Who we are
Staples Canada is on journey to become the Working and Learning Company. We are dynamic, inspiring partners to our customers and the communities in which we live. At Staples, we inspire people to work smarter, learn more and grow every day. We look for people who are curious, approachable and passionate, and who enjoy finding solutions.
If that’s you, let’s work, learn and grow together.
Some of what you will do
As the Senior Security Specialist, you will be a security advisor to the Staples Canada business. You will be responsible to bridge deep technical security knowledge with leadership to inform on security governance and compliance. You will work on Staples digital transformation efforts to mature and manage IT security policies aligned to modern security risks. You will lead our efforts to streamline PCI compliance activities in a changing environment with a focus on working with business stakeholders to understand and de-scope PCI risk. Leveraging information on business requirements alongside enterprise risk to recommend solutions that best secure the business, each day will be fast-paced, challenging, rewarding and meaningful and you will be inspired to bring your best, every day.
Specifically, you will:
- Drive key programs such as PCI Compliance, NIST CSF and risk management maturity across Staples working cross functionally with other departments.
- Drive partnerships across business teams to align working groups together to understand and solve security challenges in a manner that drives business value.
- Identify technical challenges to drive policy changes based on identified risk.
- Review and provide recommendations to Information Security policies, standards, guidelines/ processes.
- Develop, implement, and administer Security Policies and Standards with alignment to industry best practices.
- Manage the organization’s Data Governance Lifecycle (discover, remediation, asset registry, data flow mapping).
- Be accountable for recommending solutions to protect critical assets based on the appropriate risk, budget and controls.
- Perform security and compliance assessments on new and existing systems, processes, and technology.
Some of what you need
- 5-8 years in the security sector with experience working across broad security domains.
- Bachelor’s degree in Computer Technology or similar
- Experience with Agile teams and/or DevOps teams including working with sprint planning and defect tracking tools.
- Experience with regulatory frameworks and standards such as NIST CSF, ISO, PCI DSS and SOC2.
- Experience with performing or leading PCI Compliance audits and activities, ideally within cross-functional teams
- Domain-level security certifications are an asset (CISSP, CISM)
- Ability to draft and define policy to organizational risk
- Ability to communicate effectively and work collaboratively
- Solutions finder
Some of what you will get
- Associate discount
- Health and Dental benefits
- Performance bonuses
- Learning & Development programs
- And more...
- Flexibility to work at office and remotely
- May require limited travel
- May require evening and weekend work based on business necessity
Staples is an equal opportunity employer committed to diversity and inclusion and we encourage applications from all qualified candidates, including those with disabilities. We will accommodate applicants’ needs, upon request, throughout all stages of the recruitment process. Please inform us of the accommodation(s) that you may require. Information received relating to accommodation will be addressed confidentially.
Staples Canada is an equal opportunity employer committed to diversity and inclusion and we encourage applications from all qualified candidates, including those with disabilities.