Senior Security Analyst at McCarthy Tétrault in Canada focusing on security and IT compliance initiatives. Collaborating with teams on incident response and vulnerability management in a hybrid workspace.
About the role
- Security Analyst responsible for investigating security incidents and enhancing awareness programs for ISA Cybersecurity. Collaborating on threat protection initiatives and reporting to stakeholders.
Responsibilities
- Conduct in-depth investigations of endpoint protection alerts and events using tools such as SentinelOne, CrowdStrike, and Microsoft Defender.
- Participate in an on-call rotation to support incident response outside of standard business hours, as required.
- Fully investigate and document security breaches, providing clear and comprehensive incident reports to stakeholders.
- Provide ongoing status updates to leadership throughout the incident life cycle to ensure appropriate resources are engaged.
- Create, tune, and optimize rules and playbooks to reduce false positives and alert fatigue.
- Provide clearly documented procedures that support timely ticket resolution and adherence to SLAs.
- Assist in developing and refining SOC processes and procedures to improve investigation quality, response time, and operational efficiency.
- Maintain a full understanding of Tier 1 responsibilities to support effective knowledge sharing and playbook development.
- Develop and maintain monthly and quarterly security reports in accordance with client requirements.
- Provide analysis, insights, and recommendations in areas of concern identified through investigations and reporting.
- Enhance client security awareness through platforms such as KnowBe4 and Proofpoint.
- Plan and execute simulated phishing, vishing, and smishing campaigns to help clients identify high-risk users and improve training effectiveness.
- Provide clients with monthly security awareness reports and post-campaign summaries detailing user performance, phish-prone percentages, and risk scores.
- Assist clients with security product implementation, onboarding, and support, ensuring tools are configured to enhance visibility and detection.
- Ensure leadership and stakeholders are kept informed of potential risks and impacts introduced by new incidents.
Requirements
- 2+ Years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and security awareness.
- Experience with malware analysis, and the main point of contact for responding to security incidents relevant to major breaches.
- Experience following security domains: EDR, device control, rogue detection, desktop firewall, application vulnerability management.
- Collaborate with peers, service leads, vendor support in introducing, testing, and integrating security products.
- Act as Tier 2 escalation for investigations & analysis.
- Strong knowledge of Security Awareness program design, development, implementation, and support.
- Strong understanding of information security concepts (Confidentiality, Integrity, Availability)
- Excellent communication and interpersonal skills
- Excellent analytical thinking and problem-solving skills.
- Understand of Learning Management System (LMS) (if solution is hosted in-house)
- Recommended industry certification (CISSP, CISA, CISM, CE|H, GIAC SANS Security Awareness Professional)
- Recommended vendor certification (Proofpoint, SentinelOne, Crowdstrike)
- Post-Secondary Education in Cyber Security, Computer Science & Computer Engineering
Benefits
- Flexible sick and personal days for all employees
- Generous health plan with enhanced mental health resources and programs
- Professional development opportunities and education reimbursement up to $2,000 annually for all employees
- Maternity and parental leave top-up
- Employee referral bonus of $2,000
- Competitive salaries complemented with RRSP matching and bonus programs
- Distance remote working policy
- LinkedIn Learning access for all team members
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Security Analyst providing technical client support in Managed Security Services at CDW. Monitoring security alerts and incidents while fostering trust and loyalty with clients.
LP
CyberSecurity Coordinator
LinkedIn Recruiter Post
Cybersecurity Coordinator for a top 5 bank. 6 - month contract, 2 days/week on - site in GTA, requires 5 - 8 years technical/security experience.
LP
Security Specialist
LinkedIn Recruiter Post
Temporary Security Specialist supporting Microsoft security assessment for public sector client. Hybrid role focusing on security posture improvement and implementation planning.
LP
Junior Cybersecurity Analyst
LinkedIn Recruiter Post
Junior Cybersecurity Analyst role in Toronto, working with senior leadership in a growing Cyber division. Requires understanding of cyber principles, diligent personality, and some complex environment experience.
Security Analyst - GRC supporting clients on their security journey in a remote role at Kobalt.io. Collaborate with vCISOs and manage compliance programs for cybersecurity.
Security Analyst improving cybersecurity at Aviso's IT and Cloud infrastructure. Responsible for identifying, mitigating, and resolving security threats while enhancing security posture.
LP
Cybersecurity Analyst
LinkedIn Recruiter Post
Cybersecurity Analyst contract role in Scarborough, ON requiring 10+ years IT experience and 3+ years cybersecurity. Hybrid work with $68 - 85/hour pay for 6 months.
Safeguard Norfolk County’s technology infrastructure as a Junior or I.T. Security Analyst. Monitor threats and manage system updates ensuring secure operations.
Apprentice Epic Security Analyst role providing hands - on EHR support and maintenance. Collaborating with analysts and clinical teams to fulfill healthcare IT needs.