IT Security Engineer

Overview

The IT Security Engineer is a key player in safeguarding the organization's information technology systems, networks, and data from potential threats and vulnerabilities. This role is critical in ensuring the confidentiality, integrity, and availability of the company's digital assets, as well as protecting against unauthorized access, data breaches, and cyber-attacks.

The main duties of the IT Security Engineer include Strategic Security Leadership, Threat Management, Incident Response, Security Operations, Collaboration and Expert Guidance, as well as Innovation and Improvement.

By fulfilling these activities, the IT Security Engineer will contribute significantly to the company's overall success and reputation, ensuring a secure and trustworthy technology environment.

About the Role

• Develop, implement, and maintain advanced security architectures and designs to protect the organization's IT infrastructure and data.
• Ensure security controls are integrated into the design and implementation of new systems and services.
• Participate in both project and operationally focused work regarding end user Security Protection technologies and implementing standards/processes. Participates in the implementation of recommendations arising from vulnerability assessments and other potential threats. 
• Provides security event monitoring and incident management support and will be required to serve as an incident manager as part of DP World Canada IT Incident Management process.
• Develops communications and actively promotes information security awareness among all staff and advises internal organizations on best practices for securely managing information as well as assists with the design & implementation of a formal security awareness/training program for Information Security & Compliance.
• Provides input to audit log requirements/designs and periodically checks audit logs to ensure these are being maintained to agreed retention levels.
• Responsible for coordinating security assessments. Coordinates and report on the results of penetration testing, proactively identifies and mitigates both internal and external threats to DP World Canada information landscape and assists in the development of security checklists.
• Ensure optimal configuration and maintenance of security systems to provide continuous protection.
• Responsible for IT risk management by maintaining a risk/control framework that accurately reflects the IT control environment and alignment to the Information Security Policy and standards and provides recommendations on risk assessment and collaborate with legal and audit teams on items related to security & compliance.
• Provide security guidance and recommendations during the development and deployment of new applications and systems.
• Stay current with the latest security trends, threats, and technologies.
• Recommend and implement enhancements to the organization's security posture.

About You

Qualifications

• A bachelor's in computer science or IT Security or a combination of equivalent professional training and security industry certifications, combined with a minimum of three years related work experience in a position(s) with increasing responsibility may be accepted.

Experience

• Experience in information technology that encompasses a variety of roles, such as working with SIEM, Data Loss Protection, Vulnerability Management, Forensics, IDS/IPS, privilege and identity management as well as software and security architectures, like NIST and ISO27001.
• Thorough knowledge of information security principles and practices.
• Knowledge of industry standard processes (SDLC, CMMI, Change Mgmt, ITIL, OWASP), methodologies, standards, best practices and encryption methods and techniques.
• Understanding of network and host-based intrusion detection (NDS/HDS), non-repudiation, access control, network security, threat modelling, SSL / TLS, Digital Signatures, auditing architectures, application vulnerabilities and Public Key Infrastructure (PKI) is desired.
• Understanding of methods and models within information security & compliance to include risk analysis and mitigation, policies, regulatory environment, technologies, architecture, and best-practices.

Job Function, Technical Knowledge and Skills   

• Strong communication skills: You are an exceptional listener.  You communicate clearly.  You write exceptionally well, and you speak eloquently. You can explain just about anything to anyone.  You’re comfortable on the phone or to groups of people – at any level.  You are incredibly tactful when delivering the facts.   
• Problem solving: You enjoy solving problems.  Getting to the root cause.  You love taking on difficult challenges and finding creative, innovative solutions.  You don’t get flustered easily.  If you don’t know the answer, you’ll dig until you find it.
• Detail oriented: You pay strong attention to the details as it is one of your core qualities.  As far as you are concerned, anything worth doing is worth doing right, every single time.  You stay focussed and nothing falls through the cracks on your watch. 
• Exceptional critical thinking skills: you can identify gaps in logic and underlying causes of issues; You think on your feet.  You like learning new things, and you can learn quickly.