Job Title

Overview Senior Cyber Security Specialist - Cyber Incident Management . Join to apply for the Senior Cyber Security Specialist - Cyber Incident Management role at Sobeys. Requisition ID: 189805 Career Group: Corporate Office Careers Job Category: IT Cyber Security Operations Travel Requirements: 0 - 10% Job Type: Full-Time Country: Canada (CA) Province: Ontario; Alberta; Nova Scotia City: Mississauga / Calgary / Stellarton Location: Calgary Office, Tahoe Office, Foord St. Office Embark on a rewarding career with Sobeys Inc., celebrated among Canadas Top 100 employers, where your talents contribute to our commitment to excellence and community impact. Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better great experiences, families, communities, and our employees. We are a family nurturing families. A proudly Canadian company, Sobeys started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family. Role Summary The Senior Specialist, Cyber Incident Management will be a highly experienced and technically adept cybersecurity professional who will lead critical aspects of our security operations and incident response functions. This role demands a proactive individual capable of hands-on investigation and response, while also providing expert guidance, driving the maturity of our Digital Forensics and Incident Response (DFIR) capabilities, and leading the charge during major incidents. Youll leverage a comprehensive suite of security tools, collaborate with internal and external stakeholders, and continuously enhance our defensive posture. This position requires an exceptional analytical mind, advanced problem-solving skills, and the ability to maintain composure and make sound decisions under pressure. Location : Based out of one of our main offices, including Stellarton, NS; Mississauga, ON; Calgary, AB. Key Responsibilities Act as a Senior SME for the Cyber Incident Management team, contributing to day-to-day security operations activities, including alert triage, investigation, and incident containment. Provide expert guidance and mentorship to Cyber Incident Management Specialists, assisting them with complex investigations, troubleshooting, and decision-making. Conduct efficient and thorough investigations of security alerts, events, and incidents using security tools (SIEM, Firewall, WAF, EDR, IDS/IPS, Email Security Gateways), analyzing logs, network traffic, and endpoint data to identify indicators of compromise (IOCs) and determine scope and impact. Drive continuous fine-tuning and optimization of security use cases to enhance detection, reduce false positives, and minimize alert fatigue. Lead incident response efforts during major security incidents, coordinating activities, defining strategies, and guiding the team through the incident lifecycle. Develop and mature comprehensive DFIR capabilities, including investigation methodologies, tools, and processes. Develop and refine incident response playbooks, SOPs, and other operational documentation; ensure they are current and effective. Proactively document incident response activities, investigation findings, remediation steps, and lessons learned. Define, track, and report on key metrics monthly to measure the effectiveness of security operations and incident response, and identify areas for improvement. Prepare detailed incident reports for technical teams and senior management. Build a strong partnership with the Managed Security Service Provider (MSSP) for efficient alert escalation and collaboration. Provide advanced technical support and guidance to other IT & Cyber teams on security best practices, emerging threats, and incident prevention strategies. Qualifications What you have to offer : Mandatory An undergraduate degree or diploma in computer science, information security, or a related technical discipline. 5+ years of progressive industry experience in Cybersecurity operations, with a focus on Incident Response and SecOps leadership or senior roles. Demonstrated expertise in leading and conducting complex security investigations and incident response across network, endpoint, cloud, and applications. Strong understanding of network and system security concepts (TCP/IP, Windows/Linux, attack vectors, defensive strategies). Proficiency with security tools and technologies (SIEM, EDR, IDS/IPS, Firewalls, Email security gateways, Proxy, etc.). Excellent analytical and problem-solving skills with a methodical approach to investigations. Ability to work under pressure during critical incidents with attention to detail and sound decision-making. Ability to work outside regular hours, including nights and weekends, to respond to incidents. Excellent written and verbal communication for diverse audiences, including senior management. Strong interpersonal skills with ability to collaborate with diverse teams, external partners, and vendors. Advanced industry certifications such as GCIH, GCFA, ECIH, OSIR, BTL2, or equivalent. Nice To Have Experience with Managed Security Service Providers (MSSPs) at a senior/lead level. Experience in a complex retail technology environment is highly desired. Experience developing and implementing DFIR programs, including handling large incidents such as BEC, Ransomware, or APTs. We offer a hybrid work model requiring presence at one of our office locations at least three days per week. This supports collaboration and our office culture. We offer a comprehensive Total Rewards package, tailored to role, designed to help teammates live better physically, financially, and emotionally. We will consider factors such as location, experience, skills, internal equity, and market conditions to ensure fair and competitive compensation. Specific details will be discussed with candidates selected to move forward. Our Total Rewards programs for full-time teammates include: Competitive Benefits Package, including health and dental, life, short- and long-term disability insurance. Access to Virtual Health Care Platform and Employee and Family Assistance Program. A Retirement and Savings Plan. 10% in-store discount at participating banners and other discount programs. Learning and Development Resources. Parental leave top-up Paid Vacation and Days off. We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation at any stage of this process. Seniority level Mid-Senior level Employment type Full-time Job function Engineering and Information Technology Retail #J-18808-Ljbffr