Job Description

JOIN OUR TEAM



Metro Supply Chain is a strategic supply chain solutions partner to some of the world's fastest growing and most reputable organizations. For 50 years, it has excelled at tailoring integrated, data-driven solutions, fueled by advanced systems and technology, that fulfill complex and challenging distribution needs. Managing 19 million square feet operating out of more than 175 sites across North America and Europe with a team of 9,000, it is one of Canada's largest privately owned supply chain solutions companies. Metro Supply Chain is a 2024 winner of the Canada's Best Managed Companies program, recognized for its strategic expertise, culture of innovation and commitment to its people and local communities.



SUMMARY

The Senior Cyber Security Specialist is a technical advocate for the organization's information security needs and must have in-depth understanding of the information security domain. The individual must be able to support strategic and tactical plans, including direct engagement and delivery in technical matters. They must be comfortable articulating and presenting complex concepts to business stakeholders and technical contributors.



Responsibilities & Deliverables

Implementing security architecture leveraging Metro SCG's existing and future state security technology and controls. Design, build, and implement security systems for a global organization. Developing and Consulting on server, desktop, network, IoT, and cloud security baselines. Providing significant technical security design contributions to high profile technology projects. Partner with other IT teams, translating higher level architectures into meaningful tactical plans that address full stack security requirements, implementation needs and ongoing operational compliance. Engaged in Identity and Access Management (IAM) duties including: Ensure the provisioning and management of credentials across multiple systems maintains alignment with the provisions of the information security management system (ISMS). Undertake regular supervisory inspections for non-compliant accounts (non-expiring passwords, stale/locked-out accounts, etc.). Take lead in regular IAM reviews including quarterly employment verification and privilege revalidation exercises. Align standards, frameworks, and security controls with overall organization and technology strategy. Design security architecture elements to mitigate threats as they emerge. Create solutions that balance business requirements with security requirements. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements. Review of current security measures and implementation of security enhancements. Partner with subject matter experts throughout the firm to properly implement security that provides the necessary confidentiality, integrity, and availability of systems and data.

Qualifications and Required Experience

5 years of previous experience designing, implementing, and integrating security controls into enterprise workflows preferred. Demonstrate strong facilitation, negotiation, interpersonal, communication and collaboration skills. Hands-on experience with Microsoft Azure and M365 platforms. Hands-on experience working with IAM solutions such as AD, Azure AD/Connect and various cloud security tools. Strong technical knowledge within the security environment including installation, administration, performance analysis, capacity planning and systems management integration. Demonstrated ability to understand business requirements and recommend security solutions to meet business objectives. Knowledge of, or hands-on experience with security technologies of the following functions: NGFW, VPN, IPS/IDS, vulnerability management, WAF, DDoS mitigation, PKI, key management, IAM/PAM, DLP, UEBA, SIEM, endpoint security, threat intelligence. Experience with encryption technologies and techniques in Cloud (Cloud KMS, HSM, IAM, etc.), Directory Services, Authentication, Authorization, Privilege Access Management solutions, PKI, SSO, Data security, etc. Familiarity with one or more of the following Security Architecture standards is an asset: SABSA, TOGAF, NIST, ISO 27002. CISSP, OSCP, Azure Security Engineer Associate, or other relevant certifications preferred.

Why Join Us

Work in an environment where safety is our first priority The opportunity to build a career with a growing company Medical, dental, and vision coverage for you and your family Life and disability insurance Wellness programs to support your family's well-being A Retirement Savings Program with a company match Company team wear allowance Employee Appreciation Day Company sponsored social events Community volunteering

We are an equal opportunity employer committed to building and fostering a diverse workplace where people feel included and valued. We encourage applications from all qualified individuals.

Should you require accommodation for a special ability or need during the recruitment process, please reach out to a member of our Human Resources Team.