Job Specifications
Ready to Transform Retail? Embark on a rewarding career with Sobeys Inc., celebrated among Canada’s Top 100 employers where your unique contributions drive success.
Sobeys is full of exciting opportunities, and we are always looking for bright new talent to join our team! We currently have a full time opportunity for a Senior Cyber Security Specialist. This role can be based out of one our main offices including: Stellarton, NS; Mississauga, ON. Calgary, AB, Burnaby, BC
We’re seeking a Subject Matter Expert (SME) who will lead both detection engineering and proactive threat hunting to design, implement, and continuously improve our detection logic and hunt operations across retail and enterprise environments. The role blends advanced SIEM/EDR content engineering with hypothesis driven hunts and actionable threat intelligence to build a threat informed defense.
Key Responsibilities
Detection Engineering
Design, author, and maintain high fidelity detection rules and behavioral analytics across SIEM/EDR (e.g., Azure Sentinel or Elastic Stack or Splunk SPL for detections and dashboards).
Parse/normalize diverse log sources (POS systems, payment gateways, e commerce platforms, cloud services, and network devices) to ensure consistent, log data.
Perform detection gap analysis, recommend architecture improvements, and document use cases in a detection content catalog/knowledge base.
Threat Hunting & Threat Intelligence
Lead hypothesis driven hunts using MITRE ATT&CK and behavioral analytics to uncover ransomware, data exfiltration, POS malware, supply chain compromises, card skimming, cloud misconfigurations, and insider fraud.
Integrate curated threat intelligence (including retail focused actors such as FIN6 and current ransomware groups) into hunting and detection pipelines; produce actionable reports and executive briefings.
Automation, SIEM/EDR Operations & Response
Build automation to streamline alert triage and response; optimize SIEM dashboards and data models for retail specific visibility.
Partner with IR/SOC to operationalize detections and hunts; track efficacy and continuously tune for false positive reduction.
Collaboration & Leadership
Collaborate closely with SOC, IR, and engineering teams; mentor junior analysts and lead knowledge sharing sessions.
Communicate status, risks, and outcomes to stakeholders; drive threat informed risk assessments and posture improvements.
Project & Program Management
Own end to end delivery of detection and hunting initiatives (scope, timelines, resources, deliverables) aligned to compliance and business objectives.
Qualifications & Requirements
SIEM/EDR Expertise: Advanced Splunk SPL; hands on with SIEM (Splunk, QRadar) and EDR tools.
Log Engineering: Proven experience normalizing/ingesting logs from POS, payment systems, e commerce, cloud, and network devices.
Threat Informed Defense: Ability to operationalize threat intelligence and conduct ATT&CK aligned hunts.
Cloud Security: Working knowledge of AWS, Azure, GCP in retail environments.
Compliance & Privacy: Strong understanding of PCI DSS for payment security monitoring and familiarity with GDPR/CCPA.
Scripting & Automation: Proficiency in Python and PowerShell for data parsing, enrichment, and workflow automation.
Retail Threats & Fraud: Experience with ransomware, card skimming, insider fraud, loyalty program and e commerce fraud patterns.
Preferred Certifications
GIAC GCDA, GCIA, GCFA, GCTI; OSCP; PMP (or equivalent).
What Success Looks Like (KPIs)
Increased ATT&CK coverage and validated detections for priority TTPs.
Reduced mean time to detect (MTTD) and false positive rates through tuning and automation.
Regular delivery of high quality hunt reports, executive briefings, and detection content with measurable impact.
Who We Are
We started in a small town in Nova Scotia but we are now in communities of all sizes across this great country. With over 1,600 stores in all 10 provinces, you may know us as Sobeys, Safeway, IGA, Foodland, FreshCo, Thrifty Foods, Lawtons Drug Stores or another of our great banners but we are all one extended family.
Our family of 128,000 employees and franchise affiliates share a collective passion for delivering exceptional shopping experiences and amazing food to all our customers. Our mission is to nurture the things that make life better – great experiences, families, communities, and our employees. We are a family nurturing families.
Our commitment to diversity, equity and inclusion (DE&I) is fuelled by our purpose and values. It shapes our culture and drives business success. As a family nurturing families, we embed DE&I into everything we do. We know that it takes open minds and respect for distinct perspectives to create engaging workplaces, inclusive customer experiences and strong community partnerships. We are committed to accommodating applicants with disabilities throughout the hiring process and will work with applicants requesting accommodation a
About the Company
As one of only two national grocery retailers in Canada, Sobeys Inc. serves the food shopping needs of Canadians with more than 1,500 stores in 10 provinces with retail banners that include Sobeys, Safeway, IGA, Foodland, FreshCo, Price Chopper, Thrifty Foods and Lawtons Drugs, as well as more than 330 retail fuel locations. Our five core retail food formats are designed to ensure that we have the right offering in the right-sized stores for each individual market we serve -- from our full service format to the convenience f...
Know more