Job Description

COMPANY OVERVIEW
The Globe and Mail is a national icon and Canada's most recognized media brand.
We're also an international award winner for data visualization, design, and creative storytelling. A digital innovator with a global client list for our in-house AI-powered optimization, prediction and automation platform. And a place where Canadians come for the best journalism in the country.
We aim to reflect Canada in the stories we tell and in our workforce. The Globe is a proud partner of Pride At Work, Canadian Centre for Diversity and Inclusion, and a signatory of the BlackNorth Initiative. We understand our staff have lives outside of the office and offer flexible work arrangements and support programs. We also provide training and mentorships to staff to ensure you're able to grow and challenge yourself and your abilities.
No matter what your role at The Globe, you'll be part of an organization dedicated to making a difference to Canada.
WORKING AT SOPHI
Sophi was created within the walls of The Globe and Mail, a national icon and Canada's most recognized media brand. The Globe knew that transformation was required in the media space and developed a solution to help them do just that. After achieving incredible results at The Globe, Sophi was commercialized to benefit content publishers around the world. We then began adapting Sophi technologies to address similar problems in other industries.
Sophi is dedicated to bringing about business transformation, by unlocking the value of content and optimizing the user journey. We are an agile software development team consisting of Machine Learning and Software Engineers, Data Scientists, DevOps, Front End Developers, UX, QA, Product Managers, Scrum Masters as well as sales and marketing professionals on the non-technical side. As a member of the Sophi team, you'll have the opportunity to work with the best and brightest in data science and engineering, and get valuable exposure to new technologies and best practices.
Sophi offers competitive pay and flexible work arrangements. Our headquarters are located on the top floors of 351 King Street East in Toronto, offering an innovative work environment with breathtaking views of the city when you're in the office.
POSITION OVERVIEW:
The Globe and Mail is looking for a cloud focused security professional to join an innovative technology team. This role is a technical position on a diverse team building the next generation of commercial editorial intelligence data platform https://sophi.io
You will serve as a key member of our information security team, working jointly with the DevOps team, application and network team supporting the day-to-day security operations for both our clouds, on premise and infrastructure deployments. You will work closely with our internal teams and security partners in troubleshooting, monitoring, detecting, analyzing, and determining remediation efforts for security risks, events, and incidents.
In addition, you will mentor other team members to cultivate a security by design culture and participate in the development of cloud and network security strategies. This position requires a high degree of technical skill, innovation, and keen ability to deal effectively with incidents response and a genuine interest in staying current with new and emerging trends, theories, standards, and security related technologies.
KEY RESPONSIBILITIES:

• Develop security automation and monitoring in public cloud environments AWS services and container environments (Kubernetes/EKS), across the key pillars of security such as, Identity and Access Management, security logging, incident response, data protection, security governance, security analytics, vulnerability management, platform and application threat modeling, Containers security. Proven experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes secure software development and application Security, data protection, cryptography, key management, identity and access management (IAM) and network security.
• Work closely with our internal and external partners to provide operational support, maintenance including day-to-day change request, problem resolution, rule and policy compliance and implementation, security tool deployments, user administration, parsing through event logs/files, SIEM alerts and data, analyzing and determining security related issues.
• Work in collaboration with application and the DevOps team to identify, communicate and prioritize security requirements, research and evaluate viable solutions from a security perspective, coordinating deployment and communicating with impacted parties and technology partners while referencing and applying related industry best practices.
• Able to drive and implement and manage security initiatives for the organization.
• Contribute to, implement and enforce security policies, perform risk management assessments and assist with audit, compliance and changes in strengthening the overall security posture.
• Advocate and drive the change to integrate security into the delivery lifecycle and product map and be a security enabler.
• Review and document the security technical architecture of the various clouds environments.
• Ability to do perform process mapping and translate complex technical concept into simple flows.
• Provide off-hours support when necessary and respond to emergencies in a timely manner

REQUIREMENTS:

• 5+ years of system and security administration experience with networking, information systems, security controls, and information security concepts.
• Understanding fundamental cloud computing, networking and security concepts and technologies.
• Experience with Infrastructure as code tools including Terraform, Python, Bash, Helm Charts, CloudFormation.
• Experience with containers and container orchestration technologies, including Docker and Kubernetes.
• Demonstrated experience and/or familiarity with tools used for security analysis.
• Expertise using the following: Sysdig and Cloud Watch. Guard Duty and other AWS Native Security Tools. Nice to have AWS Athena, DataDog.
• Excellent communication (verbal and written), interpersonal & presentation skills. Capable of writing proposals, procedures, policies, & technical documentation with the ability to engage directly with senior leadership.
• Ability to discover and communicate deep technical issues in terms of business risk with nonexperts and senior leaders.
• An understanding of Identity and authorization provider technologies (OAuth, SAML, OIDC, Identity Federation).
• Advanced knowledge of troubleshooting, log analysis, event correlation, and data analysis with a strong understanding of TCP/IP and networking.
• Knowledge of network security tools. (e.g.tcpdump, Wireshark, snort, ngrep, nmap, systools).
• Provide technical services and support for the following areas, WAN connectivity, routers, Network and application firewalls, and Infrastructure security, cloud network infrastructure and partner interconnects.
• Demonstrated interest and experience in threat modeling
• Preferred security certifications: AWS certified security specialty, CISSP, CCSP, CSIM CompTIA Security+,

SALARY: Commensurate with qualifications and experience
VACCINATION POLICY:
All offers of employment with The Globe and Mail are conditional upon the candidate being Fully Vaccinated. To be Fully Vaccinated is defined as someone who has received the full series of a vaccine or a combination of vaccines accepted by the Government of Canada (currently Pfizer, Moderna, AstraZeneca, Janssen) and has received the last dose at least 14 days prior to their start date. To prove they are Fully Vaccinated, all new hires will be required to provide evidence by emailing a copy of their vaccine dose administration receipt(s) to Human Resources prior to their start date. Those seeking exemption based on one or more of the protected grounds in the Human Rights Code will need to provide their request for accommodation to Human Resources for approval. If the accommodation request is not approved and the candidate is not Fully Vaccinated, any offer of employment will be revoked.
THE GLOBE AND MAIL IS DEDICATED TO DIVERSITY AND INCLUSION IN THE WORKPLACE
The Globe and Mail is committed to fostering an inclusive, accessible work environment, where all employees feel valued, respected and supported. We believe this strengthens our business and our journalism. We welcome and encourage applications from individuals from all groups, regardless of race, ethnicity, culture, gender, sexual orientation, religion, socio-economic status, age, and physical ability. As required by the Federal Contractors Program, The Globe also tracks the proportion of staff in the four Employment Equity categories (Women, Aboriginal Peoples, Persons with Disabilities, and Members of Visible Minorities) to ensure we are reflecting the areas in which we work.
The Globe and Mail offers accommodation for applicants with disabilities as part of its recruitment process. If you are contacted to arrange for an interview, please advise us if you require an accommodation.