Cyber Security Engineer

Technology - Ontario, Canada London, Ontario


Description

Join Team CARFAX as a Cyber Security Engineer
    
Isn't it time you bragged about where you work? At CARFAX, we do, every day. We pride ourselves on being mission-focused on helping to grow a brand built on accuracy and integrity. We care deeply about our products and our customers. We’re more than just a company: We help millions of consumers make more-informed decisions every day. We know that our teammates are our most valuable asset, and we value a balanced life while tackling challenging projects in a fast-paced environment.  
    
The Cyber Security Engineer plays a vital role in safeguarding the organization's information assets by designing, implementing, and maintaining robust security measures. This role involves identifying and mitigating security vulnerabilities, responding to security incidents, and ensuring compliance with security policies and standards. The Cyber Security Engineer collaborates with various IT and business teams to integrate security best practices into every aspect of the organization's operations.
    
At CARFAX, we believe in the power of teamwork and value in-person interactions so that we can collaborate and thrive together. This position will require 2 days per week in our London, ON office subject to change with future business needs.
   
What you’ll be doing:
  • Design, deploy, and maintain security solutions such as Endpoint Detection and Response (EDR), data-loss prevention (DLP), web application firewalls (WAF), zero-trust, and other security detection/prevention technologies.
  • Lead the investigation and response to security incidents and breaches, ensuring timely resolution and documentation, while monitoring security alerts and events using Security Information and Event Management (SIEM) systems
  • Conduct regular vulnerability assessments and security audits to identify and remediate security gaps.
  • Maintain application static/dynamic/dependency scans and conduct penetration testing for identifying risks and coordinate reporting and remediation with stakeholders
  • Configure and maintain cloud and infrastructure security configurations to ensure a secure enterprise risk posture.
  • Serve as a subject matter expert on cybersecurity issues and provide guidance to stakeholders and other business units.
  • Maintain detailed documentation of security policies, procedures, incident response activities, and assessment results.
  • Assist with risk assessments and compliance activities to identify potential security risks and develop strategies to mitigate them.
  • Evaluate and recommend new security tools and technologies to enhance the organization's security posture.
What we’re looking for:
  • Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master’s degree preferred.
  • Professional certifications such as CISSP, CEH, CISM, or equivalent.
  • Minimum of 3-5 years of experience in cybersecurity engineering or a related role.
  • Strong technical skills and experience with security technologies (e.g., SIEM, Endpoint Detect & Response, firewalls, IDS/IPS).
  • Working knowledge of Vulnerability Managements, Cloud Security, Application Security, Incident Response., and Security Awareness & Training
  • Working knowledge of security tools, languages and operating systems used in security practices (BURP Suite, Nessus, NMAP, Python, Kali Linux, etc.)
  • In-depth knowledge of cybersecurity principles, protocols, and best practices.
  • Experience with regulatory requirements and compliance standards (e.g., ISO 27001, NIST, PCI-DSS, HIPAA, GDPR).
  • Excellent analytical, problem-solving, decision-making and communication skills.
  • Ability to manage multiple tasks and projects in a fast-paced environment.
  • Proven ability to work independently and as part of a team.
What’s in it for you:
  • Competitive compensation, benefits and generous time-off policies
  • 4-Day summer work weeks and a winter holiday break
  • 401(k) / DCPP matching
  • Annual bonus program
  • Casual, dog-friendly, and innovative office spaces
  • For a comprehensive list of benefits, please visit our website: https://jobs.jobvite.com/carfax/p/benefits
Don’t just take our word for it:
  • 10X Virginia Business Best Places to Work
  • 10X Washingtonian Great Places to Work
  • 9X Washington Post Top Workplace
  • 3X St. Louis Post-Dispatch Best Places to Work

About CARFAX

CARFAX, part of S&P Global Mobility, helps millions of people every day confidently shop, buy, service and sell used cars with innovative solutions powered by CARFAX vehicle history information. The expert in vehicle history since 1984, CARFAX provides exclusive services like CARFAX Used Car Listings, CARFAX Car Care, CARFAX History-Based Value and the flagship CARFAX® Vehicle History Report™ to consumers and the automotive industry. CARFAX owns the world’s largest vehicle history database and is nationally recognized as a top workplace by The Washington Post and Glassdoor.com. Shop, Buy, Service, Sell – Show me the CARFAX™. S&P Global Mobility is a division of S&P Global (NYSE: SPGI). S&P Global is the world’s foremost provider of credit ratings, benchmarks, analytics and workflow solutions in the global capital, commodity and automotive markets.

CARFAX is an Affirmative Action/Equal Opportunity Employer. It is the policy of CARFAX to provide equal employment opportunity to all persons regardless of race, color, sex, pregnancy, religion, national origin, age, ancestry, citizenship status, veteran status, military status, disability or handicap, sexual orientation, genetic information or any other status protected by federal, state or local law. In addition, CARFAX will provide reasonable accommodations for qualified individuals with disabilities. We maintain a drug-free workplace. We are a participant in E-Verify.