Job Description

Position Summary:

Under the direction of the Senior Manager of Security, the Information Security Officer is accountable for ensuring the security, integrity, and availability of the company's information assets. This includes sustaining and improving a comprehensive information security program and ensuring compliance with our policies and standards. They will safeguard information by applying operational rigor to our security activities and by seeing that security risks are identified, assessed, reported, and accurately mitigated. They will work closely with various departments to promote a security-conscious culture and protect the organization from cyber threats.

Competencies Critical for Success:

Strong understanding of network and asset security architecture, endpoint protection, and cloud security best practices Experience with Security Information and Event Management (SIEM): Advanced correlation, threat hunting, threat detection, and analytics Experience with behavioural analytics, anomaly detection, security monitoring techniques. Security Incidents: Working through complex security incidents from detection to closure. Malware analysis: Skills in malware analysis including debugging, unpacking, and sandbox detonation and analysis. Active Directory, Entra ID, and Identity Management: Strong understanding of AD architectures, LDAP, SSO, Okta, and common attack vectors agains identity structures. Operating System Security: Comprehensive knowledge of Windows, Linux security mechanisms and hardening techniques including CIS Benchmarking standards Strong understanding of network protocols, traffic analysis and network-based detection techniques.

Primary Responsibilities:

Operate and improve our information security program according to our policies, standards, and procedures. Perform advanced monitoring and analysis of security alerts and system logs using monitoring tools, investigating and escalating potential security incidents. Analyze and validate escalated security alerts. Conduct detailed log analysis and forensic investigations of potentially affected systems during security events, documenting findings thoroughly. Support the vulnerability management program by technically validating scan results, prioritizing critical findings, and assisting technical teams in remediation planning and execution. Execute tactical remediation and configuration changes to mitigate technical vulnerabilities, and to ensure adherence to security policies and compliance mandates. Design and implement security monitoring improvements, finding areas for automation workflows. Collaborate across all technology teams to enforce secure configuration standards (baselines) and provide technical security requirements related to network devices, operating systems, cloud environments, and core applications. Document findings, technical methodologies, and lessons learned from security incidents. You have excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and nontechnical audiences at various hierarchical levels, ranging from senior management to technical specialists.

Additional Duties and Expectations:

Promote QHR's "Blue Culture" framework to foster a collaborative, positive and efficient workplace, Contribute to the organization's positive image both internally and externally, Perform other duties consistent with the position, as reasonably directed by your manager.

Qualifications, Education and Experience Requirements:

Minimum of 5 years recent experience in the Information Security field or related position. Relevant IT/Computer Engineering degree or diploma, or equivalent experience required Strong understanding of SIEM technologies and log analysis tools for event monitoring, threat detection, and incident response. Experience building, maintaining and ingesting threat feed data to enhance threat intelligence and proactive security measures. Knowledge of compliance and regulatory program requirements, intimate knowledge of Security Frameworks (NIST Cybersecurity Framework, SOC 2) Understanding of these key security control areas including: IPS/IDS, Penetration Testing, Patch Management/Vulnerability Management, System and Network Security Hardening, Data Loss Prevention Multi-factor authentication Experience with modern security solutions; EDR, WAF, JWT, Application Control, etc. Demonstrate an in-depth knowledge of Information Security risk and industry best practices.

Assets:

Relevant industry security certifications such as Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP), Systems Security Certified Practitioner (SSCP). Experience in Splunk Enterprise Security. Ability to perform advanced SPL queries to create and review security alerts, correlation searches, dashboard development, and report generation. Experience working in Microsoft Azure Defender for Cloud (MDC), Identity and Access Management (IAM), and Azure monitoring and logging analytics. Experience working with and applying principles from the NIST Cybersecurity Framework (CSF), specifically the structure, functions, and key activities within the current NIST CSF 2.0

Compensation and Logistics:

Base salary, variable bonus established at the corporate level, competitive benefits package Full-time permanent No travel required

QHR is a dynamic, high-growth Canadian technology company and division of Loblaw Companies Limited. Our mission is to unite Canadian Healthcare, connecting Providers and their Patients to information and each other.