Job Specifications
Location: JD Sports Canada - Vancouver/Ontario (Hybrid)
Department: Information Technology
Reports To: Head of IT (JD Sports Canada)
Salary Range: $95,000 - $110,000 CAD annually
The Company:
JD Sports is a sports-fashion retail company with the incentive to inspire the emerging generation of globally minded consumers through a connection to the universal culture of sport, music and fashion. Established in 1981, the JD Group is a leading global omnichannel retailer of Sports, Fashion, and Outdoor brands. With our retail stores expanding and evolving throughout Canada, The Group is continuously finding and developing talent that adds to the inclusive and diverse work culture. JD continuously and successfully sets the global standard for retail experience best through the unique delivery of the world's most authentic brands to the market. Our commitment to showcasing brands in a premium environment and stores remain a key part of the JD strategy.
The Role:
As JD Sports Canada begins its security maturity journey, we are looking for a Cybersecurity Engineer / Architect to help establish and lead core information security practices. This is a foundational role that will play a key part in building our cybersecurity capabilities from the ground up ( including designing controls, implementing critical tools).
You will report directly to the Head of IT and serve as the local subject matter expert on all security matters. This role will also work closely with the global IT security teams to align frameworks and drive compliance across JD Canada's growing retail, corporate, and digital environments.
Key Responsibilities
Security Architecture & Strategy
Design and implement secure infrastructure across enterprise, cloud, and retail systems
Define standards for secure system design and support alignment with the group architecture
Define and enforce standards for risk frameworks and security governance models
Security Operations & Tooling
Drive the evaluation, implementation, and optimization of core security operations capabilities such as SIEM, endpoint detection and response (EDR), data loss prevention (DLP), and vulnerability management
Support the integration of critical access and identity controls, including network access control (NAC), email security, IAM, MFA, and PAM
Establish and maintain scalable operational processes such as runbooks, playbooks, and asset visibility standards
Risk, Compliance
Lead threat assessments, risk reviews, and security posture evaluations
Ensure compliance with Canadian regulations (PIPEDA, Bill 25, CASL) and internal standards
Culture & Collaboration
Drive security awareness and training across technical and business teams
Guide penetration testing, patching workflows, and remediation planning
Business Continuity & Resilience
Expand disaster recovery strategies and cyber-resilience goals
Lead or support tabletop exercises, breach simulations, and incident reviews
Qualifications & Experience
5+ years in cybersecurity engineering, operations, or architecture
Experience building or maturing security practices in a fast-paced or multi-brand environment
Familiarity with tools such as Azure, Snowflake, Meraki, CrowdStrike, Splunk, etc.
Strong foundation in cloud, endpoint, and network security (AWS, Azure, hybrid)
Knowledge of compliance frameworks (PIPEDA, Bill 25, PCI-DSS, CIS)
Hands-on experience with SIEM, EDR, vulnerability scanning, DLP
Relevant certifications preferred (CISSP, CISM, CEH, AWS Security, etc.)
Ability to balance technical implementation with documentation and policy development
Why Join JD Sports Canada?
JD Sports is one of the world's fastest-growing retailers. In Canada, we're at a pivotal stage of building our cybersecurity foundation. This role offers a rare opportunity to shape core policies and protections from the ground up, while collaborating closely with global teams. You'll be part of a small, growing team with real ownership, impact, and access to international resources and mentorship.