The Cyber Security Engineer is responsible for planning, implementing, managing, monitoring, and upgrading security measures for Ritchie Brothers, Inc. The Engineer will work in collaboration with other internal departments and teams, especially the SOC team, on system and security breaches as well as testing and identifying areas of vulnerabilities.

5-8 years of work experience with maturing organization security posture, security engineering Experience with enterprise grade security products and vendor Proficiency in SIEM automation and developing of use case for SOC team Ability to prioritize work and deliver solutions Strong attention to detail with an analytical mind and outstanding problem-solving skills. Great awareness of cybersecurity trends and hacking techniques. Display an excellent understanding of technology infrastructures using Firewalls, VPN, Data Loss Prevention, IDS/IPS, Web-Proxy, and Security Audits. Comfortable working with a variety of technologies, security problems, and troubleshooting of enterprise size problems. Responsible for planning, implementing, managing, monitoring, and upgrading security measures for the protection of the organization's data, systems, and networks. Troubleshoots various Information System and cyber security software and data privacy issues and collaborates with the SOC team on these issues. Conducts security assessments of systems and applications using penetration tests, ethical hacking tools and risk assessment/mediation methodologies to evaluate vulnerabilities. Develops, tests and validates solutions to remediate exploitable conditions on devices such as web servers, mail servers, routers, firewalls and intrusion detection systems Evaluates, codes and implements software fixes (patches) to address system vulnerabilities such as malicious code (e.g., viruses), system exploitation using SQL injection, cross-site scripting, buffer overflows, parameter tampering, hidden field manipulation, cookie poisoning and web services manipulation Makes recommendations to correct vulnerabilities and ensures the organizations data and infrastructure are protected by enabling the appropriate security controls. Participates in the change management process. Performs other duties as assigned.