Finning International Inc.Number of Openings:
Directly reporting to the Global Manager, Information Security Services, the Information Security Engineer is responsible for providing technical expertise of deployed Security solutions, developing security standards/guidelines, and further developing existing technologies to enable ongoing improvements to the organizational security maturity.
This role will develop and implement processes and procedures making recommendations for security policy improvements. Lead the planning, design and implementation of the preventive, detective, and corrective controls to support monitoring, problem identification, data analysis, and resolution for security related incidents. Conduct security awareness training and outreach. Effectively advise and collaborate with all team members (technical and non-technical) using excellent written and verbal communication skills.
Core responsibilities of the Security Engineer may include is to establish a continuous improvement model for the department, by coordinating external penetration scans to detect cybersecurity threats and develop organizational remediation plans with stakeholders. The focus will be to ensure that existing technology platforms are implemented, maintained, and expanded upon using automation and process documentation.Job Description:
- Project Team Integration (30%): Collaborating with project team members to assist in creating required documents & checklists. Reviewing project plans to ensure alignment with security operations is considered and/or new processes are developed. Aiding Security Architecture with completion of project RFI/RFP documentation.
- Security Operational Expertise (50%) - Developing and documenting security standards and best practices that Finning should follow. Supporting the Security Operations Centre (SOC) Operational tasks through automation and technical efficiencies. Responding to any security breaches or intrusions.
- Enhancement of Security maturity (20%) - Helping provide organizational security awareness including content and training. Educating the workforce on information security awareness and best practices. Assisting with rapid, agile digital initiatives by providing design and contract reviews.
- A degree or equivalent education in a related discipline such as Computer Science, Business Computing, or Engineering. Security certification will be an asset.
- Obtained at least one of or working towards the following certifications:
- Certified Information Systems Security Professional (CISSP)
- Information Systems Security Architecture Professional (ISSA)
- GIAC Security Essentials (GSEC)
- GIAC Information Security Professional (GISP)
- Direct experience with Security technologies such as: Firewalls, Endpoint Protection, Cloud Security Platforms, Security Logging & Monitoring, Email filtering.
- Experienced time management skills, researching and developing security policies, standards and procedures.
- Sound understanding and implementation of cybersecurity trends, security methodologies, and OSI model; TCP/IP stack, C++, and Java; Python Net, bash, and power shell.
- Ability to effectively communicate security concepts to technical and non-technical audiences.
- High level of personal integrity, with the ability to handle confidential and otherwise sensitive matters professionally and with the appropriate level of judgment and maturity.
W e are committed to diversity at Finning, to building and sustaining a diverse and inclusive workforce and as an equal opportunity employer we encourage applications from all qualified individuals. Finning does not discriminate against applicants based on genders, races, national and ethnic origins, religions, ages, sexual orientation, marital and family status, and/or mental or physical disabilities.