The Senior IT Security Analyst ensures that all in-scope day to day, and project activities are properly defined; effectively managed; deliver the expected results; and meet SCC standards and policies, and that documentation, deployment, and testing is performed according to professional industry standards.

Reporting to the Manager, Information Security, responsibilities include but are not limited to;

• Conduct studies that evaluate, recommend, and implement security solutions to enhance core security capabilities in the areas of security infrastructure, access management, identity management, networking, databases, servers.
• Perform the deployment, integration, and initial configuration of all new security solutions and enhancements to existing security solutions in accordance with standards and best practices.
• Research and provide gap analysis of the current processes leading to the completion of documenting current processes and identifying opportunities for process improvements.
• Evaluate internal and external environment for threats, changes, related to Information Security and perform the role as Information Security subject matter expert to ensure these are properly addressed and controlled.
• Work with cross-functional teams to develop and implement incident response plans, including documenting procedures and conducting training exercises.
• Manage and maintain security technologies such as firewalls, intrusion detection and prevention systems, and security information and event management (SIEM) tools.
• Assess information risk and facilitate remediation of identified vulnerabilities for IT security across the enterprise;
• Resolve security incidents in a timely and effective manner, ensuring minimal impact to the organization and learning from incidents to prevent future occurrences.
• Lead and participate in the design and execution of vulnerability assessments, penetration tests and security audits.
• Ongoing management of the organization's security awareness program; ensure that organizational processes adhere to regulatory compliance requirements.
• Conduct research on emerging security threats and trends, and develop strategies to mitigate risks
• Provide reporting and data-driven insights on the organization's security posture, including vulnerabilities, incidents, and remediation efforts to senior management.

• 8+ years of work experience in IT Security or equivalent combination of transferrable experience and education through university or college degree in an IT related field.
• Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness.
• Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously.
• Thorough knowledge of Information security principles and framework (ISO 27001, NIST, ZTNA, etc..).
• Thorough knowledge and experience on securing on-perm infrastructure, Google Cloud and Azure.
• Thorough knowledge and experience on Microsoft security tools and processes.
• Thorough knowledge on firewalls (Palo Alto), DNS, Cloudflare, Switches, Citrix, etc.
• Ability to secure online and on-premise infrastructures, filter out suspicious activity, and find and mitigate security risks before any breaches can occur.
• Hands-on experience in security incident investigation and resolution.
• Cyber and Technical Threat Analyses
• Ability to communicate highly complex technical information clearly and articulately for all levels and audiences.
• Ability to manage tasks independently and take ownership of responsibilities
• Strong customer focus with ability to manage customer expectations and experience and build long-term relationships.
• Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel.
• Ability to adapt to a rapidly changing environment
• High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy.
• Thorough knowledge of patching and deployment technologies for windows platforms
• Strong technical knowledge of current systems, software, protocols and standards. Including TCP/IP and network administration/protocols
• Experience developing, documenting and maintaining procedures.
• Ability to learn from mistakes and apply constructive feedback to improve performance.
• Any one or more security certifications (CISSP, CISA, CEH, GIAC, SANS).

Why members of our Corporate team love working at Sleep Country Canada/Dormez-vous?:

• This is not a job but a CAREER with opportunities for growth and advancement
• Diverse and inclusive work environment
• We will invest in you and provide extensive training, mentoring and continuous development
• Access to training and development platforms
• Full medical, dental benefits and a Deferred Profit Sharing Program
• Annual Wellness Credit of up to $250.00 for any products/services that improve your health and well-being, i.e., health assessments, nutrition counselling, hiking shoes, a yoga outfit or fitness equipment!
• Associate Discount Program where you will be able to enjoy some of the world's best sleep products
• Maternity/Parental leave top up benefits
• Tuition Reimbursement Program that covers professional AND personal development
• Long service awards, celebrations and other social events
• Associate Referral Program
• Paid day off to volunteer at your local charity of choice
• Recognized as one of Canada's Most Admired Corporate Cultures in 2023 by Waterstone Human Capital

Commitment to Equity, Diversity, Inclusion & Belonging (EDI&B)

At SCC/DV, we are committed to building a company culture of inclusion and diversity where differences are embraced and valued, this allows us to better understand and meet the needs of our customers and the communities we serve. We want to ensure every job applicant is treated fairly and with respect regarding race, national or ethnic origin, religion, age, gender, sexual orientation, or disability.

About Sleep Country Canada/Dormez-vous?

Sleep Country is Canada's leading specialty sleep retailer with a purpose to transform lives by awakening Canadians to the power of sleep. Sleep Country Canada operates under the retailer banners; Sleep Country, Dormez-vous, the rest, Endy, Hush, Silk & Snow and most recently acquired, Casper Canada. The Company has omnichannel and ecommerce operations including over 300 corporate-owned stores and 18 distribution centers warehouses across Canada. Recognized as one of Canada's Most Admired Corporate Cultures in 2023 by Waterstone Human Capital, Sleep Country is committed to building a company culture of inclusion and diversity where differences are embraced and valued. The Company actively invests in its sleep ecosystem, innovative products, world-class customer experience, communities and its people. For more information about Sleep Country, please visit www.sleepcountry.ca.

At Sleep Country Canada/Dormez-vous? (SCC/DV), we are inspired every day through our purpose to transform lives by awakening Canadians to the power of sleep and our vision to champion sleep as the key to healthier and happier lives, helping everyone achieve better tomorrows through better tonight's.

Guided by our values – We CARE About People; We WIN Together; We DREAM Big and We DELIVER with Excellence – we are building on our 30-year foundation of taking care of each other and our customers' sleep needs, with passion and commitment to be the best that we can be. We invest in our sleep ecosystem, innovative products, world-class customer experience, our communities and diverse best-in-class team to be Canada's leading sleep partner.