Senior Specialist, Incident Response, Cyber Command Centre

Loblaw Companies Limited - Brampton, ON (30+ days ago)

Apply Now

1 Presidents Choice Circle, Brampton, Ontario, L6Y 5S5

The decision to join a company is a big one. We have opportunities for hard working, energetic and reliable people just like you.

Why is this role important?

Improve and evolve a team and operational procedures to establish best in class capabilities for cyber incident detection, response and remediation. You will work with technology and infrastructure leaders from across the LCL family of companies and key suppliers, partners, vendors, and managed service providers. Emphasis on achieving diversity targets will be important.

You will bring a strong network of security companies, contacts and experience to help lead and build the capabilities to react swiftly and contain cyber threats effectively.

Your deep knowledge of security tools and technologies, security threats, tactics, techniques and procedures used by threat actors, security and enterprise IT operations, processes and incident management, will help you to conduct a cyber incident response process to support this mandate. Supplier management and service management skills will be critical to ensure valued delivery and execution of managed security services to LCL.

The Cyber Security Command center operates 7x24 across Canada and works closely with a variety of cybersecurity partners other LCL stakeholders including IT Infrastructure, Network, Applications Privacy, Loss Prevention, HR and Legal, specifically building and maintaining an internal LCL community of technology and infrastructure leaders around cybersecurity incident detection and response.

To support this mandate, you will work with technology and infrastructure leaders, managed security and threat intelligence service providers to develop, automate, maintain and evolve incident response playbooks, including practice drills, tabletop exercises, communications protocols, procedures, templates for consistent flow of the right information to the right people from front line staff and up to the board.

Included in the mandate of your team will be establishing capabilities for an automated response, containment and remediation. In scope will be capabilities around building and enhancement of advanced cyber analytics platform and tools, UEBA, cyber and fraud incident response; cyber, forensic and privacy investigation including CSIRT and Crisis management.

To ensure the protection of LCL from cybersecurity threats, the Senior Specialist, Incident Response will also be a key player and part of a team providing world-class security operations capabilities and a capability aligned with our strategic direction. The Security Specialist will also be working on supporting and maintaining the infrastructure security systems and applications running the SOC. The Senior Specialist will be supporting and interacting with a multi-shift SOC and will take part in an after-hours 24x7 On-Call rotation as required.

A Bachelor's Degree or Diploma in a relevant area of study with a preference for Computer Science or Computer Engineering
Minimum of 5-7 years in Information Technology
Proven system troubleshooting experience in enterprise production IT environments
Strong knowledge and experience of CSIRT processes
Experience with enterprise server and virtualized infrastructure hardware, Cloud operations including GCP, Azure, Oracle.
Experience with IT/Network operations including server and network/firewall configuration
Good working knowledge of and direct prior experience with enterprise security technologies:

Enterprise platforms:
Server platforms (Unix/Linux, Windows etc.)
Virtualized infrastructure (VMWare)
Networking and security (TCP/UDP, SSL/TSL, SSO and MFA authentication, Windows and Linux hardening, CIS benchmark)
Security Tools (IDS/IPS, SIEM, Splunk, Packet capturing, forensic encase, AV, DLP, EDR, NAC, email security)
Web technology and protection (Akamai, WAF, Shape)
Understanding and direct prior experience with either enterprise SIEM, UEBA and cyber analytics solutions is an asset
Direct experience providing customer service and excellence
Industry certifications (ISC2: CISSP, CCSP, ISACA: CISM, SANS: GSEC, GCIA, GMON) are strong assets
Strong understanding of PCI compliance considered an asset
Scripting knowledge (VBS/JS, Powershell, Bash, Python)

Experience and/or knowledge of security and privacy enhancing

How You’ll Succeed:
At Loblaw, we seek great people to continually strengthen our culture. We believe great people model our values, are authentic, build trust and make connections.

If that sounds like you, and you are open-minded, responsive to change and up to the challenges provided in a fast-paced retail environment, apply today.

In addition, we believe that compliance with laws is about doing the right thing. Upholding the law is part of our Code of Conduct – it reinforces what our customers and stakeholders expect of us.

Employment Type:
Full time

Type of Role:

Loblaw recognizes Canada's diversity as a source of national pride and strength. We have made it a priority to reflect our nation’s evolving diversity in the products we sell, the people we hire, and the culture we create in our organization. Accommodation is available upon request for applicants with disabilities in the recruitment and assessment process and when hired.

Please Note: If you have Employee Self Service (ESS) on Workday, apply to this job via the Workday application.