A leading North American grocery retailer is seeking an experienced Information Security Engineer to join its dynamic IT team. This role is responsible for safeguarding enterprise systems, networks, and data by implementing and maintaining security controls, responding to threats, and promoting security best practices across the organization.
The ideal candidate brings a strong technical foundation, hands‑on security experience, and a proactive mindset in identifying and mitigating risk in a complex, evolving environment.
What You’ll Do
- Implement, maintain, and enhance security policies, standards, and controls across enterprise systems.
- Monitor, detect, investigate, and respond to security threats, vulnerabilities, and incidents.
- Conduct risk assessments prior to system deployments and perform periodic security audits on live environments.
- Manage and optimize security tools, including SIEM, IDS/IPS, and Data Loss Prevention (DLP) solutions.
- Remediate and patch vulnerable systems to reduce security exposure.
- Investigate security breaches and produce detailed incident reports with remediation strategies.
- Promote security awareness and best practices across technical and non‑technical teams.
- Stay current on emerging threats, industry standards, and regulatory requirements.
- Ensure compliance with regulatory frameworks such as PCI, PII, CASL, and other applicable security mandates.
- Provide off‑hours support and participate in on‑call or shift rotations as required.
- Perform additional duties as assigned by senior management.
Required Skills:
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field (or equivalent practical experience).
- 7–10 years of total IT experience, with a minimum of 3 years in information security or a closely related role.
- Experience designing and supporting secure networks, systems, and application architectures.
- Proven hands‑on experience working with a wide range of infrastructure hardware.
- Strong working knowledge of Windows and Linux system architecture and administration.
- Familiarity with risk management methodologies and security best practices.
- Hands‑on experience with security technologies such as SIEM, IDS/IPS, and DLP.
- Security certifications (e.g., CISSP) are considered an asset.
- Strong analytical, problem‑solving, and investigative skills with high attention to detail.
- Excellent communication and interpersonal skills with a service‑oriented approach.
- Ability to work effectively in a fast‑paced, evolving security landscape.
- Fluency in written and spoken English.
- Ability to communicate in Mandarin and/or Cantonese is an asset.
