1 Presidents Choice Circle, Brampton, Ontario, L6Y 5S5
The decision to join a company is a big one. We have opportunities for hard working, energetic and reliable people just like you.
Why is this role important?
A Bachelor's Degree or Diploma in a relevant area of study with a preference for Computer Science or Computer Engineering
Minimum of 5 years in Information Technology and Information Security, At least 3 years on cyber incident response role leading investigations of cyber/fraud incidents.
In-depth knowledge of cyber security incident management process, deep hands-on experience of cyber threat hunting, threat intelligence and/or data analytics.
Be heavily weighted towards cyber incident response, web traffic analysis, cyber forensics and compliance/investigation analytics.
Ability to use of advanced automation, scripting, complex data query, predictive algorithms and anomaly detection engine, dynamic reporting using digital and mobile delivery channels.
Understanding of security controls/mechanisms and threat/risk assessment techniques pertaining to complex data, application and networking environments.
Demonstrated leadership and ability to drive successful execution of strategic objectives on cyber security investigation.
Ability to lead the team of cyber security professionals through stages of cyber security incidents management. Ensure thorough analysis of incidents and business circumstances involved; lead activities such as troubleshooting and testing incidents root causes; determining the appropriate course of action to resolve the issues with minimal business disruption.
Ability to perform analysis and report on information from multiple data sources using data mining technique.
Ability to clearly document the result of analysis, ongoing investigations and conclusions to both technical and non-technical executive stakeholder.
In depth knowledge of the tools used for security incident and event management, log analysis, network traffic analysis, packet capturing, SIEM correlation logic and alert generation, UEBA, malware detection and investigation, forensic investigations.
Advanced knowledge and working experience with SIEM solution such as ArcSight, Splunk, RSA Netwitness/SA, LogRhythm, QRadar , or similar.
Advanced knowledge of security monitoring for cloud platforms: Microsoft Azure Security Centre, Microsoft Cloud Application Security, Google Cloud Platform Cloud Security Command Center (Google Cloud Operation Suite) or equivalent cloud security tools.
Advanced knowledge of enterprise vulnerability management and of the tools such as Qualys, Rapid7, Tenable. Knowledge of application security management including static and dynamic code analysis and penetration testing.
Experience working within a wide range of environments including Linux, UNIX, Windows in addition to a strong understanding of networking, the OSI model, and network protocols.
Experience working with various crypto technologies and tools. Understanding of crypto primitives, crypto algorithms, protocols and standards.
Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10.
Understanding of cyber security frameworks such as NIST, CIS Controls, ISF Benchmark, regulatory and controls requirements such as PCI, SOX, PIPEDA, GDPR
At least one industry recognized security certification: CISSP or SSCP, CISM, CRISK, GIAC GCIH or similar is a must. The following certifications are an asset: GIAC (GCIA, GPEN, GWAPT, GSEC and etc.), OPST, CEH, OSCP.
How You’ll Succeed:
At Loblaw, we seek great people to continually strengthen our culture. We believe great people model our values, are authentic, build trust and make connections.
If that sounds like you, and you are open-minded, responsive to change and up to the challenges provided in a fast-paced retail environment, apply today.
In addition, we believe that compliance with laws is about doing the right thing. Upholding the law is part of our Code of Conduct – it reinforces what our customers and stakeholders expect of us.
Type of Role:
Loblaw recognizes Canada's diversity as a source of national pride and strength. We have made it a priority to reflect our nation’s evolving diversity in the products we sell, the people we hire, and the culture we create in our organization. Accommodation is available upon request for applicants with disabilities in the recruitment and assessment process and when hired.
Please Note: If you have Employee Self Service (ESS) on Workday, apply to this job via the Workday application.