Senior Cyber Security Engineer

Hexagon Autonomous Solutions is hiring a Senior Cyber Security Engineer. This role involves close collaboration with cross-functional teams across Hexagon to operate, enhance, and maintain enterprise-class security solutions that safeguard Hexagon’s systems and data.

The Senior Cyber Security Engineer will play a vital role in ensuring that Hexagon’s security posture remains resilient by managing critical security technologies, conducting assessments, and driving continuous improvement initiatives. The Senior Cyber Security role is a bridge between the Security Architecture and the Security Engineering team, providing an engineering approach to the architecture initiatives.

The Security Engineering team is responsible for the operation of the company’s security stack, excluding firewalls. The team manages the following technologies:

• Event Detection and Response – the EDRs protecting all Windows and MacOS endpoints, Windows and Linux servers in Hexagon.
• Endpoint Privilege Management, an endpoint protection solution, was selected and deployed for parts of Hexagon's Windows endpoints.
• Network Detection and Response - the NDR solution was selected and deployed to parts of the Hexagon Network.
• Internal PKI, the Public Key Infrastructure used for internal purposes.
• Vulnerability Management – the vulnerability identification agent deployed to Hexagon’s servers.

The team, as the administrators of the security toolset, is expected to be involved on a per-case basis in incident response activities, such as :

• Investigation, triage and analysis of time-sensitive security incidents reported by the monitoring team.
• Coordinate with IT operational resources on proper IT hygiene, closing coverage gaps, and addressing visibility and protection gaps.
• Coordinate with IT operational resources on proper incident response, including containment, internal communication, eradication and recovery.

In addition, the Security Engineering team is responsible for the continuous improvement of these and other technologies, and for defining the configuration and control measures for these tools. This includes evaluating support requests (tickets) that may require troubleshooting or configuration improvements, as well as addressing coverage gaps.

The Location: Hexagon is a global company with locations around the world. This position can be based in Calgary, Vancouver, or home-based in Canada.

Specific responsibilities of a Senior Cyber Security Engineer include, but are not limited to:

• Troubleshoot performance issues caused by the security tools.
• Contribute to the design, implementation, and improvement of integrations between Hexagon security and IT components.
• Develop automations that implement best practices, improve security, and provide visibility and reporting.
• Participate in Proof-of-Concept initiatives for new systems at Hexagon, with a particular emphasis on automation, integration, and operational efficiency.

Must-Have:

• Ability to attain a reliability level security clearance within Canada
• Minimum 5 years’ experience in a cybersecurity engineering role
• Experience securing both on-premises and cloud environments, in both Windows and Linux environments
• Office 365 Security knowledge
• Hands-on experience with various security tools (EDR, NDR, SIEM, etc.)
• Technical capabilities and experience in IT systems and working with IT teams

Key Success Factors:

• Network protocols, network and application security
• Operating systems and system services
• Web and host-based application firewalls, IPS, IDS and Network detection & response technologies
• Antimalware and endpoint event detection and response technologies
• Understanding of APIs (as a consumer /as developer) and integration/automation concepts.
• Security of cloud services (IaaS / PaaS / SaaS)
• The Senior Cyber Security Engineer will need to be proficient in scripting on both Windows (PowerShell) and Linux (Python / Bash / other), and Cloud IaC environments

Nice to Have: 

• Understanding of security management frameworks such as ISO27001 and exposure to maturity models such as CMMC and VAD/TISAX
• Security Architectures and principles, such as Zero trust