82 Security Advisor jobs in Canada

Description

:

Beneva (Conseil Financier Beneva) est présentement à la recherche d’entrepreneurs/intrapreneurs passionnés pour consolider ses plans de croissance dans toutes les régions du Québec!

Votre rôle sera d’accompagner les clients dans la planification de leur sécurité financière.

Vous recherchez :

Un environnement dans lequel vous pouvez devenir un entrepreneur à succès

Le contrôle sur votre horaire et de vos activités

Un travail où votre service-conseil en matière d’assurance de personnes, de placements et de planification de la retraite sera reconnu et apprécié par vos clients et votre communauté

Un accès facile aux clients existants de l’entreprise

De l’aide au développement des affaires et à l’identification de clients et marchés cibles

Vos talents et qualifications :

Passion pour le service client

Fortes aptitudes de communication

Sens des responsabilités, de l’organisation et de la planification

Esprit d’analyse et de synthèse

Capacité de développer et entretenir de bons rapports avec les gens

Nous offrons :

Rémunération hautement compétitive, à la hauteur de vos efforts

Support financier en début de carrière

Formation initiale et formation continue vous permettant de parfaire vos connaissances et vos compétences dans votre entreprise

Gamme complète de produits tel que l’assurance-vie, l’assurance invalidité, l’assurance maladie grave, fonds distincts, REER, CELI, FERR, rentes, etc

Programme de référencement provenant d’autres secteurs de l’entreprise et accès aux membres des groupes d’affinité avec lesquels nous avons des partenariats

Coaching personnalisé, accompagnement sur le terrain et soutien d’un gestionnaire expérimenté vous permettant d’accélérer la croissance de votre entreprise

Outils de travail vous permettant d’être complètement efficace pour vos rencontres clients à distance ou en personne

Joignez-vous à nous!

True to its purpose, Beneva places people at the heart of its actions and contributes to the well-being of the community. It accompanies its clients in all stages of their lives, both for their insurance and for their financial services.

Description

:

Beneva (Conseil Financier Beneva) est présentement à la recherche d’entrepreneurs/intrapreneurs passionnés pour consolider ses plans de croissance dans toutes les régions du Québec!

Votre rôle sera d’accompagner les clients dans la planification de leur sécurité financière.

Vous recherchez :

Un environnement dans lequel vous pouvez devenir un entrepreneur à succès

Le contrôle sur votre horaire et de vos activités

Un travail où votre service-conseil en matière d’assurance de personnes, de placements et de planification de la retraite sera reconnu et apprécié par vos clients et votre communauté

Un accès facile aux clients existants de l’entreprise

De l’aide au développement des affaires et à l’identification de clients et marchés cibles

Vos talents et qualifications :

Passion pour le service client

Fortes aptitudes de communication

Sens des responsabilités, de l’organisation et de la planification

Esprit d’analyse et de synthèse

Capacité de développer et entretenir de bons rapports avec les gens

Nous offrons :

Rémunération hautement compétitive, à la hauteur de vos efforts

Support financier en début de carrière

Formation initiale et formation continue vous permettant de parfaire vos connaissances et vos compétences dans votre entreprise

Gamme complète de produits tel que l’assurance-vie, l’assurance invalidité, l’assurance maladie grave, fonds distincts, REER, CELI, FERR, rentes, etc

Programme de référencement provenant d’autres secteurs de l’entreprise et accès aux membres des groupes d’affinité avec lesquels nous avons des partenariats

Coaching personnalisé, accompagnement sur le terrain et soutien d’un gestionnaire expérimenté vous permettant d’accélérer la croissance de votre entreprise

Outils de travail vous permettant d’être complètement efficace pour vos rencontres clients à distance ou en personne

Joignez-vous à nous!

True to its purpose, Beneva places people at the heart of its actions and contributes to the well-being of the community. It accompanies its clients in all stages of their lives, both for their insurance and for their financial services.

