Location: JD Sports Canada – Vancouver/Ontario (Hybrid)

Department: Information Technology

Reports To: Head of IT (JD Sports Canada)

Salary Range: $95,000 - $110,000 CAD annually

The Company:

JD Sports is a sports-fashion retail company with the incentive to inspire the emerging generation of globally minded consumers through a connection to the universal culture of sport, music and fashion. Established in 1981, the JD Group is a leading global omnichannel retailer of Sports, Fashion, and Outdoor brands. With our retail stores expanding and evolving throughout Canada, The Group is continuously finding and developing talent that adds to the inclusive and diverse work culture. JD continuously and successfully sets the global standard for retail experience best through the unique delivery of the world’s most authentic brands to the market. Our commitment to showcasing brands in a premium environment and stores remain a key part of the JD strategy.

The Role:

As JD Sports Canada begins its security maturity journey, we are looking for a Cybersecurity Engineer / Architect to help establish and lead core information security practices. This is a foundational role that will play a key part in building our cybersecurity capabilities from the ground up ( including designing controls, implementing critical tools).

You will report directly to the Head of IT and serve as the local subject matter expert on all security matters. This role will also work closely with the global IT security teams to align frameworks and drive compliance across JD Canada’s growing retail, corporate, and digital environments.

Key Responsibilities

Security Architecture & Strategy

• Design and implement secure infrastructure across enterprise, cloud, and retail systems
• Define standards for secure system design and support alignment with the group architecture
• Define and enforce standards for risk frameworks and security governance models

Security Operations & Tooling

• Drive the evaluation, implementation, and optimization of core security operations capabilities such as SIEM, endpoint detection and response (EDR), data loss prevention (DLP), and vulnerability management
• Support the integration of critical access and identity controls, including network access control (NAC), email security, IAM, MFA, and PAM
• Establish and maintain scalable operational processes such as runbooks, playbooks, and asset visibility standards

Risk, Compliance

• Lead threat assessments, risk reviews, and security posture evaluations
• Ensure compliance with Canadian regulations (PIPEDA, Bill 25, CASL) and internal standards

Culture & Collaboration

• Drive security awareness and training across technical and business teams
• Guide penetration testing, patching workflows, and remediation planning

Business Continuity & Resilience

• Expand disaster recovery strategies and cyber-resilience goals
• Lead or support tabletop exercises, breach simulations, and incident reviews

Qualifications & Experience

• 5+ years in cybersecurity engineering, operations, or architecture
• Experience building or maturing security practices in a fast-paced or multi-brand environment
• Familiarity with tools such as Azure, Snowflake, Meraki, CrowdStrike, Splunk, etc.
• Strong foundation in cloud, endpoint, and network security (AWS, Azure, hybrid)
• Knowledge of compliance frameworks (PIPEDA, Bill 25, PCI-DSS, CIS)
• Hands-on experience with SIEM, EDR, vulnerability scanning, DLP
• Relevant certifications preferred (CISSP, CISM, CEH, AWS Security, etc.)
• Ability to balance technical implementation with documentation and policy development

Why Join JD Sports Canada?

JD Sports is one of the world’s fastest-growing retailers. In Canada, we’re at a pivotal stage of building our cybersecurity foundation. This role offers a rare opportunity to shape core policies and protections from the ground up, while collaborating closely with global teams. You’ll be part of a small, growing team with real ownership, impact, and access to international resources and mentorship.