Job Title: Security Analyst

Location: Toronto, ON (On-site, 5 days)

Full time-Permanent

What is the Opportunity?

The IT Security Analyst plays a key role in strengthening the organization’s overall security posture by proactively implementing and managing security technologies. This role is responsible for monitoring the computing environment, analyzing and responding to cyber threats, and supporting vulnerability management efforts. It includes developing and maintaining scripts to streamline incident response and security analysis.

The Analyst ensures the secure operation of infrastructure and networks, identifies requirements for new security tools, and defines use cases to enhance security monitoring capabilities. Additionally, the role supports and maintains compliance with PCI standards and manages responsibilities related to PIPEDA privacy compliance.

Main Duties & Responsibilities

Threat and Vulnerability Management and SecOps

Responsible for analyzing the current IT ecosystem for areas of improvement, attack vectors, and potential risks, including the thorough documentation of all failure points. Proactively monitor the network for potential risks, security breaches, and threats, investigating violations as needed, leveraging XDR/Enterprise Immune System capabilities. Maintain a good operational security posture through incident management and responsiveness, vulnerability management and assessment, system patching, backup, access provisioning, upgrade planning, and policy configuration. Monitor email traffic for security threats, spam, and phishing attempts, implementing necessary countermeasures. Monitor IDS/IPS solutions, ensuring real-time detection and prevention of security threats. Investigate and respond to endpoint security incidents, coordinating with other IT and business teams as necessary. Perform other duties related to the role as required.

Cloud Infrastructure & SaaS Administration

Administer and secure cloud environments, including Azure, Intune, and AWS platforms. Implement cloud security best practices, including data encryption, access controls, and network security. Audit cloud environments for security compliance and risk management. Develop and enforce IAM policies, ensuring proper user authentication, authorization, and access control. Implement and manage SSO solutions, ensuring seamless and secure user access to multiple applications. Regularly review and audit access controls, ensuring compliance with security policies and regulatory requirements. Implement and manage DLP solutions to prevent unauthorized access and exfiltration of sensitive data. Prepare for and participate in security audits, providing necessary documentation and support when needed.

Security Operations

Be responsible for the administration of the following: Active Directory (AD Connect, GPO implementation, etc.), Windows Server (DHCP, DNS), VMware (VM setup, monitoring, etc.), and SSL setup and configuration (new, renewals, wildcard). Ensure that PCs, servers, and other devices are patched in a timely fashion and contain up-to-date software. Ensure all endpoints are encrypted and MFA protected. Develop and support organizational security standards, best practices, preventative measures, and disaster recovery plans, especially SOC2. Perform risk assessments on projects from a technical security perspective to ensure that the security safeguards and controls are in line with organizational policy and standards. Stay updated on the latest cybersecurity trends and technologies, recommending enhancements to the existing security posture. Assist with maintaining organization-wide cybersecurity policy and governance.

What We're Looking For

A university degree in computer science or a related discipline, or a combination of skills and experience — five (5) years of progressive security experience is required. Proficient in security operations and threat hunting, including assessing systems for risk, investigating security threats, and implementing current IT-industry security standards. Strong knowledge of Windows and Linux operating systems. Strong understanding of security incident management, malware management, and vulnerability management processes. Ability to oversee penetration testing provided by third parties. Ability to perform vulnerability assessments on various systems, taking remedial action as needed. Knowledge of common scripting languages like Shell and PowerShell. Familiarity with PCI Data Security Standards and SOC2. Familiarity with PIPEDA and other Canadian privacy regulations. Self-starter who works independently and adjusts to changing priorities; a critical and strategic thinker, negotiator, and consensus builder. Proficiency in creating reports, presentations, architecture, workflow diagrams, and documentation. Strong verbal and written communication skills, including the ability to communicate and interact effectively with both technical and non-technical individuals. Strong customer service orientation, with a demonstrated ability to listen, understand, and establish effective relationships with users.

Experience with the following technologies is a must:

Microsoft 365 (Security and Purview), AWS or Microsoft Azure, Microsoft Intune, Entra ID, Microsoft Windows Servers, Windows 11, and Ubuntu, Microsoft DLP, Active Directory - DNS, DHCP, and GPO, system hardening standards like CIS Benchmarks, Cloudflare, and firewalls (preferably Palo Alto).

Experience with the following technologies is an asset:

Darktrace, Qualys VMDR and WAS, Cisco Duo, Sophos XDR and Email Gateway, Wazuh SIEM solution or similar, and Zoho/ManageEngine Endpoint Central.