Description

:

Beneva (Conseil Financier Beneva) est présentement à la recherche d’entrepreneurs/intrapreneurs passionnés pour consolider ses plans de croissance dans toutes les régions du Québec!

Votre rôle sera d’accompagner les clients dans la planification de leur sécurité financière.

Vous recherchez :

Un environnement dans lequel vous pouvez devenir un entrepreneur à succès

Le contrôle sur votre horaire et de vos activités

Un travail où votre service-conseil en matière d’assurance de personnes, de placements et de planification de la retraite sera reconnu et apprécié par vos clients et votre communauté

Un accès facile aux clients existants de l’entreprise

De l’aide au développement des affaires et à l’identification de clients et marchés cibles

Vos talents et qualifications :

Passion pour le service client

Fortes aptitudes de communication

Sens des responsabilités, de l’organisation et de la planification

Esprit d’analyse et de synthèse

Capacité de développer et entretenir de bons rapports avec les gens

Nous offrons :

Rémunération hautement compétitive, à la hauteur de vos efforts

Support financier en début de carrière

Formation initiale et formation continue vous permettant de parfaire vos connaissances et vos compétences dans votre entreprise

Gamme complète de produits tel que l’assurance-vie, l’assurance invalidité, l’assurance maladie grave, fonds distincts, REER, CELI, FERR, rentes, etc

Programme de référencement provenant d’autres secteurs de l’entreprise et accès aux membres des groupes d’affinité avec lesquels nous avons des partenariats

Coaching personnalisé, accompagnement sur le terrain et soutien d’un gestionnaire expérimenté vous permettant d’accélérer la croissance de votre entreprise

Outils de travail vous permettant d’être complètement efficace pour vos rencontres clients à distance ou en personne

Joignez-vous à nous!

True to its purpose, Beneva places people at the heart of its actions and contributes to the well-being of the community. It accompanies its clients in all stages of their lives, both for their insurance and for their financial services.

Title : Senior Cloud Security Advisor/ Conseiller principal en sécurité cloud
Lieu/ Location : Montréal, Brossard 50% on site
Duration/ Durée : 12 months, 35 h per week - 12 mois, 35 h par semaine

Le/La candidat(e) doit posséder les qualifications suivantes :

Diplôme en informatique, en cybersécurité ou dans un domaine connexe (ou expérience équivalente). Une combinaison équivalente de certifications en cybersécurité sera prise en considération.

5 à 8 ans d'expérience en cybersécurité, dont 3 ans ou plus en sécurité cloud/Microsoft Azure ;

Solide connaissance de MS Sentinel

Expérience en implémentation SIEM/SOAR, exploitation SOC, réponse aux incidents

Expérience en services professionnels : relation client, ateliers, documentation, présentations

Bilingue (anglais et français)

Description du poste :
En tant que conseiller principal en sécurité cloud spécialisé dans Microsoft Sentinel, le/la titulaire sera la pierre angulaire de la conception, de la mise en œuvre, de l'optimisation et de la maintenance de solutions de sécurité avancées Clientées sur Microsoft Sentinel pour nos clients. Vous agirez en tant qu'expert technique et conseiller stratégique, assurant la protection de leurs environnements cloud et hybrides contre les cybermenaces émergentes. Ce rôle sera crucial pour accompagner nos clients dans leur transformation en matière de sécurité, en veillant à ce que les solutions soient alignées sur leurs objectifs commerciaux et les meilleures pratiques du secteur.

Responsabilités :

Concevoir et déployer des architectures Microsoft Sentinel adaptées aux besoins des clients ;

Intégrer diverses sources de données (cloud, sur site, tierces) pour une visibilité unifiée ;

Configurer les règles d'analyse, les connecteurs, les modèles de détection et les listes de surveillance ;

Optimiser les performances et réduire les faux positifs en ajustant les règles ;

Automatiser les réponses aux incidents grâce à des Playbooks (Azure Logic Apps) ;

Développer des scripts (PowerShell, KQL, Python) pour automatiser et valider la sécurité ;

Collaborer avec les équipes internes et clients, animer des ateliers et rédiger des rapports ;

Agir en tant qu'expert du projet Sentinel

===
The candidate must have the following qualifications:

Degree in computer science, cybersecurity, or a related field (or equivalent experience). Equivalent mix of Cyber certification will be considered.

