Job Description

Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada's Top 100 employers where your unique contributions drive success.



The Specialist, Cyber Incident Management will be a hands-on cybersecurity professional responsible for investigating and responding to a wide range of security incidents. You will leverage various security tools, collaborate with internal teams and external partners, and contribute to the continuous improvement of our incident response capabilities. This role requires a keen analytical mind, strong problem-solving skills, and the ability to operate effectively under pressure.



Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a 12 months contract opportunity for a Cyber Security Specialist. This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON; Calgary, AB.

Key Responsibilities:

Conduct efficient and thorough investigations of security alerts, events, and incidents using a variety of security tools, including SIEM, Firewall, WAF, EDR, IDS/IPS, and Email Security Gateways. Analyze security logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine the scope and impact of incidents. Perform initial triage and containment actions to limit the spread and impact of security incidents. Engage with end-users and other teams to validate suspicious activities and gather additional context for investigations. Collaborate closely with our Managed Security Service Provider (MSSP), fostering a strong partnership for seamless alert escalation and information exchange. Effectively escalate security gaps, findings, and critical incidents to appropriate internal teams for timely remediation.

Clearly document incident response activities, investigation findings, remediation steps, and lessons learned for future reference and reporting.

Contribute to the fine-tuning of security use cases within the SIEM to reduce alert fatigue, minimize repetitive alerts, and decrease false positives, enhancing overall security operations efficiency. Collaborate with the Threat Management team in the creation, testing, and refinement of new security use cases and detection rules. Develop and maintain incident response playbooks, Standard Operating Procedures (SOPs), and other operational documentation. Provide technical support and guidance to other IT teams on security best practices, emerging threats, and incident prevention. Participate in on-call rotations, including nights and weekends, to ensure timely response to critical security incidents outside of regular business hours. Stay up-to-date with the latest cybersecurity threats, vulnerabilities, and industry best practices.

#LI-Hybrid #LI-VJ1

Qualifications:

Mandatory:

An undergraduate degree or diploma in computer science, information security, or a related technical discipline. 3+ years of industry experience working in Cybersecurity operations (e.g., SOC Analyst/Specialist, Incident Responder). Strong understanding of network and system security concepts, including TCP/IP, operating systems (Windows, Linux), common attack vectors, and defensive strategies. Proficiency in using a variety of security tools and technologies, including but not limited to: SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc. Excellent analytical and problem-solving skills with a methodical approach to complex investigations. Strong attention to detail and the ability to work effectively and make sound decisions under pressure during critical incidents. Ability to work on on-call rotations, including nights and weekends, to respond to security incidents outside of regular business hours. Excellent written and verbal communication skills, with the ability to articulate technical information clearly to both technical and non-technical audiences. Strong interpersonal skills, with the ability to build rapport and collaborate effectively with diverse teams and external partners. Relevant industry certification such as Security+, CySA+, CEH, or equivalent.

Nice to have:

Proven experience working directly in or closely with Managed Security Service Providers (MSSPs). Knowledge and experience working in a complex retail technology environment is highly desired. Experience in Digital Forensics and Incident Response (DFIR) beyond typical SecOps, involving complex and large-scale incidents such as Business Email Compromise (BEC), Ransomware, or Website Compromise. Advanced technical industry certifications in the field of DFIR, such as GCIH, GCFA, or similar.

Who we are:

We started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.



Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better - great experiences, families, communities, and our employees. We are a family nurturing families.



Our commitment to diversity, equity and inclusion (DE&I) is fuelled by our purpose and values. It shapes our culture and drives business success. As a family nurturing families, we embed DE&I into everything we do. We know that it takes open minds and respect for distinct perspectives to create engaging workplaces, inclusive customer experiences and strong community partnerships. We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process.

What we offer:

Our Total Rewards package is designed to help our teammates thrive--physically, financially, and emotionally. While offerings vary by role and employment type (full-time, part-time, contractual), eligible teammates may receive:



Comprehensive Benefits Package with health and dental coverage, life insurance, and short- and long-term disability insurance. Access to Virtual Health Care and an Employee and Family Assistance Program for personalized support. Retirement and Savings Plan to help you build financial security. 10% In-Store Discount at participating banners, plus additional discount programs. Employee Share Ownership Plan (ESOP), giving you the opportunity to invest in the company's success. Learning and Development Resources to support your career growth. Parental Leave Top-Up to assist growing families. Paid Vacation and Days Off to help you recharge.

Sobeys is committed to providing a compensation structure that is flexible, equitable and competitive in the market to enable performance and growth. To learn more about this opportunity--including expected range of compensation in accordance with Pay Transparency Legislation where required --please click the "I'm interested" button above. Individual Compensation is determined based on qualifications, experience, and internal equity within the range provided.



External websites may share our organization's job postings which includes compensation information based on similar roles and market benchmarks. These figures are provided for general comparison purposes only and are not issued or verified by our organization..



To drive our commitment to team collaboration and the overall success of our office culture we require our teammates to have the ability to adhere to a hybrid work model that requires your presence at one of our office locations at least three days per week.



If you feel that this describes the kind of work you want to do and you are excited about what Sobeys has to offer, then please apply by the posting end date indicated above. We encourage candidates to submit a resume and take the time to ensure that their application highlights what makes them uniquely qualified for this opportunity!