IS Infrastructure Expert NA

Main responsibility will be leading/executing initiatives to deliver new or harden existing IT infrastructure to meet all security & compliance requirements of NIST SP 800-171, CMMC Level 3 or Safran security standards (MSRs).
This incumbent, acting as the Infrastructure lead responsible for security topics, will be responsible for ensuring required security changes are applied to physical IT infrastructure based on the security rules defined by the SLS Security team.
Responsibilities are broken into 4 main areas and will include:
1) Incident Response - The management of all security incidents effecting North American sites.
2) Managing Changes - Evaluating infrastructure and proposing/executing required changes to meet various security requirements.
3) Architecture Design - Ensuring new designs are security compliant or proposing design changes to meet compliance.
4) Infrastructure Security Referent for NA sites - The incumbent will be responsible for all aspects of security compliance from an Infrastructure perspective.

Incident Response:
• Management of security incidents in line with the SLS Incident response procedure defined by Safran & SLS Security teams.
• Resolve security incidents and implement improvements to avoid re-occurrence of the same incident.
• Diagnosing, troubleshooting, root cause analysis and providing resolution to complex security problems for Infrastructure hosted within the Toronto DC(s).
• Responsible for assisting local NA infrastructure teams resolve local incidents.
• Responsible for the proper recording and escalation of incidents to the Deputy CISO.
• The incumbent will be required to carry a work cell phone and be connected with local/global security notification groups.

Managing Infrastructure Changes:
• Responsible for defining/leading the infrastructure actions and projects required to meet customer, regulatory or Safran regulations defined by the Safran or SLS security teams.
• Responsible for reviewing Infrastructure at the other North America sites and defining the infrastructure actions and/or projects required to meet applicable security requirements.
• Reviewing changes of other Infrastructure team members to ensure security compliance is maintained through the change.
• Building Server/Desktop and Network Infrastructure. Building physical rack servers.
• Installing, configuring, maintaining and monitoring Windows 2016/2019 Enterprise servers. Creating VMWare servers including build of OS and services for Windows or Linux.
• Implementing/Configuring new network/Wi-Fi infrastructure (Cisco) to support new initiatives.

Architecture Design:
• Responsible for creating the security design proposals for proposed architecture and presenting these proposals to the Architecture and CISO groups to gain approval.

• Responsible for reviewing all technical architecture documentation, network diagrams, information flow diagrams, security sheets, change controls, DRP Documents, trainings or hand-over documentation to support a security project transition into production.
• Recommending security projects to address vulnerabilities and management of all security equipment/solutions utilized by the North American sites.

Infrastructure Security Referent
• As security referent, working with Deputy CISO and team to ensure security compliance of Infrastructure at the North American sites.
• Responsible for auditing of infrastructure and reporting of audit results as requested by the Deputy CISO.
• Responsible for ensuring all internal controls documentation/testing is performed as assigned by the internal controls group.
• As Security Infrastructure expert, participate in all security related project meetings, ensuring security compliance and ensuring security projects are completed in line with customer, regulatory or Safran deadlines.
• Preparing presentations to present security project status and to present this status to IS Management or security teams.
• Ownership/Management/Control of firewall solutions, core switches and proxy solutions used at the North American sites.
• As authority & referent, providing guidance to other IS infrastructure experts who manage firewall, switch or proxy solutions.

• Pro-active monitoring and development of action plans to address any gaps in the solutions/processes.
• Pro-active review of all alerts and messaging to ensure compliance to export control requirements.
• Working with global teams to ensure security solutions like anti-virus and encryption are working correctly.
• Responsible for all certificate renewal and updates for all TOR Infrastructure.
Working with other IS groups, the incumbent will also be responsible for all required security documentation, policy enforcement and approvals of systems/projects from a security perspective.

Skills & Core Competencies: All skills listed below will be considered an asset, but we are looking for:
- Excellent technical problem-solving skills.
- High level of experience in various IT/IS disciplines, technologies, and platforms (Infrastructure, networking, firewalls, communication protocols, databases and mobility).
- Experience with implementing/managing security for applications, IS infrastructure, Active Directory or cloud-based solutions.
- Working knowledge of Palo Alto, Mcafee, Bluecoat and Forcepoint Firewalls.
- Specific experience with NIST SP 800-171 or CMMC standards and implementation of said standards.
- Knowledge of industrial domain security related to manufacturing facilities.
- Excellent communication skills.
- Innovative mindset and persistence.
- Decision making skills.
- Planning and organization
- Analytical Skills.
- Customer service and continuous improvement mindset.
- Technical Writing Skills. (Specifically related to IS projects)
- Teamwork
- Ability to concurrently project manage a diverse list of items.
- Able to collect and translate business requirements.
- Flexibility, ability to change focus and adopt to changing corporate priorities.
- Time Management skills.

Education or Certifications: All items listed below will be considered an asset, but the candidate must have a recognized University degree, preferred in Computer Engineering, Computer Science, Industrial Engineering
- MCSA (Server and core infrastructure) and Cisco CCNA certification is an asset.
- Security accreditations in the following areas is an asset (AWS, Cisco, Microsoft, Palo-Alto, etc.).
- Good working knowledge of Windows operating systems.
- Excellent working knowledge of networking concepts including an understanding of TCPIP and the OSI networking model.
- Excellent working knowledge of enterprise security principles.
- Must be able to meet Services Canada CGR requirement to a NATO level clearance.

Work Experience - 5 to 7 years.

Communication Skills:
Excellent communication skills required for interactions with target audiences from end users to IS Management. Excellent communications skills required for interaction with other IS personnel at other SLS sites, suppliers, contractors or customers. French language is an asset, but not mandatory.
We are an equal opportunity employer. CGP security clearance