5 to 8 years of experience in cybersecurity, including 3+ years in cloud/Microsoft Azure security ;

Strong Knowledge of MS Sentinel

Experience in SIEM/SOAR implementation, SOC operations, incident response;

Experience in professional services: customer relations, workshops, documentation, presentations

Bilingual – English and French

Job description:
As a Senior Cloud Security Advisor specializing in Microsoft Sentinel , the incumbent will be the cornerstone of the design, implementation, optimization, and maintenance of advanced security solutions based on Microsoft Sentinel for our clients. You will act as a technical expert and strategic advisor, ensuring the protection of their cloud and hybrid environments against emerging cyber threats. This role will be crucial in guiding customers through their security transformation journey, ensuring that solutions are aligned with their business objectives and industry best practices.


Responsabilities:

Design and deploy Microsoft Sentinel architectures tailored to customer needs;

Integrate various data sources (cloud, on-premises, third-party) for unified visibility;

Configure analysis rules, connectors, detection models, and watch lists;

Optimize performance and reduce false positives by adjusting rules;

Automate incident responses with Playbooks (Azure Logic Apps);

Develop scripts (PowerShell, KQL, Python) to automate and validate security;

Collaborate with internal and customer teams, lead workshops, and write reports;

Act as SME of the Sentinel project

**We are Generac, a leading energy technology company committed to powering a smarter world.**
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
The ISMS Lead coordinates and maintains the daily operations of the Information Security Management System (ISMS) Program, ensuring compliance with ISO27001 and alignment with Generac's broader cybersecurity and compliance frameworks. The ISMS lead is the central point of contact for cross-functional control owners, capability teams, and audit stakeholders-supporting evidence collection, risk and control tracking, and the orchestration of ISMS-related deliverables across both internal ISMS assessments and external ISO27001 audits.
The ISMS Lead drives operational excellence through governance coordination, audit readiness, and performance monitoring. This includes facilitating working groups, tracking the Statement of Applicability (SoA), risk register updates, and corrective action plans. The role supports both corporate and subsidiary teams in implementing and sustaining ISMS requirements, helping to foster a culture of compliance and continuous improvement across the organization.
**Major Responsibilities**
+ Coordinates the day-to-day operations of the Information Security Management System (ISMS), ensuring alignment with ISO27001 and Generac's unified governance and compliance frameworks
+ Maintains the GRC platform, supporting timely delivery of compliance activities across policy owners, control implementers, and evidence contributors
+ Facilitates internal ISMS assessments, committee meetings, and working group sessions by preparing agendas, tracking action items, and reporting compliance progress
+ Supports capability teams, subsidiaries, and control owners by clarifying implementation expectations, audit documentation needs, and evidence quality standards
+ Tracks and manages the lifecycle of risks, controls, and corrective actions, including updates to the risk register and the Statement of Applicability (SoA)
+ Coordinate ISMS readiness efforts in preparation for external ISO27001 audits or other applicable certification assessments
+ Develops and refines ISMS-related documentation, including procedures, guidelines, control narratives, and support materials
+ Maintains dashboards and performance metrics related to audit readiness, non-conformity closure, and risk treatment activities
+ Identifies bottlenecks, overdue tasks, and control misalignments, escalating as needed to the IT GRC Capability Manager or Director of InfoSec
+ Ensures consistent version control, evidence traceability, and document quality across all submissions in support of audits or assessments
+ Collaborates with Capability Teams and subsidiaries to ensure control implementation aligns with policy and framework expectations
+ Monitors developments in ISO27001:2022, privacy regulations, and industry best practices to continuously improve the ISMS model and processes
