** While this is a remote position, it does require 10-15% travel within the US and Canada. ** Skills Ability to manage multiple projects and provide timely reporting Demonstrated verbal, written communications skills and organizational and leadership skills Bilingual: English and French both verbal and written Investigative, and interview skills Demonstrated level of integrity and judgment concerning privacy issues Demonstrated ability to maintain a well-reasoned, objective, and independent point of view. Able to work in a collaborative manner with teammates within Information Resources as well as the rest of the Organization Knowledge and Experience Detailed knowledge of industry-standard commercial desktop, server, and network operating systems and enterprise database software Hardening Implementation using CIS benchmark and/or STiG Management of Vulnerability solution as well as risk categorization, familiarity and understanding of CVSS scoring systems understanding of PowerShell and Python scripting Firewall Configuration and Management, Antivirus systems configurations, threat hunting, and investigations Knowledge of the OSI Models, understanding the concept of subnetting, and TCP/IP routing Ability to configure Networks and assets in AWS, AZURE and/or GCP Experience Managing and configuring Identity management systems 6 Years of experience as an IT Administrator and/or 3 years as a cybersecurity engineer Key Accountabilities Security Operations Conduct log analysis to identify malicious activity and anomalous behavior is being properly handled by the Cybersecurity tools working close with the Security Operations Center (SOC) Providing cyber security expertise and support for all Cybersecurity Tools involved with supporting the Corporate IT and Client’s production environment Managed and tracked all tools in use by the Security Operations and as well as optimal function, including fine tuning to match capabilities, and requirement outlined before and during deployment Identifying security vulnerabilities and common attack vectors from Keolis Vulnerability management tools and execute any changes that need to be made to continually improve patch timing relative to the threats Perform reviews of the current state of corporate and customer systems to ensure adherence to the company’s information security policy, and standards Network Managment and Monitoring Perform security monitoring of clients, servers, applications, and network infrastructure Track Network devices Vulnerabilities and End of life Deploy Security agents on endpoints and the network environment with help from IT Teams and third parties Project Management Perform planning and implementation activities for medium and high visibility projects Track projects and provide timely reporting Manage security projects that implement infrastructure, applications or systems solutions ensuring timely delivery of functional, technical and security requirements Lead the analysis, design, functional review and interpretation of requirements of security related hardware and software Risk Managment Perform GAP Analysis on various IT processes and requirements, and work with IT to remediate findings. Ability to test and evaluate security controls based on a standard requirement. Required ability to identify process GAPs, misconfigurations in system implementations, and recommend fixes to IT and the business. Manage Security Policy & Standard implementation. Document risk and security policy exceptions Conduct network security assessments. Conduct network security assessments, and support remediation of 3rd party Pentest findings. Define, generate, and ensure the compliance of system documentation and Standard Operating Procedures. Regulatory Requirements Help implementing technical aspects of compliance standards/regulations i.e., HIPAA, PCI DSS, etc. Support the implementation an information security framework based on either ISO 27000 series standard, NIST 800-30, COBIT, etc. Additional Statements: Drug and alcohol screening: Employment contingent upon passing pre-employment drug and alcohol screen. Also, contingent upon receiving a favorable background check. Must pass a physical examination. Safety commitment: Safety is a way of life at Keolis. By placing safety first, we ensure the wellbeing of our employees, customers, and communities. Together we can become the most successful transportation company in the world. Environmental commitment: Keolis is committed to protecting the environment by minimizing the impact of operations to our people and the communities in which we operate. EEO statement: Our policy is to afford Equal Employment Opportunity to qualified individuals regardless of their race, color, sex, religion, age, creed, marital status, national origin, ancestry, physical or mental disability, sexual orientation, or gender identification. We maintain a drug-free workplace and perform pre-employment substance abuse testing. Disclaimer and closing statement: The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of employees assigned to this job. Keolis is committed to offering our employees competitive compensation and benefits, opportunities for development and growth throughout an exciting and rewarding career, and the safest work environment possible. #J-18808-Ljbffr
conducting interviews Verbal communication Vulnerability management security-policy Python powershell Amazon Web Services (AWS) Azure HIPAA PCI DSS Google Cloud Platform (GCP) risk management COBIT Collaboration Security operations center Written communication skills Planning log-analysis Cybersecurity Leadership Cyber threats Project management Organizational skills