Jr. Vulnerability Management Analyst at OneDigital managing security vulnerabilities across infrastructure. Collaborating with IT teams to ensure timely remediation and effective reporting.
About the role
- Security Analyst enhancing cybersecurity for clients through investigations, awareness programs, and incident response. Join ISA Cybersecurity, a leading firm in Canada with three decades of expertise.
Responsibilities
- Conduct in-depth investigations of endpoint protection alerts and events using tools such as SentinelOne and CrowdStrike.
- Fully investigate and document security breaches, providing clear and comprehensive incident reports to stakeholders.
- Provide ongoing status updates to leadership throughout the incident life cycle to ensure appropriate resources are engaged.
- Create, tune, and optimize rules and playbooks to reduce false positives and alert fatigue.
- Provide clearly documented procedures that support timely ticket resolution and adherence to SLAs.
- Assist in developing and refining SOC processes and procedures to improve investigation quality, response time, and operational efficiency.
- Maintain a full understanding of Tier 1 responsibilities to support effective knowledge sharing and playbook development.
- Develop and maintain monthly and quarterly security reports in accordance with client requirements.
- Provide analysis, insights, and recommendations in areas of concern identified through investigations and reporting.
- Enhance client security awareness through platforms such as KnowBe4 and Proofpoint.
- Plan and execute simulated phishing, vishing, and smishing campaigns to help clients identify high-risk users and improve training effectiveness.
- Provide clients with monthly security awareness reports and post-campaign summaries detailing user performance, phish-prone percentages, and risk scores.
- Assist clients with security product implementation, onboarding, and support, ensuring tools are configured to enhance visibility and detection.
- Ensure leadership and stakeholders are kept informed of potential risks and impacts introduced by new incidents.
Requirements
- 2+ Years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and security awareness.
- Experience with malware analysis, and the main point of contact for responding to security incidents relevant to major breaches.
- Experience following security domains: EDR, device control, rogue detection, desktop firewall, application vulnerability management.
- Collaborate with peers, service leads, vendor support in introducing, testing, and integrating security products.
- Act as Tier 2 escalation for investigations & analysis.
- Strong knowledge of Security Awareness program design, development, implementation, and support.
- Strong understanding of information security concepts (Confidentiality, Integrity, Availability).
- Excellent communication and interpersonal skills.
- Excellent analytical thinking and problem-solving skills.
- Understand of Learning Management System (LMS) (if solution is hosted in-house).
- Recommended industry certification (CISSP, CISA, CISM, CE|H, GIAC SANS Security Awareness Professional).
- Recommended vendor certification (Proofpoint, SentinelOne, CrowdStrike, KnowBe4).
- Post-Secondary Education in Cyber Security, Computer Science & Computer Engineering.
Benefits
- Flexible sick and personal days for all employees
- Generous health plan with enhanced mental health resources and programs
- Professional development opportunities and education reimbursement up to $2,000 annually for all employees
- Maternity and parental leave top-up
- Employee referral bonus of $2,000
- Competitive salaries complemented with RRSP matching and bonus programs
- Distance remote working policy
- LinkedIn Learning access for all team members
- Service anniversary recognition and generous five-year milestone service awards
- President’s Club recognizing special achievement awards
- Spot rewards providing opportunities for instant peer recognition
- Annual kick-off meeting to communicate our strategic priorities
- Quarterly town hall meetings
- Regular team get togethers and client events
- Scheduled employee feedback surveys and goal setting focus groups
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Offensive Security Analyst specializing in Red Team operations for AI/ML systems at Vanguard. Collaboration with data scientists and security teams to protect AI infrastructure.
IT Cybersecurity Analyst supporting vulnerability management and incident response for WEC Energy Group's cybersecurity infrastructure. Collaborating with teams to enhance security posture and mitigate risks.
IAM Security Engineer managing identity and access governance at WEC Energy Group. Collaborating on IAM solutions and troubleshooting access management issues.
Senior CyberSecurity Analyst focusing on identifying and responding to email borne threats at Proofpoint. Collaborating with a global team to develop detection signatures against phishing, malware, and spam attacks.
Information Security Analyst supporting client security projects and compliance with standards like ISO 27001. Engaging internal teams to enhance security maturity across clients.
Cybersecurity Analyst supporting Fidelity’s Cyber Assurance and Support team. Assisting with client inquiries and collaborating with technology and security teams.
Security Analyst preventing incidents for GuidePoint Security. Collaborating to stay ahead of emerging threats in a hybrid position based in Philadelphia, PA.
Security Analyst within PNC's SEC DEF SECURITY FUSION CENTER evaluating and mitigating cybersecurity alerts for organizational safety. Collaborating with various teams to ensure security posture against vulnerabilities.
Senior Security Analyst role focusing on delivering cyber security solutions for DTP's Trusted and Secure Program. Collaborating with multi - disciplinary teams to enhance secure enterprise solutions.