+ Supports onboarding and enablement of new ISMS participants, including training on stakeholder roles, tool usage, and evidence responsibilities
+ Coordinates internal evidence gathering for ISMS assessments and external audits, including document requests, stakeholder interviews, and audit walkthrough preparation
**Minimum Job Requirements**
**Education**
+ Bachelor's Degree with Information Technology focus, or equivalent experience
**Work Experience**
+ 5 years experience in Information Security Management Systems or Cyber Security.
+ Proven experience supporting or coordinating ISO27001 compliance or certification efforts.
+ Experience working within a multi-framework compliance program (e.g., ISO27001, NIST, SOC 2, PCI, GDPR).
+ Understanding of risk assessment methodologies, control mapping, and evidence management practices.
+ Experience with GRC platforms, able to apply prior learnings to new GRC tools.
+ Experience with cross functional coordination, providing guidance to teams across IT and business functions
**Knowledge / Skills / Abilities**
+ Familiarity with cloud service models and control responsibilities in SaaS/PaaS/IaaS environments
+ Strong coordination, documentation, and communication skills for multi-stakeholder collaboration
+ Familiarity with unified control framework initiatives or crosswalks across security and privacy standards
+ Understanding of how compliance maps to internal business processes and capability team structures
+ Ability to coordinate evidence requests, policy updates, and SoA changes in a dynamic environment
+ Experience maintaining compliance metrics, dashboards, or remediation tracking reports
+ Knowledge of key control areas such as access control, data protection, vulnerability management, and incident response
**Preferred Job Requirements**
**Certification / License**
+ Certifications preferred: ISO27001 Lead Implementer or Auditor, CISA, CISSP, CISM, or SCF Certified Practitioner
**Great Reasons to work for Generac**
+ Competitive Benefits: Health, Dental, Vision, 401k and many more
+ Pride! When a storm strikes, Generac employees always rise to the occasion. Each time a storm hits, many employees volunteer their time with the customer support team or on the production line, while others go right into storm-affected areas to repair generators
+ Make a positive impact. Generac has always been community-minded and dedicated to giving back. The company proudly offers a Volunteer Time Off program, inviting team members to participate in charitable volunteer opportunities on company time.
+ We're an inclusive company that celebrates differences and keeps equity and respect at the forefront.
**Compensation:** Generac is committed to fair and equitable compensation practices. The salary range for this role when based in Colorado or California is $120,000 to $150,000. This compensation will ultimately be in line with the location in which the position is filled. Final compensation for this role will be determined by various factors such as a candidate's relevant work experience, skills, certifications, and geographic location.
**Physical Demands** : While performing the duties of this job, the employee is regularly required to talk and hear; and use hands to manipulate objects or controls. The employee is regularly required to stand and walk. On occasion the incumbent may be required to stoop, bend or reach above the shoulders. The employee must occasionally lift up to 25 - 50 pounds. Specific conditions of this job are typical of frequent and continuous computer-based work requiring periods of sitting, close vision and ability to adjust focus. Occasional travel.
_"We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, disability status, protected veteran status, or any other characteristic protected by law."_
Over the 60 plus years of Generac's history, we've been dedicated to energy innovation. From creating the home standby generator market category, to our current evolution into an energy technology solutions company, we continue to push new boundaries.
As one of the leaders and largest suppliers of power generation equipment and technology, the work we do touches millions of lives. Employees at Generac are encouraged to be innovative and are valued as an integral part of our global team. Our challenging goals develop knowledgeable employees dedicated to helping continue Generac's success. Generac provides individuals the opportunity to work in a fast-paced agile work environment where their work makes a difference in people's lives and their own.

