Information Security Officer - Burnaby, BC

Salary:  $90,000 - $110,000
Actual compensation within the range will be based on experience
We also offer quarterly variable compensation package (bonus) + benefits

About Specsavers

Welcome to Specsavers - where we're not just about eyewear and eyecare, we're a purpose-driven organization committed to changing lives through better sight. As a certified Great Place to Work®, we take pride in our optometrist-owned and -led business model, providing quality eyecare and affordable eyewear to Canadians across the country.

Our journey began 40 years ago in the UK, with visionary optometrists Doug and Mary Perkins. Today, we support over 2,700 healthcare businesses, passionately caring for more than 44 million patients and customers worldwide.

At Specsavers, we believe that access to quality eyecare should be a right, not a luxury. That's why we go above and beyond to transform the eyecare experience in Canada. With our advanced clinical equipment and an extensive range of affordable and high-quality eyewear, we're here to make a real difference in the lives of our customers.

But that’s not all - we're also dedicated to fostering a positive, inclusive, and supportive work culture.  We strive to create an environment where our partners thrive while benefiting from the collective support and resources of our dedicated teams.

If you're passionate about making a difference, providing incredible care, and being part of a values and purpose-driven organization, join us on our journey to revolutionize the way Canadians experience eyecare. Together, we can change lives through better sight.

What You’ll Do

The role of the Information Security Officer is important at Specsavers, requiring a blend of technical expertise, problem-solving skills, and a proactive approach to security challenges. This position encompasses Specsavers North America and its subsidiaries. It would suit someone with a background in IT Infrastructure and Security, especially at the enterprise level. This role offers a great opportunity to leverage and expand their technical skills while staying at the forefront of security practices and technologies. 

As an Information Security Officer, reporting to the Technical Operations Manager, the suitable candidate will have the opportunity to work closely with various technology teams and collaborate with departments such as Commercial, Retail, and Supply Chain. This role is ideal for someone detail-oriented, who enjoys working with data, and has a passion for improving organizational performance. 

Key Responsibilities

• Assist in the deployment of security technologies in both cloud and on-premises environments. 

• Configure and maintain security technologies to ensure they meet the organization’s security requirements. 

• Provide support and guidance to ensure consistent security practices. 

• Monitor compliance with Information Security standards. 

• Ensure that security controls are effectively protecting the organization’s IT assets. 

• Support and enhance security control processes for technologies, networks, systems, and endpoints. 

• Influence internal partners to align their solutions with the organization’s security policies and standards. 

• Manage documentation of security requirements. 

• Assist in designing and implementing a resilient Information Security architecture. 

• Ensure efficient threat protection, monitoring, and incident response capabilities. 

• Analyze threat and vulnerability feeds for relevance to the organization. 

• Identify and resolve false positives and validate existing controls. 

• Assist in developing secure solutions and provide mentorship to stakeholders within Specsavers. 

• Work with stakeholders to implement a risk management program. 

• Identify and remediate Information Security risks. 

• Advise on Information Security threats, technologies, and regulatory requirements. 

• Develop and implement Information Security metrics and reporting for continuous improvement. 

• Assess IT control elements to mitigate risks related to confidentiality, integrity, and availability of information. 

• Conduct penetration testing and threat analysis using third-party tools and vendors’ assistance.  

• Utilize network performance monitoring tools to isolate and find the root cause of issues.

• Engage in root cause troubleshooting for Core Applications in Distribution Centers, Support offices, and Retail stores .

What We’re Looking For

Essential

• 3+ Years in Security Systems with hands-on experience with the administration and engineering of security systems, ensuring their proper function and security integrity. 

• 3+ Years in a SOC with practical experience in a Security Operations Center, dealing with cybersecurity incidents and investigations. 

• Proficiency with SIEM/FIEM (security information event management), DLP (data loss prevention), and CASB (cloud access security broker) with a solid background in working with Security Information and Event Management, Data Loss Prevention, and Cloud Access Security Brokers. 

• 3+ years of cloud services platform experience like AWS, GCP, and Azure, with a focus on security best practices. 

• Familiarity with monitoring tools such as PRTG, SolarWinds, or Nagios. 

• Competence in administering Linux and/or Windows systems. 

• Experience in utilizing or implementing cybersecurity frameworks. 

• Knowledge of platforms like Sumo-Logic, SPLUNK, and others for security analytics. 

• Proficiency in web, application, and database components, including Apache, IIS, Memcache, MySQL, and SQL Server. 

• Understanding of Layer 2 & 3 switches, OSI Model, TCP/IP, SNMP. 

• Strong skills in communicating with customers, vendors, partners, and across organizational levels. 

• Ability to engage and communicate effectively at high technical decision-making levels. 

• Excellent oral and written communication skills for helping develop security programs, guidelines, policies, standards, and presentations. 

• Capability to build and work with multi-disciplinary teams, achieving goals and meeting deadlines in a dynamic environment. 

• Works effectively under pressure and can prioritize tasks appropriately. 

• Strong understanding of both business operations and technical requirements. 

• Ability to work well in team settings. 

• Proven knowledge of Agile development cycles and the Kanban method. 

• Strong written, verbal, and interpersonal communication abilities, capable of conveying technical concepts to varied audiences. 

• Ability to write clear and comprehensive technical specifications and documentation. 

Nice to have

• Having relevant certifications such as CCSP, CCSK, CISSP, CISM, or familiarity with ISO 27001/27002 standards is highly regarded. 

• Programming or scripting exposure, preferably across a variety of languages. 

Our Fellow ‘Speccies’ Enjoy

• Generous vacation allotment and 1 paid volunteer day
• 1 extra paid day off and an eyecare voucher on your birthday
• RRSP matching
• Quarterly performance bonus
• Healthcare spending account
• Health and dental benefits effective on your first day
• Team and company social events

Our Values

• Collaborative: We work together as one Specsavers to deliver our purpose
• Curious: We question, explore, and seek out diverse perspectives to develop our knowledge and understanding
• Courageous: We challenge the status quo, we experiment with good ideas, and we are brave, bold, and fast in our decision making
• Compassionate: We care, support, and help each other
• Commercial: We treat money wisely and make decisions that are good for our customers, our partners, our people, and good for the long term

We hope that in applying with us, you value these things as well!

Our Hybrid Work Model

Be part of the dynamic culture! Our workplace thrives on a hybrid model, combining in-office collaboration and flexibility. Join us in office, three days a week to contribute, connect, and excel in our vibrant environment.

Equal Opportunity Employer

At Specsavers, we are committed to fostering a diverse and inclusive workplace. We believe that a diverse team enriches our work environment and enables us to achieve our goals. We are an equal opportunity employer and encourage candidates of all backgrounds and abilities to apply. If you believe you can contribute to our mission and vision, we welcome your application, even if you don't meet every qualification listed. We value the unique skills and perspectives each individual brings to our team.