Description et responsabilités générales du poste

Category: Landing Gear
Job Type: Permanent Full Time
City: Longueuil

Company Bio

Entrepreneurial Leader
Heroux-Devtek, the world’s 3rd largest producer of landing gear, serves the civil and military aerospace markets from production facilities in North America and Europe. The Company’s longevity, flexibility, and track record for the development and implementation of innovative production systems have distinguished it as a leader in the domain. With its most recent acquisitions, Heroux-Devtek is bolstering its status as one of the foremost landing gear, actuation and hydraulic system designers and manufacturers in the global aerospace industry.

Division info

The Landing Gear Market specializes in the design, qualification, manufacture and repair and overhaul of landing gears and flight critical components to a customer base that extends from the OEMs (Original Equipment Manufacturers) to the Operators in both the commercial and military markets.

Summary of position

Working in cooperation with our Information Technology group, and more specifically in information security, the cybersecurity analyst will interact with internal stakeholders and external suppliers to analyze the security risk of the company, restrict its exposure, make recommendations to management while taking care of day-to-day operations. He or she will act as a subject matter expert for his or her field.

Main responsibilities

•Be the point of contact for all cybersecurity matters
•Identify new and emerging cyber risks and prepare recommendations for appropriate countermeasures including, but not limited to, new technology investments, new standards, changes in policy or reconfiguration of existing systems or business processes
•Ensure compliance with Company’s technical standards and policies including NIST 800-171, CMMC and CIS
•Evaluate and coordinate external information security providers and provide recommendations to management on efficiency of external cyber security services
•Work with vendor support teams and user groups to ensure strong, relevant and up-to-date product knowledge as well as help transfer this knowledge to IT support teams
•Manage processes relating to the installation, maintenance and operation of security infrastructure including firewalls, antivirus, IPS and DLP, PAM, NAC, AD, and SIEM
•Provide security oversight and approval during change processes
•Conduct forensic investigations as required
•Lead information security related projects
•Evaluate new security technologies and products and perform engineer-level work and analysis to determine if solutions are acceptable
•Establish proactive monitoring mechanisms to detect potential cases of improper system access attempts (internal) or cyber-attacks (external)
•Establish proactive monitoring mechanisms to detect potential issues with our cybersecurity controls (like vulnerabilities, encryption, compliancy, …)
•Implement relevant KPIs to monitor our cybersecurity controls
•Provide technical advice and guidance on IT security related initiatives
•Report suspected cases of improper system access and initiate investigations with appropriate management approval/direction. Revoke access in cases where improper access attempts are discovered
•Design and documentation of security system configurations and related processes and procedures
•Follow security findings through to successful remediation
•Ensure and monitor network security
•Be able to understand network architecture based on Cisco and Fortinet solutions (switching, routing, firewalling, ...)

Qualifications requises et exigences

•Minimum of 7 years of experience working at an intermediate level role, or above in
Information Security
•Strong understanding of IT security concepts and best practices, as used in desktop, server and network technologies (IDS/IPS, firewall, antivirus, mail hygiene, endpoint security, data protection, authentication, network access)
•Good working understanding of operating systems and internetworking (TCP/IP)
•Demonstrated track record in complex troubleshooting and problem-solving scenarios
•Strong communication skills in order to effectively and clearly communicate potential threats to the company’s senior management, outside vendors and other stakeholders
•Strong track record working effectively in collaborative environments where rapid response to threats is required
•Strong documentation and writing skills
•Strong ability to keep current with emerging technology trends in the field of information security, through subscription to/participation in relevant industry forums, events or trainings
•Good knowledge of systems security requirements and implement best practices.
•Good knowledge of hardened servers and environments
•Fluent in both French and English is required (verbal and written)
•CISSP and/or CISM certification
•CCNA/CISA an asset

Compétences et habiletés

  • Formation : Autre
  • Expérience : Autre
  • Profil : Autre
  • Date limite de dépôt de candidature : 19 juillet 2021

Autres postes similaires

  • 06 mars 2021

    Spécialiste Technique- Qualité

    Détails
  • 06 mars 2021

    Plaqueur IA

    Détails
  • 11 mars 2021

    Électricien d'entretien principal

    Détails