Intermediate Security Analyst

Intermediate Security Analyst

Remote - Canada | Permanent / Full Time

Our client in Toronto, a financial services organization, is seeking a Security Analyst to help protect the organization's information systems and data by operating security controls, monitoring threats, leading incident response, and supporting compliance in a regulated environment. Reporting directly to the VP, Security, this role offers meaningful ownership and close collaboration with an experienced security leader, including hands-on involvement in incident response and security initiatives.

This is a permanent, full-time role. Fully remote within Canada, but you'll need to work Eastern Time business hours. Slight preference for candidates in or around the Toronto area.

Key Responsibilities

SOC/SIEM Operations & Vendor Management: Manage and collaborate with the third-party SOC/SIEM provider for threat detection, investigations, incident response support, reporting, and continuous improvement of detections and processes.

Threat Monitoring & Response: Monitor security alerts and logs, triage and investigate suspicious activity, and respond to potential threats with clear documentation and stakeholder communication.

Incident Response Leadership: Lead incident response activities including investigation, containment, remediation coordination, post-incident reviews, and reporting.

Security Controls & Tooling: Implement, maintain, and continuously improve security controls, tools, and procedures to reduce organizational risk.

Identity & Access Management (IAM): Support and manage identity and access controls across systems and applications, including access reviews and privileged access practices.

Vulnerability Management: Coordinate vulnerability scanning and remediation tracking, validate fixes, and support prioritization based on risk and business impact.

Governance, Risk & Compliance: Support security audits and risk assessments, help ensure alignment to internal policies and relevant frameworks, and contribute evidence and documentation for compliance requirements.

Secure Configuration & Hardening: Support secure configurations for servers, networks, endpoints, and cloud environments, helping teams implement baseline controls and reduce misconfiguration risk.

Documentation & Reporting: Prepare security reports, metrics, and runbooks; maintain accurate, audit-friendly documentation.

Cross-Functional Collaboration: Partner with IT and business teams to embed security into projects, new technologies, and operational processes.

Required Qualifications

A diploma or degree in Computing, Information Technology, or a related field.

Minimum 2 years of experience in a hands-on security role, or equivalent demonstrated capability in security operations.

Strong technical foundation across core areas of computing, including networking, virtualization, containers, cloud services, routing, and related technologies.

Experience working with SOC/SIEM processes (alert triage, investigations, escalation, reporting) and collaborating with external security providers.

Working knowledge of incident response practices and the ability to coordinate containment and remediation across teams.

Experience supporting IAM controls (access reviews, least privilege, privileged access concepts).

Strong analytical and communication skills, with the ability to work independently, take initiative, and drive issues to resolution.

Experience in financial services or another regulated industry.

Preferred Skills

Desire to pursue CISSP certification is an asset.

Experience with cloud security in Microsoft-centric environments (Azure/Microsoft security tooling) is an asset.

Familiarity with common security frameworks and audit processes.

Salary Range:

CA$100,000 to CA$110,000 annually, 7-10% performance bonus, with final compensation determined by your qualifications, expertise, experience, and the role's scope.

Of Note:

Completed background checks will be required before the start date if you are selected as a winning candidate.

While we strive to respond to all applicants, please understand that due to the high volume of applications we receive, providing individual feedback or responses to every candidate may not be feasible. Rest assured that your application will be carefully reviewed and considered. We appreciate your understanding and interest in joining our team.