Why is this role important?
Reporting to the Sr. Manager, the Information Security Analyst will play key role in the security monitoring Data Leak / Loss Prevention (DLP) events, investigating the issues and incidents, maintaining and enhancing DLP incident response procedures and playbooks as well as use multiple tools and technologies in order to identify and respond to threats across the Loblaw Companies Limited (LCL).
WHAT YOU WILL DO :
You will be responsible for the Data Leak / Loss Prevention program through all stages of incident management process : starting from incident / event detection, analysis, containment, eradication, recovery and finally post-event review.
You will work with a team of cyber security professional like you on to evolve a team and operational procedures to establish best in class capabilities for DLP incident detection, response and remediation.
You will work with technology and infrastructure leaders from across the LCL family of companies and key suppliers, partners, vendors, and managed service providers.
Your deep knowledge of DLP security tools and technologies, PHI, PII, various rules and regulations related to privacy will help us to detect, respond and protect LCL from internal threats.
To support this mandate, you will work with technology and infrastructure leaders, managed security and threat intelligence service providers to develop, automate, maintain and evolve DLP incident response playbooks, including practice drills, tabletop exercises, communications protocols, procedures, templates for consistent flow of the right information to the right people from front line staff and up to the board.
The Cyber Security Command center operates 7x24 across Canada and works closely with a variety of cybersecurity partners other LCL stakeholders including IT Infrastructure, Network, Applications Privacy, Loss Prevention, HR and Legal, specifically building and maintaining an internal LCL community of technology and infrastructure leaders around cybersecurity incident detection and response.
develop, automate, maintain and evolve DLP management and review process, Data Protection tools configuration; participate is practice drills, table top exercises, to ensure accuracy of communications protocols, procedures, templates for consistent flow of the right information to the right people from front line staff and up to the board.
To ensure the protection of LCL from cybersecurity threats, the Information Security Analyst, Data Protection will also be a key player and part of a team providing world-class security operations capabilities and a capability aligned with our strategic direction.
The Information Security Analyst Security will also be working on supporting and reviewing the rules with the Senior Specialists, Privacy Office, Asset Loss Prevention and Fraud teams.
The Information Security Analyst might be required to participate in an after-hours security incident investigations.
WHAT YOU WILL NEED :
A Bachelor's Degree or Diploma in a relevant area of study with a preference for Computer Science or Computer EngineeringMinimum of 2-3 years of experience in Information Technology especially in Data Protection.
Minimum of 1 year experience in Cyber Security incident management process as SOC analyst.Knowledge in Federal, Provincial and Global Data Protection law, regulations and practice including but not limited to Canadian Privacy Act, PIPEDA, federal Bank Act, PCI-DSS and European GDPR.
Experience in Antivirus, Data Loss Prevention and Endpoint protection tools like Symantec DLP, Forcepoint, McAfee DLP. Experience in endpoint protection and response (EDR) tools like Crowdstrike, Cortex XDR, Windows Defender EDR.
Knowledge of Microsoft data protection technologies embedded to Office365, Cloud Application Security Azure.Experience in Email Data Loss Prevention solutions like Proofpoint and Symantec.
Experience in Cloud Loss Prevention solutions like CISCO Umbrella, Zscaler, PaloAlto , McAfee, Akamai.Experience in CASB technology and tools like MCAS, MVision / Skyhigh, ForcepointExperience in data encryption, masking and tokenization.
Knowledge of PGP, OpenSSL, PKI and certificate management, symmetric and asymmetric encryption, SSL decryption. Knowledge in security automation and orchestration tools (Demisto, Phantom, Cyber Response, ServiceNow Security).
Experience in RegEx scripting is an assetKnowledge of networking and security protocols (TCP / UDP, SSL / TSL), technologies for SSO and MFA authentication, Windows and Linux hardening, CIS benchmark.
Prior experience as a SOC incident handler will be an asset.Industry certifications (ISC2 : CISSP, CCSP, ISACA : CISM, SANS : GSEC, GCIA, GMON) are strong assets