Some of what you will do:
Staples Canada is looking for a Security Operations Analyst who will report to the Sr. Director, Cybersecurity. In this role, you will act as an escalation point for alerts and investigations triaged by our Managed Security Services Provider, support incident response activities, and help operate and improve Staples Canada’s security monitoring, vulnerability management, awareness, and response capabilities. As part of a small cybersecurity team, you will wear multiple hats across security operations, security tooling, reporting, communications, and project support. You will work closely with IT Operations, infrastructure, cloud, retail technology, and vendor teams to help protect corporate, e-commerce, cloud, and retail store environments.
Specifically, You Will:
Monitor, analyze, investigate, and escalate cybersecurity events across corporate, cloud, e-commerce, and retail store environments.
Review and action security alerts, reports, and escalations from MSSP providers and internal security tools.
Triage messages sent to the Cybersecurity Shared Mailbox and ensure timely routing, response, or escalation.
Support security projects related to the implementation, maintenance, and improvement of cybersecurity tools, processes, and capabilities.
Assist with compliance-driven security activities, including PCI, payment environment security, vulnerability awareness, and related reporting requirements.
Coordinate with IT Operations, store technology, infrastructure, cloud, and vendor teams to support investigations, remediation activities, incident response playbooks, and documentation standards.
Physical Environment/Working Conditions:
- On-site Office environment
- Participate in an on-call rotation when required
- May require 5% travel within North America and travel to retail stores.
- May require working hours in the evenings and weekends as required by the business
Some of what you need:
- Understanding of cybersecurity operations, incident response, vulnerability management, security monitoring, and common SOC processes.
- Familiarity with security frameworks and practices such as the NIST Cybersecurity Framework, MITRE ATT&CK, incident response playbooks, detection logic, correlation rules, and incident reporting.
- Working knowledge of security tools and technologies, including SIEM, EDR, email security, firewalls, IDS/IPS, WAF, DDoS protection, content filtering, identity platforms, and vulnerability management tools.
- Ability to investigate alerts, validate findings, document evidence, escalate incidents, and clearly communicate security risks and issues to technical and non-technical stakeholders.
- Understanding of common attack techniques, including phishing, malware, credential abuse, suspicious authentication activity, endpoint compromise, and web/application attacks.
- 1–2 years of experience supporting security investigations, monitoring activities, threat hunting, or SOC-related activities in a corporate or security operations environment; exposure to cloud infrastructure such as Azure, AWS, or GCP is an asset.
- Diploma in Computer Technology, Engineering, Cybersecurity, or a related field; certifications such as Security+, CySA+, CEH, GCIH, GCIA, SC-200, AZ-500, CISSP, CCSP, or similar are considered assets.
Some of what you will get:
Associate discount
Health and Dental benefits
RRSP/DPSP
Performance bonuses
Learning & Development programs
And more…
#MakeAnImpact