Skills Required: Digital: Cloud Security ManagementIdentity and Access Management Implementation, Design & ArchitectureJob Description: Digital Cloud Security Management Identity and Access Management Implementation, Design ArchitectureThe purpose of the Security Architect role is to The Security Architect role, within one or more security domains, defines and oversees the implementation of strategic cyber security capabilities throughContributing to target architecture and roadmapsWorking with others to me-bed security by design and privacy by design into all projectsUndertaking reviews and governance of technology architectureWork with the CISO and Infra team to design security solution meeting standardsDeliver security solutions that progress the overall architecture journey and are aligned to IT StrategyComply with standards, design approaches and governanceDesign and oversee se-crudity solutions for AWS environments, ensuring compliance with industry standardsExpertise in ena-bling security solution utilizing AWS security services such as AWS Security Hub, AWS Config, AWS Macie, AWS Guard Duty and AWS IAM and industry standard security toolsImplement endpoint security measures using CrowdStrike tools such as Falcon Complete, Falcon Insight, and Falcon PreventNice to have certifications such as AWS Certified Security Specialty, CISSP, or CCSPKnowledge of application security using DynatraceCollaborate with teams to integrate security measures throughout the development lifecycleConduct security assessments and risk analysis to identify and mitigate threatsManage IAM solutions, including Intra ID and OKTA for B2B authenticationDirect, hands-on experience or strong working knowledge of managing security infrastructure e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log man-agement technologyDirect, hands-on experience or a strong working knowledge of vulnerability man-agement toolsStay updated with security trends and technologies to address emerging risksExcellent problem-solving and communication skillsKnowledge of cloud native and modern application architectureAbility to balance long-term direction and necessary short-term goalsEffective communication skills with the ability to provide technical guidance to peers and project colleaguesGood stake-holder and relationship managementLeadership skillsExp Required: 10 and above

**Work Location:**
Toronto, Ontario, Canada
**Hours:**
37.5
**Line of Business:**
Technology Solutions
**Pay Details:**
$91,200 - $136,800 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
**Job Description:**
**Job Summary:**
The Senior Information security analyst is responsible for identifying, assessing, prioritizing, and coordinating responses to security vulnerabilities within the organization's systems, applications, and networks. This role requires a deep understanding of vulnerability management, risk assessment, and cross-functional collaboration to ensure timely remediation and alignment with organizational security objectives.
**Key Responsibilities:**
Vulnerability Management and Triage:
+ Oversee the end-to-end vulnerability triage process, including identification, assessment, prioritization, and tracking.
+ Develop and maintain a triage framework that balances risk levels, exploitability, and business impact.
+ Analyze vulnerability reports from various sources (e.g., scanners, penetration tests, threat intelligence) to determine criticality.
+ Ensure vulnerabilities are accurately classified and assigned to the appropriate teams for remediation.
Collaboration and Coordination:
+ Work closely with system owners, application teams, DevOps, and IT infrastructure to drive vulnerability remediation.
+ Act as a liaison between technical teams and business stakeholders to communicate risk and remediation priorities effectively.
+ Collaborate with threat intelligence teams to assess the real-world impact of vulnerabilities.
Risk Assessment and Prioritization:
+ Develop and maintain a risk-based approach to prioritize vulnerabilities based on business context, likelihood of exploitation, and potential impact.
+ Establish timelines for remediation based on severity and compliance requirements.
Process Improvement:
+ Implement and optimize workflows for vulnerability triage and reporting.
+ Continuously review and refine vulnerability management policies, processes, and tools.
+ Stay updated on evolving industry best practices and emerging threats
Reporting and Metrics:
+ Define and track key performance indicators (KPIs) for vulnerability management, such as mean time to remediate (MTTR) and vulnerability closure rates.
+ -Create regular reports on vulnerability status and risk posture for executive leadership and technical teams.
Leadership and Team Management:
+ Manage and mentor the vulnerability triage team, ensuring high performance and professional growth.
+ Provide training and guidance to enhance the team's technical expertise and analytical skills.
+ Foster a culture of security awareness and proactive risk management across the organization.
Container Security
+ Provide technical expertise and oversight for container scanning, container vulnerability prioritization, and remediation.
+ Be a lead contributor to enterprise-level initiatives pertaining to container security and risk remediation.
+ Effectively communicate critical vulnerabilities, their impacts, associated risk, and remediation priorities to cross-functional leadership teams.
+ Help build and enforce technology controls, along with container security standards to ensure best practices are followed, when building and deploying application containers.
+ Influence behavior to reduce risk and foster a strong technology risk management culture throughout the bank.
**Qualifications:**
Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).
Experience:
+ 5+ years of experience in vulnerability management, security operations, or related fields.
+ 2+ years of experience in a leadership or management role
Technical Skills:
+ Expertise in vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7).
+ Knowledge of CVSS (Common Vulnerability Scoring System) and threat modeling.
+ Strong understanding of operating systems, cloud platforms, networks, and application security.
+ Familiarity with compliance frameworks (e.g., ISO 27001, NIST, PCI-DSS).
+ Soft Skills:
+ Strong analytical and problem-solving skills.
+ Excellent verbal and written communication skills, with the ability to present technical information to non-technical audiences.
+ Proven ability to manage multiple priorities and work under tight deadlines.
Preferred Qualifications:
+ Certifications such as CISSP, CISM, CEH, or GIAC.
+ Experience with threat intelligence platforms and integration.
+ Familiarity with automation tools and scripting languages (e.g., Python, PowerShell).
#Li-Tech
**Who We Are:**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more ( Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
**Language Requirement (Quebec only):**
Sans Objet
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.

