Cloud Cybersecurity Specialist

BRP

  • Montreal, QC
  • Permanent
  • Full-time
  • 14 days ago
The CYBER SECURITY Specialist is responsible for managing processes and technologies to defend and protect BRP’s systems and information assets against cyber-attack and adversaries. This critical role requires a detailed understanding of cyber security and in-depth knowledge of Endpoint, Networking, Cloud technologies and Identity; especially in the context CSPM (cloud security posture management) of logging pipelines, observability, and detection engineering know-how to protect such assets in preparation for increasing complexity and emerging threats.Your main tasks will be detection mechanisms that provide comprehensive coverage of know CLOUD SECURITY threats but also build custom CLOUD ASSETS based detections to tackle new threats.YOU’LL HAVE THE OPPORTUNITY TO:
  • Drive and lead deployment, ongoing orchestration and operationalization of cyber security services and products to drive implementation of new Threat Detection Controls within the framework of a threat-informed defense strategy for CLOUD ASSETS with main focus on Azure and GCP.
  • Lead the design and execution of the enterprise security operations processes, procedures, and playbooks as it pertains to CSPM, CWPP, Containers.
  • Manage and monitor:
  • cloud resource entitlements to reduce access risks,
  • cyber tooling output and conduct spot checks for accuracy,
  • cloud configurations to ensure compliance with security best practices (e.g., AWS, Azure, Google Cloud).
  • Manage detection engineering security operations projects, including process improvement and technology investment in the CLOUD.
  • Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats
  • Manage technical aspects of BRP’s cyber technology providers in order to make sure BRP Cyber tech stack is providing all the necessary detective protections.
  • Conduct research within the fields of Security Observability, Vulnerability, Cloud and Container security to develop new strategies and execute deliveries to protect against threats. Stay current with industry trends, emerging threats, and new technologies to ensure the effectiveness of the detection and response capabilities.
  • Respond to monitoring alerts according to defined playbooks and procedures.
  • Implement least-privilege access policies and ensure compliance with identity and access management (IAM) standards. Detect and remediate any identity anomalies in cloud environments.
  • Implement automated tools to maintain a robust security postur
YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:
  • Excellent Azure Security, Microsoft CSPM, GCP skillset with hands-on experience. AWS experience is an asset. Hands-on experience with CSPM, CWP, CIEM, and CNAPP tools.
  • Certifications such as AWS Certified Security - Specialty, Azure Security Engineer, or Google Professional Cloud Security Engineer. Any of GIAC range of certs
  • Experience with PKI
  • Experience with Modern Authentication Technologies such as OAuth2, OpenID Connect and SAML 2.0
  • Experience with infrastructure as code tools, such as Hashicorp Terraform.
  • Experience with CI/CD pipelines (re: automation).
  • Good understanding of Identity (IAM/PAM) in the context of Cloud Security as well as on prem assets (AD, Entra ID)
  • Bachelor’s degree in information technology, security, or similar computer-related field of study and 5+ years of information security experience
  • Experience of Cloud security services/tools deployment and orchestration technologies
  • In-depth familiarity with workflow tools and ability to develop and improve tools/processes
  • Solid knowledge of incident response methodologies, best practices and routines
  • Skilled at identifying various types of events and incidents and applying the right response framework for each (i.e. information mishandling, security vulnerability, system exploit, malware infection, etc.)
  • Medium to advanced understanding of IOC’s, Cyber Kill Chain, MITRE ATT&CK and preventive and detective technical controls.
ACKNOWLEDGING THE POWER OF DIVERSITYBRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.Let’s start with a strong foundation — You want it, we have it:Annual bonus based on the company’s financial resultsGenerous paid time awayPension planCollective saving opportunitiesIndustry leading healthcare fully paid by BRPWhat about some feel good perks:Flexible work scheduleA summer schedule that varies by department and locationHoliday season shutdownEducational resourcesDiscount on BRP productsWELCOME TO BRPWe’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 16,500 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.#LI-Hybrid

BRP