IT Security Engineer

DP World

DP World is a world leader in logistics management services. We ensure future viability of global international trade & prosperity of communities around the world.

The IT Security Engineer is a key player in safeguarding the organization's information technology systems, networks, and data from potential threats and vulnerabilities. This role is critical in ensuring the confidentiality, integrity, and availability of the company's digital assets, as well as protecting against unauthorized access, data breaches, and cyber-attacks.

The main duties of the IT Security Engineer include Strategic Security Leadership, Threat Management, Incident Response, Security Operations, Collaboration and Expert Guidance, as well as Innovation and Improvement.

By fulfilling these activities, the IT Security Engineer will contribute significantly to the company's overall success and reputation, ensuring a secure and trustworthy technology environment.

About the Role

• Develop, implement, and maintain advanced security architectures and designs to protect the organization's IT infrastructure and data.
• Ensure security controls are integrated into the design and implementation of new systems and services.
• Participate in both project and operationally focused work regarding end user Security Protection technologies and implementing standards/processes. Participate in the implementation of recommendations arising from vulnerability assessments and other potential threats.
• Provide security event monitoring and incident management support and will be required to serve as an incident manager as part of DP World Canada IT Incident Management process.
• Develop communications and actively promote information security awareness among all staff and advise internal organizations on best practices for securely managing information as well as assist with the design & implementation of a formal security awareness/training program for Information Security & Compliance.
• Provide input to audit log requirements/designs and periodically check audit logs to ensure these are being maintained to agreed retention levels.
• Responsible for coordinating security assessments. Coordinate and report on the results of penetration testing, proactively identify and mitigate both internal and external threats to DP World Canada information landscape and assist in the development of security checklists.
• Ensure optimal configuration and maintenance of security systems to provide continuous protection.
• Responsible for IT risk management by maintaining a risk/control framework that accurately reflects the IT control environment and alignment to the Information Security Policy and standards and provides recommendations on risk assessment and collaborates with legal and audit teams on items related to security & compliance.
• Provide security guidance and recommendations during the development and deployment of new applications and systems.
• Stay current with the latest security trends, threats, and technologies.
• Recommend and implement enhancements to the organization's security posture.

About You

Qualifications

• A bachelor's in computer science or IT Security or a combination of equivalent professional training and security industry certifications, combined with a minimum of three years related work experience in a position(s) with increasing responsibility may be accepted.

Experience

• Experience in information technology that encompasses a variety of roles, such as working with SIEM, Data Loss Protection, Vulnerability Management, Forensics, IDS/IPS, privilege and identity management as well as software and security architectures, like NIST and ISO27001.
• Thorough knowledge of information security principles and practices.
• Knowledge of industry standard processes (SDLC, CMMI, Change Mgmt, ITIL, OWASP), methodologies, standards, best practices and encryption methods and techniques.
• Understanding of network and host-based intrusion detection (NDS/HDS), non-repudiation, access control, network security, threat modelling, SSL/TLS, Digital Signatures, auditing architectures, application vulnerabilities and Public Key Infrastructure (PKI) is desired.
• Understanding of methods and models within information security & compliance to include risk analysis and mitigation, policies, regulatory environment, technologies, architecture, and best-practices.

Job Function, Technical Knowledge and Skills

• Strong communication skills: You are an exceptional listener. You communicate clearly. You write exceptionally well, and you speak eloquently. You can explain just about anything to anyone. You’re comfortable on the phone or to groups of people – at any level. You are incredibly tactful when delivering the facts.
• Problem solving: You enjoy solving problems. Getting to the root cause. You love taking on difficult challenges and finding creative, innovative solutions. You don’t get flustered easily. If you don’t know the answer, you’ll dig until you find it.
• Detail oriented: You pay strong attention to the details as it is one of your core qualities. As far as you are concerned, anything worth doing is worth doing right, every single time. You stay focused and nothing falls through the cracks on your watch.
• Exceptional critical thinking skills: you can identify gaps in logic and underlying causes of issues; You think on your feet. You like learning new things, and you can learn quickly.