Requisition ID:

Career Group:
Corporate Office Careers
Job Category:
IT Cyber Security Operations
Travel Requirements:
0 - 10%
Job Type:
Full-Time
Country: Canada (CA)
Province: Ontario; Alberta; Nova Scotia
City: Mississauga / Calgary / Stellarton
Location: Calgary Office, Tahoe Office, Foord St. Office
Embark on a rewarding career with Sobeys Inc., celebrated among Canadau2019s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.
Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better u2013 great experiences, families, communities, and our employees. We are a family nurturing families.
A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.
Ready to Make an impact?
The Senior Specialist, Cyber Incident Management will be a highly experienced and technically adept cybersecurity professional who will lead critical aspects of our security operations and incident response functions. This role demands a proactive individual capable of hands-on investigation and response, while also providing expert guidance, driving the maturity of our DFIR capabilities, and leading the charge during major incidents. You''ll leverage a comprehensive suite of security tools, collaborate extensively with internal and external stakeholders, and be instrumental in continuously enhancing our defensive posture. This position requires an exceptional analytical mind, advanced problem-solving skills, and the proven ability to maintain composure and make sound decisions under significant pressure.
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist - Cyber Incident Management. . This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON. Calgary, AB.
Hereu2019s where youu2019ll be focusing:
Key Responsibilities:
Act as a Senior SME for the Cyber Incident Management team, contributing to day-to-day security operations activities, including alert triage, investigation, and incident containment.
Provide expert guidance and mentorship to Cyber Incident Management Specialists, assisting them with complex investigations, troubleshooting, and decision-making.
Conduct efficient and thorough investigations of security alerts, events, and incidents using a variety of security tools (e.g., SIEM, Firewall, WAF, EDR, IDS/IPS, Email Security Gateways), analyzing security logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine scope and impact.
Drive the continuous fine-tuning and optimization of security use cases within the security solutions to enhance detection efficacy, reduce false positives, and minimize alert fatigue.
Take charge and lead incident response efforts during major security incidents, coordinating activities, defining strategies, and guiding the team through the entire incident lifecycle.
Play a key role in establishing and maturing comprehensive DFIR capabilities, including developing advanced investigation methodologies, tools, and processes.
Develop and refine incident response playbooks, Standard Operating Procedures (SOPs), and other critical operational documentation, ensuring they are current and effective.
Proactively develop and maintain comprehensive documentation for incident response activities, investigation findings, remediation steps, and lessons learned.
Define, track, and report on key metrics monthly to measure the effectiveness of security operations and incident response, identifying areas for improvement.
Prepare detailed and clear incident reports for various stakeholders, including technical teams and senior management.
Build a strong partnership with our Managed Security Service Provider (MSSP) for efficient alert escalation and collaboration by working hand-in-hand with them.
Provide advanced technical support and guidance to other IT & Cyber teams on security best practices, emerging threats, and incident prevention strategies.
#LI-Hybrid
#LI-VJ1
What you have to offer:
Qualifications:
Mandatory:
An undergraduate degree or diploma in computer science, information security, or a related technical discipline.
5+ years of progressive industry experience working in Cybersecurity operations, with a significant focus on Incident Response and Security Operations (SecOps) leadership or senior roles.
Demonstrated expertise in leading and conducting complex security investigations and incident response efforts across various security domains (e.g., network, endpoint, cloud, applications).
Strong understanding of network and system security concepts, including TCP/IP, operating systems (Windows, Linux), common attack vectors, and defensive strategies.
Proficiency in using a variety of security tools and technologies, including but not limited to: SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc.
Excellent analytical and problem-solving skills with a methodical approach to complex investigations.
Strong attention to detail and the ability to work effectively and make sound decisions under pressure during critical incidents.
Ability to work outside of regular business hours, including nights and weekends, to respond to security incidents.
Excellent written and verbal communication skills, with the ability to articulate highly technical information clearly and concisely to diverse audiences, including senior management and non-technical stakeholders.
Strong interpersonal skills, with a proven ability to build rapport, influence, and collaborate effectively with diverse teams, external partners, and vendors.
Advanced industry certification(s) such as GCIH, GCFA, ECIH, OSIR, BTL2, or equivalent.
Nice to have:
Proven experience working directly in or closely with Managed Security Service Providers (MSSPs) at a senior or lead level.
Knowledge and experience working in a complex retail technology environment is highly desired.
Demonstrated experience in developing and implementing Digital Forensics and Incident Response (DFIR) programs, including handling complex and large-scale incidents such as Business Email Compromise (BEC), Ransomware, or advanced persistent threats.
At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.
We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better u2013 physically, financially and emotionally.
Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy.
We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process.
Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:
Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
Access to Virtual Health Care Platform and Employee and Family Assistance Program.
A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
Learning and Development Resources to fuel your professional growth.
Parental leave top-up
Paid Vacation and Days-off
We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.

