Senior Cybersecurity Engineer

Meet the Smart Safety Company

At Safe Fleet our name says it all. We make fleet vehicles – and everyone in and around them – safer. Our fleet safety platform brings together best-in-class products, ground-breaking technology, and a 100-year history of fleet know-how and innovation to solve the world's biggest fleet safety problems.

Our core value is safety. Without safety first, efficiency and productivity are not possible. This is true for our products, our culture, and our relationship with our community. Our vision is to reduce preventable deaths and injuries in and around fleet vehicles with a goal of ZERO accidents.

We are re-defining what safety means for fleets of every type – from school buses to waste collection trucks, firefighting to utility vehicles, police cruisers to delivery vans.

Whether you work in our Charlotte plant to build life-saving stop arms for school buses, or design advanced camera vision products in our Vancouver office, forge valves and high-quality nozzles to fight fires, or dream up new ways to protect fleet operators in our Corporate HQ in Kansas City, you'll contribute to our goal to keep everyone safe.

We are a fast-growing manufacturing, service, and technology company with over 1700 employees in over 15 locations across Canada and the US. We're looking for motivated self-starters with innovative thinking to join our team and help us achieve our growth and performance goals. Sound like you?

Overview

We are seeking an experienced Senior Cybersecurity Engineer to join our team. The ideal candidate will have extensive experience in cybersecurity, with a strong focus on Azure Cloud. A relevant degree in Cybersecurity or certifications such as OSCP, CISSP, Security+, CEH are essential.

Responsibilities:

• Lead, manage, and perform ongoing cybersecurity activities and related tasks, ensuring alignment with the Director of Cloud Engineering, Cybersecurity, and Compliance.
• Lead, define, and implement the vulnerability remediation program for applications (software & firmware) and cloud infrastructure. Maintain end-to-end visibility on the overall impact of remediation efforts.
• Should have strong experience designing and implementing industry standard technical security measures, for software and cloud infrastructure, leveraging frameworks such as GovRAMP/StateRAMP, NIST
• Liaison with SOC Team for ensuring real-time and accurate monitoring and reporting of prevention and detection activities. Identify opportunities for improvement in collaboration with the SOC team.
• Provide recommendations for initiatives to enhance the company's cybersecurity and operational resilience. Review architecture and make recommendations for improvements and new solutions.
• Spearhead and design the end-to-end execution of the company's Recovery Strategy. Lead the implementation of robust containment and eradication strategy for the Azure cloud platform and hosted applications.
• Design the Incident Response Plan for isolation of potential issues, implement mitigation and hardening measures.
• Should possess a strong understanding of forensic methodologies, security analysis, security assessment, networking, platform, and risk management.
• Implement data loss prevention measures in Azure to protect sensitive information.
• Manage identity and authentication measures in Azure and identify mechanisms to enhance security.
• Should have knowledge of cryptography measures and recommend solutions to suit business requirements and enhance measures for encryption of data in transit and at rest.
• Support management in periodic reporting of the cybersecurity posture and provide necessary evidence for the ongoing audits.
• Should have strong knowledge of networking security and Azure Web Application Firewall (WAF) is beneficial. Advise on implementation of cloud security measures, IAM, WAF, and MS Defender policies.
• Prepare and maintain comprehensive security reports, logs, and documentation.
• Knowledge of embedding security into the CI/CD pipeline and development processes utilizing GitHub Advanced Security.
• Gathering and utilizing threat intelligence to proactively defend the environment.

Salary Range: $120,000 - $150,000/yr CAD

We are an equal opportunity employer that is committed to creating a diverse and inclusive workplace where everyone is valued and respected. We embrace diversity and do not discriminate based on race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, or any other legally protected status. We promote fair and equitable hiring practices and foster a culture of inclusivity and respect. Our core values of integrity, innovation, teamwork, customer focus, and safety guide our efforts to provide a workplace where all employees can thrive and reach their full potential.

• 5+ years of experience in leading diverse cybersecurity initiatives from design through implementation and adoption for applications and cloud infrastructure (Azure).
• Experience with Microsoft Azure, GitHub Advanced Security, SonarQube, MS Defender for Cloud, Zscaler, Tenable
• Experience with Jenkins, GitHub, Docker, and general workflow of CI/CD pipelines.
• Windows, Cloudflare, Kali, Linux, (automation)
• Experienced conducting penetration testing for applications, networks, and cloud infrastructure. Experience with Hardware devices or components is a good to have.
• Experience in analyzing vulnerabilities, conduct assessments, evaluating the environment for potential threats and experience with providing and implementing remediation solutions is expected.
• Knowledge with SIEM (Microsoft Sentinel) and EDR tools (SentinelOne)
• Solid knowledge of IAM, WAF, vulnerability management, and incident response
• Knowledge of DevSecOps practices and CI/CD integration
• Experience with forensic tools and disaster recovery planning
• Exposure to threat intelligence platforms and third-party risk tools
• Familiarity with security frameworks (NIST, ISO and regulatory compliance
• Knowledge of NIST CSF or NIST is good to have (partial adoption)
• Familiarity with Jira and Confluence is nice to have