Cyber Security Analyst

Cybersecurity Analyst

Location: Remote (Canada)

Salary: TDB

Type: Full-time

Auxo is hiring a Cybersecurity Analyst for a Series A B2B SaaS company scaling fast in the industrial tech space. The platform is deeply embedded in how large manufacturers run their operations. Enterprise clients. Real compliance requirements. And until now, no dedicated security function.

This is the hire that changes that.

You'll be the first person fully dedicated to security. No team to manage, no bureaucracy. You work closely with engineering, set the standards, build the processes, and make sure the company can grow into the enterprise contracts it's closing.

The right person has owned this kind of function before and knows how to operate without a playbook.

What You'll Do

• Own the security posture of a live SaaS platform used by enterprise manufacturers
• Monitor infrastructure, applications, and networks for threats and suspicious activity
• Run penetration testing, vulnerability assessments, and risk analysis on an ongoing basis
• Implement and maintain security tooling across the stack: endpoint protection, firewalls, SIEM
• Build and enforce security policies, incident response procedures, and compliance frameworks
• Embed security into engineering from the start, not as an afterthought
• Lead incident response when things go wrong and own the post-mortem
• Drive certification efforts (SOC 2, ISO 27001, or equivalent) that directly support sales cycles
• Train the team on security hygiene and awareness

Who You Are

• 5+ years of hands-on experience in cybersecurity, IT security, or SOC environments
• Solid grasp of cloud security (AWS, Azure, or GCP), network security, SIEM, and IDS/IPS
• Solid experience in either Python, Bash or both.
• Comfortable designing encryption, authentication, and access control architecture
• Familiar with Canadian compliance requirements including PIPEDA
• You've been the only security person at a company and know what it takes
• Strong communicator: you can explain risk to a non-technical exec without losing them
• Certifications a strong plus: CISSP, CEH, Security+
• Bonus: experience securing SaaS or AI platforms, DevSecOps, API security