Cyber Security Specialist

The Atlas Corp. and Seaspan teams are goal-driven and share a high-performance culture, focusing on building services offerings to become a leading asset manager. Seaspan provides many of the world's major shipping lines with alternatives to vessel ownership by offering long-term leases on large, modern containerships and pure car, truck carriers (PCTCs) combined with industry leading ship management serves. Seaspan's fleet has evolved over time to meet the varying needs of our customer base. We own vessels in a wide range of sizes, from 2,500 TEU to 24,000 TEU vessels. As a wholly owned subsidiary of Atlas Corp, Seaspan delivers on the company's core strategy as a leading asset management and core infrastructure company.

Position Description:

Reporting to the Cyber Security Manager, the Cyber Security Specialist will be instrumental in the operationalization and optimization of security toolsets for Seaspan. This role is critical in maintaining robust security protocols and responding to potential cyber threats. Key functions of the role include managing security systems, developing audit plans, incident response planning and investigation, and developing and providing cybersecurity education and training for various audiences.

Job Responsibilities:

• Provide expert guidance on the architecture and implementation of cybersecurity infrastructure for new projects. 
• Engage in cybersecurity investigations within Seaspan and across Atlas subsidiary companies. 
• Research risks and threats, perform cybersecurity risk assessments with cross-functional teams. 
• Design and implement network and cloud security measures, including firewalls, switching, routing, IDS, IPS, NAC, CSPM, and VPNs. 
• Monitor and analyze networks and computing devices for unusual activity, reviewing security logs for potential threats. 
• Implement and manage cloud security controls, such as IAM, encryption, and security monitoring. 
• Collaborate with cloud service providers to ensure compliance with security standards 
• Contribute to Change Advisory Board reviews with a focus on cybersecurity implications. 
• Ensure secure authentication to corporate resources through proper configuration of toolsets. 
• Conduct audits on Cloud, IT and OT systems to ensure adherence to internal cybersecurity policies and compliance with SOX and other industry standards. 
• Facilitate incident response preparedness exercises to enhance organizational response capabilities. 
• Oversee the vulnerability management program, collaborating with IT infrastructure teams for strategic remediation planning. 
• Perform access reviews of privileged accounts to ensure secure and appropriate use. 
• Diagnose and resolve security issues escalated via the ticketing system. 
• Assist in the cybersecurity evaluation of new vendors. 
• Implement and manage email security solutions, including spam filters, anti-phishing tools, and email encryption 
• Manage and operate Security Information and Event Management (SIEM) systems for continuous monitoring and analysis. 
• Deploy and manage endpoint security solutions, such as antivirus software, EDR tools, and device encryption. 
• Develop and enforce security policies and best practices. 
• Develop and deliver cybersecurity awareness training programs for employees to educate them on best practices, emerging threats, and organizational security policies.

Requirements:

• 6+ years of experience in the IT security domain, ideally as an analyst or a specialist. 
• Demonstrated experience in Cyber Security, with a focus on securing Operational, cloud, and Information technologies. 
• In-depth knowledge of cybersecurity trends, principles, standards, practices, and tools. 
• Familiarity with corporate, mission-critical systems environments, computer technology, and infrastructure. 
• Hands-on experience with distributed firewalls, and endpoint detection and response technologies. 
• Degree or diploma in a related field, preferably with a focus on information security, or an equivalent combination of education, training, and experience. 
• Familiarity with a variety of data, network, and internet security technologies and products, including firewalls, routers, switches, network intrusion prevention systems, vulnerability and penetration testing tools, encryption key management, and Security Information and Event Management systems.

Additional/Desired Qualifications:

• Practical experience with information security controls. 
• Technical expertise in networking, server infrastructure, operating systems, data center and cloud operations, telecommunications, virtualization, storage technologies, remote user management, and database security. 
• Experience in securing and monitoring cloud environments, such as Amazon Web Services and Microsoft Azure.

Job Demands and Physical Requirements:

• Availability via a mobile device outside of office hours.
• Occasional travel may be required and may be on short notice.