About This Role

Who We Are:

• CAE Vision: Our vision is to be the worldwide partner of choice in defense and security, civil aviation, and healthcare by revolutionizing our customers’ training and critical operations with digitally immersive solutions to elevate safety, efficiency and readiness.
• CAE Defense & Security Mission: CAE’s Defense and Security business unit focuses on helping prepare military customers to develop and maintain the highest levels of mission readiness.
• CAE Values: Empowerment, Innovation, Excellence, Integrity and OneCAE make us who we are and we strive to make a difference in the world while helping each other succeed.

What We Have to Offer:

• Comprehensive and competitive benefits package and flexibility that promotes work-life balance
• A work environment where all employees are valued, respected and safe
• Freedom to succeed by enabling team members to deliver, take initiatives and make decisions
• Recognition, professional development, advancement and having fun!

Summary
Implement and monitor security processes relative to IT Policy, Procedure, and Compliance with respect to NISPOM and Department of Defense (DoD) Information Security requirements. Audit information system security plans and procedures to comply with DoD and separate service regulations, directives and procedures. Function as Information Technology Security Administrator, coordinate and oversee compliance of multiple IT Security and Audit requirements in coordination with Security, IT Management, Audit, and Compliance. Provide input and assistance as an IT team member.
Essential Duties and Responsibilities

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Gather and verify documentation surrounding each assessment type including, but not limited to Information Security, Cybersecurity, SOC reports, Business Continuity and Disaster Recovery, Regulatory Compliance and Operations, and related disciplines in alignment with established practices.
• Responsible for monitoring networks for security events and alerts to potential/active threats, intrusions, and/or indicators of compromises, analyze trends to determine downstream impact, and partner with applicable departments to ensure appropriate actions are taken to minimize risks.
• Support the Cyber Security team with protecting confidentiality and integrity of the organization’s information assets.
• Monitor security infrastructure and security alarm devices for Indicators of Compromise utilizing cyber security tools, under 24/7 operations.
• Assists in maintaining IT Security policies, procedures, and documentation.
• Performs comparisons between existing standards and practices and work instructions, correcting practice documents when needed.
• Responsible for recurring tasks on systems as assigned.
• Conduct scheduled inspections of systems/facilities that process classified information,
• Maintain and audit all logs and records associated with operation procedures.
• Audit security logs, reports, daily system audits, security logs and authentication features to assure security-relevant actions are properly implemented and executed.
• Create security reporting as required by ongoing business needs and audit requirements.
• Identify new security platforms/tools to improve overall infrastructure security.
• Review current and upcoming security requirements/threats and create the necessary actions to mitigate any risks to the organization.
• Evaluate enterprise business system proposed changes, updates, or patches and advise IT Management, Change Management Board, and ISM of relevance.
• Provide security best practice guidance and expertise to project manager(s) and BSA to define requirements for applications, installations, and program architecture for information systems.
• Aid IT team members, BPO, and Security staff to ensure compliance with applicable IT Security policies, DoD/Service specific regulations and contractual security requirements.
• Perform as a member of the IT Incident Response Team for threats and security risks to the organization. This includes interfacing with the underlying teams/individuals to formulate and apply remediation action.
• Build and maintain cloud components specific to security, identity, and governance in multiple cloud providers.
• Develop and document cloud security best practices and security guidelines for cloud technologies.

Qualifications and Education Requirements

• Bachelor’s degree in related disciplines or equivalent experience.
• Understanding of computer security components (i.e., topology, switches, routers, firewalls, SIEM)
• Understanding of current information security threat analysis, identification, mitigation and investigation techniques.
• Must be eligible for a DOD Personnel Security Clearance and any special access requirements.

Preferred Skills

• At least one DoD 8570 Certification.
• Must be detail oriented; work with minimal supervision; Strong analytical and problem-solving capabilities.
• Prior experience with IT Audit procedures and documentation.
• Experience with hardware/software platforms including Windows and Linux.
• Other professional certifications highly desirable.

Security Responsibilities
Must comply with all company security and data protection / usage policies and procedures. Personally responsible for proper marking and handling of all information and materials, in any form. Shall not divulge any information, or afford access, to other employees not having a need-to-know. Shall not divulge information outside company without management approval. All government and proprietary information will be accessed and stored electronically on company provided resources.

Work Environment

• Ability to work in a regular office/classroom environment, as well as in and around electronic equipment, hydraulic equipment and confined spaces.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

• Ability to operate a personal computer and communicate via e-mail/telephone.

Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for their job. Duties, responsibilities, and activities may change at any time with or without notice.
CAE USA Inc. is an equal opportunity employer, and all qualified applicants will be considered for employment without regard to any protected characteristic, including disability and protected veteran status, as defined under federal, state, or local laws.
Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us at hrops@caemilusa.com
Position Type
Regular
CAE thanks all applicants for their interest. However, only those whose background and experience match the requirements of the role will be contacted.
Equal Opportunity Employer
CAE is an equal opportunity employer committed to providing equal employment opportunities to all applicants and employees without regard to race, color, national origin, age, religion, sex, disability status, protected veteran status, or any other characteristic protected by federal, state or local laws. At CAE, everyone is welcome to contribute to our success. Applicants needing reasonable accommodations should contact their recruiter at any point in the recruitment process. If you need assistance to submit your application because of incompatible assistive technology or a disability, please contact us at
CAECarrieres-Careers@cae.com

Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Gather and verify documentation surrounding each assessment type including, but not limited to Information Security, Cybersecurity, SOC reports, Business Continuity and Disaster Recovery, Regulatory Compliance and Operations, and related disciplines in alignment with established practices.
• Responsible for monitoring networks for security events and alerts to potential/active threats, intrusions, and/or indicators of compromises, analyze trends to determine downstream impact, and partner with applicable departments to ensure appropriate actions are taken to minimize risks.
• Support the Cyber Security team with protecting confidentiality and integrity of the organization’s information assets.
• Monitor security infrastructure and security alarm devices for Indicators of Compromise utilizing cyber security tools, under 24/7 operations.
• Assists in maintaining IT Security policies, procedures, and documentation.
• Performs comparisons between existing standards and practices and work instructions, correcting practice documents when needed.
• Responsible for recurring tasks on systems as assigned.
• Conduct scheduled inspections of systems/facilities that process classified information,
• Maintain and audit all logs and records associated with operation procedures.
• Audit security logs, reports, daily system audits, security logs and authentication features to assure security-relevant actions are properly implemented and executed.
• Create security reporting as required by ongoing business needs and audit requirements.
• Identify new security platforms/tools to improve overall infrastructure security.
• Review current and upcoming security requirements/threats and create the necessary actions to mitigate any risks to the organization.
• Evaluate enterprise business system proposed changes, updates, or patches and advise IT Management, Change Management Board, and ISM of relevance.
• Provide security best practice guidance and expertise to project manager(s) and BSA to define requirements for applications, installations, and program architecture for information systems.
• Aid IT team members, BPO, and Security staff to ensure compliance with applicable IT Security policies, DoD/Service specific regulations and contractual security requirements.
• Perform as a member of the IT Incident Response Team for threats and security risks to the organization. This includes interfacing with the underlying teams/individuals to formulate and apply remediation action.
• Build and maintain cloud components specific to security, identity, and governance in multiple cloud providers.
• Develop and document cloud security best practices and security guidelines for cloud technologies

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.

• Ability to operate a personal computer and communicate via e-mail/telephone