Canadian Pacific Railway Limited

Expert Security Architecture

Canadian Pacific Railway Limited$120K — $150K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • 12+ years overall work experience
  • 8+ years experience in IT
  • 5+ years in security architecture across enterprise environments
  • Experience with multi-cloud solutions like AWS and Azure
  • At least one recognized cloud security certification required

Responsibilities

  • Define and implement security architecture controls to manage risk amid business capabilities
  • Ensure maintainability and documentation of security architecture across environments
  • Enforce security patterns for AI workloads, focusing on risk management
  • Assess AI-enabled solutions for emerging risks
  • Partner with cross-functional teams to integrate security controls into AI solutions
  • Produce audit-ready architecture artifacts aligned with governance requirements
  • Provide authoritative security guidance across enterprise architecture decisions

Benefits

  • Professional development opportunities
  • Mentorship and training programs
  • Engagement with a broad technology and cybersecurity vendor ecosystem
  • Access to cutting-edge technologies and methodologies
  • Contribution to innovative solutions in a dynamic industry
Full Job Description
Job Summary

The purpose of this role is to evaluate technology solutions, configurations, and designs against security requirements, and define cybersecurity reference architectures and standards across enterprise environments at CN (including cloud, on-premises, data, and emerging technologies such as AI). This role drives secure-by-design principles across engineering and operational teams by integrating security into architecture practices, development workflows, and enterprise technology decisions.

Main Responsibilities

Security Architecture Practice
  • Define and implement enterprise security architecture controls to manage risk while enabling business capabilities across domains such as cloud platforms, enterprise applications, data, AI/ML, industrial systems, networking, and end-user technologies.
  • Ensure security architecture across enterprise environments is maintainable, sustainable, and properly documented.
  • Define and enforce security design patterns and controls for Artificial Intelligence (AI) and Generative AI workloads, including model lifecycle security, data protection, and responsible use.
  • Assess AI-enabled solutions for emerging risks such as prompt injection, model manipulation, data leakage, and unauthorized use of enterprise data.
  • Partner with Responsible AI, Data, and Architecture teams to integrate security controls into AI and machine learning solutions. Define security standards and guardrails for AI technologies aligned with enterprise policies, regulatory expectations, and risk tolerance. Contribute to the development of secure AI usage guidelines and governance frameworks.
  • Maintain and build relevant, current, valid, and reliable team knowledge related to security architecture to leverage existing cybersecurity infrastructure and process, where appropriate, and drive configuration standards while supporting digital transformation in the I&T environment
  • Facilitate key decisions involving architecture and technologies. Influence enterprise architecture decisions by providing authoritative security guidance across programs and portfolios.
  • Act as a trusted advisor to senior stakeholders on security architecture trade-offs and risk decisions.
  • Advance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members
  • Produce architecture artifacts that are audit-ready and aligned with enterprise governance and compliance requirements.

Security Roadmap and Strategy
  • Report to the Senior Manager, Security Architecture and support the execution of the enterprise security architecture strategy defined by the CISO organization.
  • Operate as a senior individual contributor within the Security Architecture team, providing technical leadership and influencing cross-functional delivery teams.
  • Define the proper course of action and investment strategy by building business cases and security roadmaps
  • Engage technology and cybersecurity vendor ecosystems to understand capabilities and drive improvements in the overall security posture.
  • Engage the cybersecurity vendor ecosystem to understand capabilities, options for compensating controls and risk mitigations to facilitate the selection of partners that integrate with the overall architecture
  • Continuously monitor and evaluate the environment through self-assessments and independent security reviews. Enable management to identify deficiencies and inefficiencies and to initiate improvement actions though security roadmap and strategies

Requirements

Experience
  • Minimum 12 years overall work experience
  • Minimum 8 years I&T experience
  • Minimum 5 years experience in security architecture across enterprise environments (including cloud, applications, data, or infrastructure).
  • Proven experience in applying a structured approach to problem resolution in large, geographically dispersed organizations with 24/7 operations
  • Multi-cloud experience including AWS, Azure, and Google Cloud Platform, an asset
  • Experience with Agile and DevOps methodologies, an asset
  • Railroad, transportation, or Global industrial experience is a significant asset

Education/Certification/Designation
  • Bachelor's degree in Computer Science, Computer Engineering, Electrical Engineering, System Analysis, or another relevant field
  • At least one recognized security certification (e.g., CISSP, CISM, CISA, CCSP, CCSK, GIAC or equivalent), demonstrating a strong foundation in information security principles across enterprise environments.
  • Architecture related certifications (TOGAF, Zachman, CISSP-ISSAP, etc.) asset

Competencies
  • Ability to define and organize an architecture security apparatus in reusable building blocks: patterns, services, components, capability models, etc.
  • Demonstrated capability to understand the security implications of complex business operations and how they are linked to technological solutions that provide practical risk mitigation and business enablement
  • Ability to derive security requirements from vaguely formulated business needs
  • Ability to interact with a broad cross-section of personnel to explain and enforce security measures
  • Excellent written and verbal communication skills
  • Detail-oriented self-starter with a high level of commitment and personal motivation
  • Knack for prioritizing tasks and working in a fast-paced environment

Technical Skills/Knowledge
  • Strong knowledge of the processes, methodologies, tools, and techniques, used for building large information technology systems
  • Knowledge of standards, regulations and legislation governing Information Security, e.g. NIST, ISO 27001, OWASP
  • Knowledge of general IT security architecture and technologies including: service-oriented-architectures, mobile technologies including Mobile Device Management (MDM), data-centric design, advanced analytics, AI, Identity and Access Management (IAM) lifecycles, Digital Forensics, End Point Protection, Encryption, Encryption Key Management, Database Security, Enterprise Directory Services, IDS, IPS, Next Generation Firewalls, Application Firewalls, Enterprise Password Vaults, Cloud SaaS /PaaS/IaaS Security, SIEM, etc., an asset.
  • Knowledge of enterprise security architecture domains including application security, data security, identity and access management, network security, and operational technology (OT) security.
  • Understanding of securing APIs, OpenID Connect, OAuth an asset
  • Understanding networking including SD-networks and service meshes, an asset
  • Knowledge of container security concerns, especially with Kubernetes, an asset

About Canadian Pacific Railway Limited

Canadian Pacific Railway Limited (CP) is a transcontinental railway in Canada and the United States with direct links to major ports on the west and east coasts. CP provides North American customers a competitive rail service with access to key markets in every corner of the globe. CP is growing with its customers, offering a suite of freight transportation services, logistics solutions and supply chain expertise. Visit cpr.ca to see the rail advantages of CP.
Learn more about Canadian Pacific Railway Limited
Size
22,953 employees
Market Cap
$95.5 billion
Industry
Founded
1881
5 Year Trend
+5.1%
NASDAQ

Similar Jobs

More Jobs at Canadian Pacific Railway Limited

More Information Technology Jobs

Find similar Expert Security Architecture jobs: