Information Security Engineer

Who we are...

Verra Mobility is a global leader in smart mobility. We develop technology-enabled solutions that help the world move safely and easily. We are fostering the development of safe cities working with police departments and municipalities to install over 4000 red-light speed and school bus stop arm safety cameras across North America. We are also creating smart roadways serving the worlds largest commercial fleets and rental car companies to manage tolling transactions and violations for over 8.5 million vehicles. And we are a leading provider of connected systems processing nearly 165 million transactions each year across 50 individual tolling authorities.

Culture

Verra Mobility Corporation is a rapidly-growing entrepreneurial company that operates with a people-first philosophy and approach. The company lives by its core valuesDo Whats Right Lead with Grace Win Together and Own Itin everything it does for its customers and team members. The company seeks to grow aggressively both organically and through acquisition to continue to be the undisputed market leader with these five core competencies: bias for action customer focus teamwork drive for results and commitment to excellence.

Position Overview:

The Information Security Engineer is responsible for designing and implementing security systems to protect an organizations infrastructure from cyber threats. They configure and maintain tools like intrusion detection systems encryption software and secure network architectures. Their duties include conducting security testing such as penetration tests to identify and fix vulnerabilities. They collaborate with IT teams to integrate security measures into new and existing systems. Additionally they monitor system performance and respond to security incidents to ensure operational integrity.

Essential Responsibilities:

• Implement security solutions that reinforce a defense-in-depth and zero-trust posture.
• Contribute to complex security projects.
• Install configure maintain patch and troubleshoot all information security tools and infrastructure including but not limited to SIEM SOAR WAF PAM firewalls secure web/email gateways.
• Perform routine configuration reviews of information security technology and infrastructure against industry best practices vendor supplied recommendations and the companys own internal baselines.
• Create and maintain internal documentation such as network architectural and data flow diagrams and internal procedures for all information security owned products and tools.
• Train the security team on newly deployed technologies and act as an escalation point and subject matter expert for all information security owned systems.
• Support proof of concept efforts of new security technology solutions while working closely with established vendors and resellers. Implement and test new security technologies deployed to safeguard access to resources enterprise networks and computer systems as directed by the Information Security Manager.
• Participate and lead security incident response procedures as outlined in the company security incident response plan. Responsibilities may include playing a role as the senior technical resource leading triage efforts and taking the lead on communications with senior leadership.
• Work closely with the Governance Risk Compliance team to document internal operational and audit procedures around information security owned infrastructure gather technical evidence speak to cybersecurity procedures and standards.

Qualifications:

• Bachelors degree in computer science cybersecurity or related field or 5 years of professional security experience with 2 years as a security engineer.
• Experience with security tools including SIEM SOAR WAF PAM firewalls secure web/email gateways.
• Articulate with strong business acumen and executive presence.
• Coachable and willing to learn with an emphasis on positive demeanor.
• Ability to take initiative and drive results.
• Certified in information security industry certifications such as CISSP CompTIA Security. CEH OSCP preferred.
• Experience with the CrowdStrike suite of cybersecurity tools is a nice to have.
• Proficiency in scripting languages such as Python PowerShell Bash or similar for automation and tool development.
• Extensive knowledge of networking protocols operating systems (Windows Linux) is a plus.
• Exposure in security operations and incident response would be a great perk.
• Secured cloud-native environments (Kubernetes Docker) and implementing DevSecOps practices would be desired.
• Worked with zero-trust architecture is a bonus.
• Knowledge of machine learning for anomaly detection or threat intelligence would be great to have.
• Successful completion of the Nlets fingerprinting background assessment.
• Most be located in Vancouver Canada and willing to commute into the Burnaby Canada office 2 days a week.