1 Presidents Choice Circle, Brampton, Ontario, L6Y 5S5
The decision to join a company is a big one. We have opportunities for hard working, energetic and reliable people just like you.
Why is this role important?
You will be responsible for cyber security incident management through all stages on incident management process: starting from incident detection, analysis, containment, eradication, recovery and finally post-event review. You will work with a team of cyber security professional like you on to evolve a team and operational procedures to establish best in class capabilities for cyber incident detection, response and remediation. You will work with technology and infrastructure leaders from across the LCL family of companies and key suppliers, partners, vendors, and managed service providers.
Your deep knowledge of security tools and technologies, security threats, tactics, techniques and procedures used by threat actors, security and enterprise IT operations, processes and incident management, will help you to conduct a cyber incident response process to support Cyber Command Center mandate to detect, respond and protect LCL from internal and external threats.
To support this mandate, you will work with technology and infrastructure leaders, managed security and threat intelligence service providers to develop, automate, maintain and evolve incident response playbooks, including practice drills, tabletop exercises, communications protocols, procedures, templates for consistent flow of the right information to the right people from front line staff and up to the board.
The Cyber Security Command center operates 7x24 across Canada and works closely with a variety of cybersecurity partners other LCL stakeholders including IT Infrastructure, Network, Applications Privacy, Loss Prevention, HR and Legal, specifically building and maintaining an internal LCL community of technology and infrastructure leaders around cybersecurity incident detection and response.
Included in the mandate of your team will be establishing capabilities for an automated response, containment and remediation. In scope will be capabilities around building and enhancement of advanced cyber analytics platform and tools, UEBA, cyber and fraud incident response; cyber, forensic and privacy investigation including CSIRT and Crisis management.
To ensure the protection of LCL from cybersecurity threats, the Security Analyst, Incident Response will also be a key player and part of a team providing world-class security operations capabilities and a capability aligned with our strategic direction. The Security Specialist will also be working on supporting and maintaining the infrastructure security systems and applications running the SOC. The Security Analyst will be supporting and interacting with a multi-shift SOC and will take part in an after-hours 24x7 On-Call rotation as required.
WHAT YOU WILL NEED:
A Bachelor's Degree or Diploma in a relevant area of study with a preference for Computer Science or Computer Engineering
Minimum of 1-2 years in Information Technology
Experience with enterprise server and virtualized infrastructure hardware, Cloud operations including GCP, Azure, Oracle.
Good working knowledge of and direct prior experience with enterprise security technologies:
Server platforms (Unix/Linux, Windows etc.)
Virtualized infrastructure (VMWare)
Networking and security (TCP/UDP, SSL/TSL, SSO and MFA authentication, Windows and Linux hardening, CIS benchmark)
Security Tools (IDS/IPS, SIEM, Splunk, Packet capturing, forensic encase, AV, DLP, EDR, NAC, email security)
Web technology and protection (Akamai, WAF, Shape)
Strong knowledge of scripting languages ( VBS/JS, Powershell, Bash, Python) and ability to design the scripts utilizing API call to various secure tools.
Knowledge of IT automation and orchestration, integration of IT tools and technologies utilizing tools like Phantom, Demisto other SOAR tools.
Understanding and direct prior experience with either enterprise SIEM, UEBA and cyber analytics solutions is an asset
Direct experience providing customer service and excellence
Industry certifications (ISC2: CISSP, CCSP, ISACA: CISM, SANS: GSEC, GCIA, GMON) are strong assets
Strong understanding of PCI compliance considered an asset
Experience and/or knowledge of security and privacy enhancing technologies such as identity management, application security and network security technologies
How You’ll Succeed:
At Loblaw, we seek great people to continually strengthen our culture. We believe great people model our values, are authentic, build trust and make connections.
If that sounds like you, and you are open-minded, responsive to change and up to the challenges provided in a fast-paced retail environment, apply today.
In addition, we believe that compliance with laws is about doing the right thing. Upholding the law is part of our Code of Conduct – it reinforces what our customers and stakeholders expect of us.
Type of Role:
Temporary with Benefits (Fixed Term)
Loblaw recognizes Canada's diversity as a source of national pride and strength. We have made it a priority to reflect our nation’s evolving diversity in the products we sell, the people we hire, and the culture we create in our organization. Accommodation is available upon request for applicants with disabilities in the recruitment and assessment process and when hired.
Please Note: If you have Employee Self Service (ESS) on Workday, apply to this job via the Workday application.