Cyber Security Specialist

The Atlas Corp. and Seaspan teams are goal-driven and share a high-performance culture, focusing on building services offerings to become a leading asset manager. Seaspan provides many of the world's major shipping lines with alternatives to vessel ownership by offering long-term leases on large, modern containerships and pure car, truck carriers (PCTCs) combined with industry leading ship management serves. Seaspan's fleet has evolved over time to meet the varying needs of our customer base. We own vessels in a wide range of sizes, from 2,500 TEU to 24,000 TEU vessels. As a wholly owned subsidiary of Atlas Corp, Seaspan delivers on the company's core strategy as a leading asset management and core infrastructure company.

Position Description:

Reporting to the Sr. Manager, Global Cyber Security & Risk, the Cyber Security Specialist will be instrumental in maintaining robust security protocols and responding to potential cyber threats for both vessels and corporate offices. Key functions of the role include managing day-to-day security systems operations, developing audit plans, incident response planning and investigation, developing and maintaining cybersecurity KPIs, and proactively supporting cybersecurity awareness  and training for various audiences.

Job Responsibilities:

• Lead internal cybersecurity investigations for Seaspan and across Atlas subsidiary companies in coordination with external MDR service providers.
• Research risks and threats, perform cybersecurity risk assessments with cross-functional teams.
• Review and implement network and cloud security solutions, including firewalls, switching, routing, IDS, IPS, NAC, CSPM, and VPNs.
• Provide expert guidance and support implementation of cybersecurity controls for new projects.
• Analyze networks and computing devices for unusual activity, reviewing security logs and propose hardening opportunities.
• Implement and manage security systems, such as IAM, encryption, email security and security monitoring.
• Contribute to Change Advisory Board reviews with a focus on cybersecurity risks and implications.
• Conduct and support cyber security audits for Cloud, IT and OT systems to ensure adherence to internal cybersecurity policies and compliance with SOX and other industry standards.
• Facilitate incident response preparedness exercises to enhance organizational response capabilities.
• Support the vulnerability management program, collaborating with IT infrastructure teams for strategic remediation planning.
• Diagnose and resolve security issues escalated via the ticketing system.
• Assist in the cybersecurity evaluation of new vendors and products.
• Manage and operate Security Information and Event Management (SIEM) systems for continuous monitoring and analysis.
• Deploy and manage endpoint security solutions, such as antivirus software, EDR tools, and device encryption.
• Develop appropriate security controls and enforce security policies and best practices.
• Develop and deliver cybersecurity awareness training programs for employees to educate them on best practices, emerging threats, and organizational security policies.

Requirements:

• 3+ years of hands-on experience working in a security operations for both IT and OT environment ideally.
• Demonstrated experience in all cyber security domains, with a focus on security operations and  IT/OT security management.
• working knowledge of cybersecurity frameworks such as NIST and CIS, principles, standards, practices, and tools.
• Familiarity with risk assessment process and identifying and assessing risks associated with corporate, mission-critical systems environments, computer technology, and infrastructure.
• Hands-on experience with distributed firewalls, and endpoint detection and response technologies.
• Degree or diploma in a related field, preferably with a focus on information security, or accredited certifications such as CISSP, CCSP, and CISM, or an equivalent combination of education, training, and experience.
• Hands-on experience with a variety of data, network, and internet security technologies and products, including firewalls, routers, switches, network intrusion prevention systems, vulnerability and penetration testing tools, encryption key management, and Security Information and Event Management systems.
• Technical knowledge in networking, server infrastructure, operating systems, data center and cloud operations, telecommunications, virtualization, storage technologies, remote user management, and database security.

Additional Desired Qualifications:

• Experience with Marine IT/OT cyber security techologies

• Experience with building automation and integration for cyber security operations

Seaspan Corporation is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to age, race, color, religion, gender, sexual orientation, gender identity, national origin, disability, or protected Veteran status. We thank all applicants in advance. If your application is shortlisted to be included in the interview process, one of our team will be in contact with you.