25 York Street, Toronto, Ontario, M5J 2V5
The decision to join a company is a big one. We have opportunities for hard working, energetic and reliable people just like you.
Why is this role important?
The Security Incident Response Analyst oversees and coordinates security incident response for President’s Choice Financial & Services (PCF&S). This role acts as a trusted information security partner with the business, vendors, and the enterprise (Loblaw) supporting PCF&S’s information security program. The successful candidate will possess knowledge and experience of security devices, security operations processes, threat intelligence monitoring, and security incident management to support the management and delivery of security services to PCF&S. He/she will focus on the security hygiene, controls, and design supporting PCF&S’s environments. The Security Incident Response Analyst will engage with a multi shift SOC and will take part in after-hours 24x7 On-Call incidents as required. This role is responsible for coordinating activities across complex environments with multiple verticals at PCF&S (e.g. credit card, insurance, telecom, giftcard, etc.) and will work with vendors, service providers, and strategic partners to manage incidents.
Your key responsibilities will include, but are not limited to the following:
- Managing information security incident and change tickets in service-now
- Representing PCF&S with Cyber Command Center (CCC) and Cyber Intelligence Center (CIC) on investigations
- Analyzing threat intelligence detail and work with PCF&S Fraud and Risk teams as well as CCC / CIC to action as appropriate
- Monitoring enterprise tools with PCF&S lens (e.g. Shape, Akamai, CIAM, Dynatrace, CyberArk, VPN, etc.) and provide reporting
- Developing security use cases for alerting and automation
- Completing incident reports, leading after action reviews, etc.
- Monitoring, identifying, investigating, and analyzing all response activities related to information security incidents with PCF&S
- Identifying, tracking, and managing the incident triage process surrounding security vulnerabilities and managing incidents in a coordinated fashion with the enterprise, vendors, service providers, and strategic partners
- Conducting threat analysis as required and address incidents according to the incident management process
- Assisting with security audits, risk analysis, network forensics and penetration testing as appropriate
- Providing assistance in monitoring the security of all designated networks and systems for PCF&S
- Preparing detailed incident reports and technical briefs for the security teams, daily calls, and dashboard meetings
- Assisting in coordination efforts for PCF&S, including: producing risk reports, security operations, investigations, dashboards and targeted awareness as needed
- Tracking and reporting on open risk items to close as well as the security maturity of the PCF&S environments
- Identifying, reviewing, and recommending information security improvements as they relate to the achievement of the client’s business goals and objectives
Required Skills, Knowledge and Experience:
- Minimum of 5 years of relevant Information Security experience.
- 3+ years of relevant IT experience in Infrastructure Administration/Architecture and/or Application Development /Architecture
- At least one of the following certifications preferred: GIAC, CISSP, SANS
- Strong Incident response management
- Strong networking, software, and application skills
- Prior experience as a SOC Engineer or Analyst or systems administrator
- Scripting (e.g. powershell, bash, python, etc.)
- Vulnerability and penetration testing exposure
- Application, cloud, and agile security skills
- Familiarity with leading security concepts, tools, and processes
- Understanding of patching and hardening
- Knowledge of end-point security architecture and protection strategies. Can include hands-on experience overseeing/managing common end-point security technologies (i.e., AV, Encryption, Spam/Spyware, Personal Firewalls, as well as other protection capabilities such as GPO management and mobile security strategies).
- Knowledge of vulnerability management using tools like Nessus, Qualys, etc.
- Knowledge of security SIEMs and ability to report on and analyze information
- Experience working relationship with security operation center, logging, correlating security events, etc.
- Experienced with the challenges of managing complex security incidents
- Experienced with log formats and host or network based intrusion detection systems
- Ability to produce clear and effective written documentation
- Ability to adjust to new situations and drive results
- Excellent analytical ability, attention to detail and ability to manage cross-departmental teams
- Excellent problem solving skills, and resourceful and creative with solutions
- Ability to work independently, or in cross-functional client teams, as required
- Strong ethics and integrity
How You’ll Succeed:
At Loblaw, we seek great people to continually strengthen our culture. We believe great people model our values, are authentic, build trust and make connections.
If that sounds like you, and you are open-minded, responsive to change and up to the challenges provided in a fast-paced retail environment, apply today.
In addition, we believe that compliance with laws is about doing the right thing. Upholding the law is part of our Code of Conduct – it reinforces what our customers and stakeholders expect of us.
Type of Role:
Loblaw recognizes Canada's diversity as a source of national pride and strength. We have made it a priority to reflect our nation’s evolving diversity in the products we sell, the people we hire, and the culture we create in our organization. Accommodation is available upon request for applicants with disabilities in the recruitment and assessment process and when hired.