Requisition ID:

Career Group:
Corporate Office Careers
Job Category:
IT Cyber Security Operations
Travel Requirements:
0 - 10%
Job Type:
Full-Time
Country: Canada (CA)
Province: Ontario; Alberta; Nova Scotia
City: Mississauga / Calgary / Stellarton
Location: Calgary Office, Tahoe Office, Foord St. Office
Embark on a rewarding career with Sobeys Inc., celebrated among Canadau2019s Top 100 employers, where your talents contribute to our commitment to excellence and community impact.
Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better u2013 great experiences, families, communities, and our employees. We are a family nurturing families.
A proudly Canadian company, we started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.
Ready to Make an impact?
The Senior Specialist, Cyber Incident Management will be a highly experienced and technically adept cybersecurity professional who will lead critical aspects of our security operations and incident response functions. This role demands a proactive individual capable of hands-on investigation and response, while also providing expert guidance, driving the maturity of our DFIR capabilities, and leading the charge during major incidents. You''ll leverage a comprehensive suite of security tools, collaborate extensively with internal and external stakeholders, and be instrumental in continuously enhancing our defensive posture. This position requires an exceptional analytical mind, advanced problem-solving skills, and the proven ability to maintain composure and make sound decisions under significant pressure.
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full-time opportunity for a Senior Cyber Security Specialist - Cyber Incident Management. . This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON. Calgary, AB.
Hereu2019s where youu2019ll be focusing:
Key Responsibilities:
Act as a Senior SME for the Cyber Incident Management team, contributing to day-to-day security operations activities, including alert triage, investigation, and incident containment.
Provide expert guidance and mentorship to Cyber Incident Management Specialists, assisting them with complex investigations, troubleshooting, and decision-making.
Conduct efficient and thorough investigations of security alerts, events, and incidents using a variety of security tools (e.g., SIEM, Firewall, WAF, EDR, IDS/IPS, Email Security Gateways), analyzing security logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine scope and impact.
Drive the continuous fine-tuning and optimization of security use cases within the security solutions to enhance detection efficacy, reduce false positives, and minimize alert fatigue.
Take charge and lead incident response efforts during major security incidents, coordinating activities, defining strategies, and guiding the team through the entire incident lifecycle.
Play a key role in establishing and maturing comprehensive DFIR capabilities, including developing advanced investigation methodologies, tools, and processes.
Develop and refine incident response playbooks, Standard Operating Procedures (SOPs), and other critical operational documentation, ensuring they are current and effective.
Proactively develop and maintain comprehensive documentation for incident response activities, investigation findings, remediation steps, and lessons learned.
Define, track, and report on key metrics monthly to measure the effectiveness of security operations and incident response, identifying areas for improvement.
Prepare detailed and clear incident reports for various stakeholders, including technical teams and senior management.
Build a strong partnership with our Managed Security Service Provider (MSSP) for efficient alert escalation and collaboration by working hand-in-hand with them.
Provide advanced technical support and guidance to other IT & Cyber teams on security best practices, emerging threats, and incident prevention strategies.
