Job Requirements:

• Ability to define and organise an architecture security apparatus in reusable building blocks: patterns, services, components, capability models, etc;
• Knowledge of general IT security architecture and technologies including: service-oriented-architectures, mobile technologies including Mobile Device Management (MDM), data-centric design, advanced analytics, AI, Identity and Access Management (IAM) lifecycles, Digital Forensics, End Point Encryption, Encryption Key Management, Database Security, Enterprise Directory Services, IDS, IPS, Next Generation Firewall, Application Firewall, Enterprise Password Vaults , Cloud SaaS /PaaS/IaaS Security, SIEM, etc.
• Strong knowledge of the processes, methodologies, tools and techniques, used for building large information technology systems;
• Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological solutions that provide practical risk mitigation and business enablement;
• Knowledge of standards, regulations and legislation governing Information Security, e.g. NIST, ISO 27001, OWASP;
• Ability to derive security requirements from vaguely formulated business needs;
• Railroad, transportation, or Global industrial experience is a significant plus
• Knack for prioritizing tasks and working in a fast-paced environment;
• Virtual appliance configuration experience
• Deep knowledge of security foundations: cryptography, Root of Trust, security models, etc.
• In depth understanding of infrastructure and network architecture and design, LAN/WAN implementation, and Windows/Linux environments
• Excellent written and verbal communication skills;
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Proven experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations;
• Detail-oriented self-starter with a high level of commitment and personal motivation;
• Strong knowledge of the technologies and architecture principles required to secure complex network environments such as: 802.1X, Cisco ISE, packet capture and analysis, NetFlow, SFlow, NGFW, Zero Trust, VPN, VLANs, IDS, IPS, ACLs, device authentication, network behavior anomaly detection, SOAR, firewall configuration management, DDoS protection, etc;
• Deep understanding of network protocols and standard approaches for network segmentation.
• Experience with Agile and DevOps methodologies

Qualification & Experience:

• Minimum 5 years experience in network security architecture
• Minimum 12 years overall IT work experience
• At least one recognized network security certification: e.g. Certified Information Systems Security Professional (CISSP), GIAC Certified Enterprise Defender (GCED), Cisco Certified Internetworking Expert (CCIE) – Security, Palo Alto Networks Certified Network Security Engineer (PCNSE), etc.
• Architecture related certifications (TOGAF, Zachman, CISSP-ISSAP, etc.) preferred
• Bachelor’s degree in Computer Science, Computer Engineering, Electrical Engineering, System Analysis or other relevant field
• Minimum 8 years network security experience

Job Details:

Company: CN Rail

Vacancy Type:  Full Time

Job Location: Edmonton, AB, CA

Application Deadline: N/A

Apply Here

careers-trivia.net