Security Operations Centre Analyst

Staples Inc.•Richmond Hill, ON

1d•Onsite

About The Position

Staples Canada is looking for a Security Operations Analyst who will report to the Sr. Director, Cybersecurity. In this role, you will act as an escalation point for alerts and investigations triaged by our Managed Security Services Provider, support incident response activities, and help operate and improve Staples Canada’s security monitoring, vulnerability management, awareness, and response capabilities. As part of a small cybersecurity team, you will wear multiple hats across security operations, security tooling, reporting, communications, and project support. You will work closely with IT Operations, infrastructure, cloud, retail technology, and vendor teams to help protect corporate, e-commerce, cloud, and retail store environments.

Requirements

Understanding of cybersecurity operations, incident response, vulnerability management, security monitoring, and common SOC processes.
Familiarity with security frameworks and practices such as the NIST Cybersecurity Framework, MITRE ATT&CK, incident response playbooks, detection logic, correlation rules, and incident reporting.
Working knowledge of security tools and technologies, including SIEM, EDR, email security, firewalls, IDS/IPS, WAF, DDoS protection, content filtering, identity platforms, and vulnerability management tools.
Ability to investigate alerts, validate findings, document evidence, escalate incidents, and clearly communicate security risks and issues to technical and non-technical stakeholders.
Understanding of common attack techniques, including phishing, malware, credential abuse, suspicious authentication activity, endpoint compromise, and web/application attacks.
1–2 years of experience supporting security investigations, monitoring activities, threat hunting, or SOC-related activities in a corporate or security operations environment.
Diploma in Computer Technology, Engineering, Cybersecurity, or a related field.

Nice To Haves

Exposure to cloud infrastructure such as Azure, AWS, or GCP is an asset.
Certifications such as Security+, CySA+, CEH, GCIH, GCIA, SC-200, AZ-500, CISSP, CCSP, or similar are considered assets.

Responsibilities

Monitor, analyze, investigate, and escalate cybersecurity events across corporate, cloud, e-commerce, and retail store environments.
Review and action security alerts, reports, and escalations from MSSP providers and internal security tools.
Triage messages sent to the Cybersecurity Shared Mailbox and ensure timely routing, response, or escalation.
Support security projects related to the implementation, maintenance, and improvement of cybersecurity tools, processes, and capabilities.
Assist with compliance-driven security activities, including PCI, payment environment security, vulnerability awareness, and related reporting requirements.
Coordinate with IT Operations, store technology, infrastructure, cloud, and vendor teams to support investigations, remediation activities, incident response playbooks, and documentation standards.