#LI-Hybrid
#LI-VJ1
What you have to offer:
Qualifications:
Mandatory:
An undergraduate degree or diploma in computer science, information security, or a related technical discipline.
5+ years of progressive industry experience working in Cybersecurity operations, with a significant focus on Incident Response and Security Operations (SecOps) leadership or senior roles.
Demonstrated expertise in leading and conducting complex security investigations and incident response efforts across various security domains (e.g., network, endpoint, cloud, applications).
Strong understanding of network and system security concepts, including TCP/IP, operating systems (Windows, Linux), common attack vectors, and defensive strategies.
Proficiency in using a variety of security tools and technologies, including but not limited to: SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc.
Excellent analytical and problem-solving skills with a methodical approach to complex investigations.
Strong attention to detail and the ability to work effectively and make sound decisions under pressure during critical incidents.
Ability to work outside of regular business hours, including nights and weekends, to respond to security incidents.
Excellent written and verbal communication skills, with the ability to articulate highly technical information clearly and concisely to diverse audiences, including senior management and non-technical stakeholders.
Strong interpersonal skills, with a proven ability to build rapport, influence, and collaborate effectively with diverse teams, external partners, and vendors.
Advanced industry certification(s) such as GCIH, GCFA, ECIH, OSIR, BTL2, or equivalent.
Nice to have:
Proven experience working directly in or closely with Managed Security Service Providers (MSSPs) at a senior or lead level.
Knowledge and experience working in a complex retail technology environment is highly desired.
Demonstrated experience in developing and implementing Digital Forensics and Incident Response (DFIR) programs, including handling complex and large-scale incidents such as Business Email Compromise (BEC), Ransomware, or advanced persistent threats.
At Sobeys we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week. This requirement is integral to our commitment to team collaboration and the overall success of our office culture.
We offer a comprehensive Total Rewards package, which varies by role and designed to help our teammates to live better u2013 physically, financially and emotionally.
Some websites share our job opportunities and may provide salary estimates without our knowledge. These estimates are based on similar jobs and postings for general comparison, but these numbers are not provided by our organization nor monitored for accuracy.
We will consider factors such as your working location, work experience and skills as well as internal equity, and market conditions to ensure the selected candidate is paid fairly and competitively. We look forward to discussing the specific compensation details relevant to this role with candidates who are selected to move forward in the recruitment process.
Our Total Rewards programs, for full-time teammates, goes well beyond your paycheque:
Competitive Benefits Package, tailored to meet your needs, including health and dental coverage, life, short- and long-term disability insurance.
Access to Virtual Health Care Platform and Employee and Family Assistance Program.
A Retirement and Savings Plan that provides you with the opportunity to build and add value to your savings.
A 10% in-store discount at our participating banners and access to a wide range of other discount programs, making your purchases more affordable.
Learning and Development Resources to fuel your professional growth.
Parental leave top-up
Paid Vacation and Days-off
We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.