As a Cyber Security Operations Engineer with Cineplex, you will play a pivotal role in safeguarding critical assets by partnering closely with the Director of Cyber Security to drive proactive incident response, comprehensive threat management, and effective risk reduction initiatives. A core aspect of this position involves the strategic design, meticulous implementation, and ongoing management of essential security controls across enterprise IT, cloud platforms, and customer-facing environments. This work is fundamental to strengthening overall defences, enabling secure operations at scale, and significantly reducing cyber risk across Cineplex's digital commerce and media platforms. Your expertise will be crucial in designing, deploying, and optimising a suite of security tooling, including EDR/XDR, SIEM/SOAR, WAF, IAM, DLP, and NDR, to enhance visibility, detection, and response capabilities through automation, advanced logging, and telemetry. Furthermore, you will actively design and implement secure solutions across cloud, on-premise, and hybrid environments, embedding security by design principles and hardening networks, endpoints, and servers. Identifying and remediating risk through regular vulnerability assessments, timely patching, and supporting penetration testing and bug bounty programmes will be a key responsibility. The role also encompasses strengthening cloud and application security by implementing robust controls, securing APIs, microservices, and web platforms, while integrating DevSecOps practices across CI/CD pipelines and infrastructure to ensure continuous security. Serving as an escalation point for complex security incidents, you will lead root cause analysis, drive remediation efforts, and continuously improve detection and prevention capabilities through automation. Supporting compliance and audit readiness by aligning controls to industry standards such as PCI DSS, ISO 27001, and NIST, maintaining thorough documentation, and enabling secure business operations are also integral to this position. Managing third-party risk, ensuring secure vendor and SaaS integrations, and ongoing monitoring of external partners will be part of your remit. Finally, you will implement and manage identity and access controls, including RBAC, MFA, conditional access, and PAM, enforcing the principle of least privilege across all systems to enhance overall security posture.
To excel in this Cyber Security Operations Engineer role, candidates must bring a minimum of 8 years of hands-on experience in IT security, demonstrating a strong foundation in protecting complex enterprise environments. This must be complemented by at least 5 years of experience in systems and network administration, specifically including the management of Windows client and server environments. Essential experience includes maintaining rigorous firewall rule hygiene and implementing ransomware resilient backup practices, alongside practical exposure to PCI environments and a solid understanding of Canadian privacy regulations. Candidates should possess proven experience across various IT security and information security advisory roles, coupled with a strong foundation in technology risk management. Experience in areas such as application security is highly valued, with Information Security Architecture expertise considered a significant asset. Furthermore, relevant certifications such as CISSP, CRISC, CCSP, GCFA, GCIH, CEH, CISM, CISA, PCI QSA or ISA, and PMP are considered valuable assets that will contribute to success in this critical security operations position.
