Expert, Cloud Network, Security Operation Center

Main Responsibilities

Operation Support

• Lead the team by providing technical guidance and methodology with regards to the security practice
• Interface and guide product managers, project managers (PMs) and architecture to align corporate priorities within the team
• Ensure solutions are in line with business expectations and CN's vision
• Contribute to process improvement and elaboration
• Contribute to Request for Proposals (RFPs) and Root Cause Analysis (RCA)
• Participate collecting, assessing, and cataloging threat indicators

Practice Evolution

• Enable the Continuous Service Improvement lifecycle (e.g., reporting for various internal audiences, conduct regular interactions with Governance, enable the Cloud Security Management Lifecycle)
• Oversee process improvements, and drive implementation of new capabilities to enhance defense and response of CN cloud systems and networks
• Develop and apply high standards to reduce impact on operations and reduce total Cost of Ownership (TCO)
• Provide information security risk analysis and strategic recommendations for the ongoing improvement of the security posture of corporate networks, systems and services
• Develop comprehensive security write-ups and presentations, which describe security issues, analysis, and remediation techniques to company leadership
• Act as liaison between different departments providing guidance
• Provide targeted training and workshops to various teams on a regular basis

Delivery

• Oversee development of new cloud security operations literature for use across CN information security functions by Security Operation Center (SOC) team members
• Maintain knowledge of the threat landscape
• Implement a shown testing methodology using industry-leading tactics and techniques
• Adapt information security approaches to target real-world enterprise challenges

Working Conditions

The role has standard working conditions in an office environment with a regular workweek from Monday to Friday. Due to the nature of the role, the incumbent must be able to meet tight deadlines, handle pressure and stress. The role requires minimal travel (5% across North America in accordance with CN policy for meetings.

Requirements

Experience

Network Security
• Between 7 to 10 years of network security industry experience
• Minimum 5 years of experience demonstrating technical leadership qualities and overseeing deliverables
o Demonstrated experience building and managing systems and programs
o Demonstrated experience working with senior management on very sensitive projects that require the utmost discretion and maintaining strict confidentiality on all data, records, and tasks
o Demonstrated ability to lead the development of specific proactive procedures for the detection of security breaches across a large enterprise network

Education/Certification/Designation

• Master's Degree in Computer Science or related field or equivalent work experience
• Advanced Incident Response, Threat Hunting and Digital Forensics (GCFA)
• GIAC Certified Enterprise Defender (GCED)
• Certified Information Systems Security Professional (CISSP)
• GIAC Certified Incident Handler (GCIH)
• Certified Information Systems Manager (CISM)
• GIAC Enterprise Vulnerability Assessor (GEVA)
• Certified in Risk and Information Systems Control (CRISC)
• Cloud Security Certifications
• Information Technology Infrastructure Library (ITIL) Certification
Any designation for these above would be considered as an asset

Competencies

• Applies critical thinking
• Knows the business and stays current on industry needs
• Collaborates with others and shares information
• Communicates with impact
• Identifies needs and finds solutions to create value for all stakeholders
• Identifies potential safety and security risks
• Leads by example for the safety and security of all

Technical Skills/Knowledge

• Expertise in public cloud platforms, hybrid and multi-cloud environments, and containerization technologies for scalable and secure solutions
• Proficiency in implementing and handling security frameworks and compliance standards
• Strong knowledge of cloud Identity and Access Management (IAM) services, privileged access management tools, and multi-factor authentication solutions
• Familiarity with cloud firewalls, web application firewalls, zero trust architectures, and Distributed Denial of Service (DDoS) mitigation strategies
• Expertise in securing Application Programming Interface (APIs), microservice architectures, and service mesh security
• Experience integrating security into Development Operations (DevOps) practices, securing infrastructure as code, and implementing container security measures
• Ability to assess and handle cloud security posture using relevant tools and best practices
• Proficiency in scripting languages (e.g., Python, PowerShell, Bash), IaC on Terraform for automating security processes and cloud infrastructure management
• Knowledge of common network and application stack protocols (Transmission Control Protocol/Internet Protocol (TCP/IP), Simple Mail Transfer Protocol (SMTP), Domain Name System (DNS), Transport Layer Security (TLS), Extensible Markup Language (XML), HyperText Transfer Protocol (HTTP))
• Understanding of key security concepts and analytical techniques

About CN

CN is a world-class transportation leader and trade-enabler. Essential to the economy, to the customers, and to the communities it serves, CN safely transports more than 300 million tons of natural resources, manufactured products, and finished goods throughout North America every year. As the only railroad connecting Canada's Eastern and Western coasts with the Southern tip of the U.S. through a 19,500 mile rail network, CN and its affiliates have been contributing to community prosperity and sustainable trade since 1919. CN is committed to programs supporting social responsibility and environmental stewardship. At CN, we work as ONE TEAM, focused on safety, sustainability and our customers, providing operational and supply chain excellence to deliver results.