Why is this role important?
We are currently seeking an Infrastructure Security Engineer to support the Platform Engineering team within Loblaw Technology.
The successful candidate will meet the following criteria :
Skills and Responsibilities
Assist with integration of our security policies and configuration in our data ecosystem, platforms, and toolsImplement, operate, and monitor cloud security toolsWork with other teams to identify, resolve, and mitigate vulnerabilities in their systems.
Provide tuning recommendations of cloud security tools based on traffic patterns.Stay up-to-date with trends in the information security community including new vulnerabilities, methodologies, and products.
Identify malicious or anomalous activity based on event data from access logs, firewalls, WAF, IPS, and other sources.Analyze latest capabilities of specific Information Security (e.
g. Cloud services, encryption, PKI etc.) and IT technologies (e.g. operating systems, networks, storage, virtualization etc.
Create, publish, and maintain Information Security baselines for specific technologies (e.g. operating systems, databases).
Operate and maintain hardware and software of Information Security solutions and technologies (e.g. firewalls, intrusion prevention (IPS), web application firewalls (WAF), web proxies).
Monitor and troubleshoot systems, tools and / or networking solutions. Perform investigative research, analysis and troubleshooting on complex security issues.
Experience building and securing infrastructure as code using CloudFormation, Ansible, GitLab, Terraform and / or similar toolsFluency with one or more scripting / coding languages (e.g. PowerShell, bash, Python)
Preferred Qualifications and Other Required Attributes
Bachelors of Science degree in Computer Science, Engineering, Computer Security, Information Systems, or a related field, OR comparable level of professional experience.
Six or more years of related experience in Information Security, Cybersecurity, Identity and Access Management (IAM) and / or Information Technology to include accountability for complex tasks and / or projectsFoundational knowledge of security concepts and principlesCloud security experience (GCP preferred) and / or Software as a Service (SaaS) security experienceAccredited certifications such as : Google Professional Cloud Security Engineer preferredKnowledge of attack vectors (malware, web application, social engineering, etc.
and attack surfaces (ports, firewalls, incoming data processing, interfaces, etc.)Experience with open source technologies and environments.
Implemented and supported security monitoring devices.Previous System Administration or Desktop Support experience.Automation and scripting experience in Python or similarStrong problem-solving skills - ability to take a process perspective in solving problems.
possesses an ability to convert abstract, complex information into concrete material and ideas that can be easily understood