Senior Cyber Security Specialist - Cyber Incident Management.

Requisition ID:  189805 
Career Group:  Corporate Office Careers 
Job Category:  IT Cyber Security Operations 
Travel Requirements:  0 - 10%
Job Type:  Full-Time
 

 Country: Canada (CA) 
Province: Ontario; Alberta; Nova Scotia  
City: Mississauga / Calgary / Stellarton
Location: Calgary Office, Foord St. Office, Tahoe Office

 
Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.

Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.  
 
A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family. 
 

Ready to Make an impact?

The Senior Specialist, Cyber Incident Management will be a highly experienced and technically adept cybersecurity professional who will lead critical aspects of our security operations and incident response functions. This role demands a proactive individual capable of hands-on investigation and response, while also providing expert guidance, driving the maturity of our DFIR capabilities, and leading the charge during major incidents. You'll leverage a comprehensive suite of security tools, collaborate extensively with internal and external stakeholders, and be instrumental in continuously enhancing our defensive posture. This position requires an exceptional analytical mind, advanced problem-solving skills, and the proven ability to maintain composure and make sound decisions under significant pressure.

Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist - Cyber Incident Management. . This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON. Calgary, AB.

Here’s where you’ll be focusing:

Key Responsibilities:

• Act as a Senior SME for the Cyber Incident Management team, contributing to day-to-day security operations activities, including alert triage, investigation, and incident containment.
• Provide expert guidance and mentorship to Cyber Incident Management Specialists, assisting them with complex investigations, troubleshooting, and decision-making.
• Conduct efficient and thorough investigations of security alerts, events, and incidents using a variety of security tools (e.g., SIEM, Firewall, WAF, EDR, IDS/IPS, Email Security Gateways), analyzing security logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine scope and impact.
• Drive the continuous fine-tuning and optimization of security use cases within the security solutions to enhance detection efficacy, reduce false positives, and minimize alert fatigue.
• Take charge and lead incident response efforts during major security incidents, coordinating activities, defining strategies, and guiding the team through the entire incident lifecycle.
• Play a key role in establishing and maturing comprehensive DFIR capabilities, including developing advanced investigation methodologies, tools, and processes.
• Develop and refine incident response playbooks, Standard Operating Procedures (SOPs), and other critical operational documentation, ensuring they are current and effective.
• Proactively develop and maintain comprehensive documentation for incident response activities, investigation findings, remediation steps, and lessons learned.
• Define, track, and report on key metrics monthly to measure the effectiveness of security operations and incident response, identifying areas for improvement.
• Prepare detailed and clear incident reports for various stakeholders, including technical teams and senior management.
• Build a strong partnership with our Managed Security Service Provider (MSSP) for efficient alert escalation and collaboration by working hand-in-hand with them.
• Provide advanced technical support and guidance to other IT & Cyber teams on security best practices, emerging threats, and incident prevention strategies.

#LI-Hybrid    #LI-VJ1

What you have to offer:

Qualifications:

Mandatory:

• An undergraduate degree or diploma in computer science, information security, or a related technical discipline.
• 5+ years of progressive industry experience working in Cybersecurity operations, with a significant focus on Incident Response and Security Operations (SecOps) leadership or senior roles.
• Demonstrated expertise in leading and conducting complex security investigations and incident response efforts across various security domains (e.g., network, endpoint, cloud, applications).
• Strong understanding of network and system security concepts, including TCP/IP, operating systems (Windows, Linux), common attack vectors, and defensive strategies.
• Proficiency in using a variety of security tools and technologies, including but not limited to: SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc.
• Excellent analytical and problem-solving skills with a methodical approach to complex investigations.
• Strong attention to detail and the ability to work effectively and make sound decisions under pressure during critical incidents.
• Ability to work outside of regular business hours, including nights and weekends, to respond to security incidents.
• Excellent written and verbal communication skills, with the ability to articulate highly technical information clearly and concisely to diverse audiences, including senior management and non-technical stakeholders.
• Strong interpersonal skills, with a proven ability to build rapport, influence, and collaborate effectively with diverse teams, external partners, and vendors.
• Advanced industry certification(s) such as GCIH, GCFA, ECIH, OSIR, BTL2, or equivalent.

Nice to have:

• Proven experience working directly in or closely with Managed Security Service Providers (MSSPs) at a senior or lead level.
  Knowledge and experience working in a complex retail technology environment is highly desired.
• Demonstrated experience in developing and implementing Digital Forensics and Incident Response (DFIR) programs, including handling complex and large-scale incidents such as Business Email Compromise (BEC), Ransomware, or advanced persistent threats.

At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.

We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better – physically, financially and emotionally. 

Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy. 

We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process. 

Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:

• Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
• Access to Virtual Health Care Platform and Employee and Family Assistance Program.
• A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
• A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
• Learning and Development Resources to fuel your professional growth.
• Parental leave top-up
• Paid Vacation and Days-off

We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.