Senior Information Security Analyst

IKO Industries Ltd. is a market leader in the manufacturing of roofing and building materials. IKO is a Canadian owned and operated business with production facilities worldwide and has many years of unparalleled success in the roofing materials industry. Quality integrity and trustworthiness are the values that underlie this success and we have built this company by hiring people who hold these values. People like you!

Job Description

Job Description

Senior Information Security Analyst
Location: Mississauga ON (Onsite)
Reports to: Team Lead Information Security

Compensation: $106000 - $120000

Role Summary

We are seeking a Senior Information Security Analyst with deep handson experience across security operations incident response and data protection in enterprise cloud and SaaS environments. This role is responsible for defending the organization against advanced cyber threats while leading efforts to protect sensitive business employee and executive data across onpremise systems cloud platforms and collaboration tools such as Microsoft 365.

The Senior Analyst operates as a technical authority and trusted advisor helping shape security detection response and data protection practices across the enterprise. This role goes beyond monitoring toolsit focuses on investigations risk reduction and building durable security controls that scale across modern hybrid IT and SaaS environments.

This position is fully onsite at our Mississauga ON office.

What Success Looks Like in This Role

• Cyber incidents are detected early across network endpoint cloud and SaaS platforms investigated thoroughly and closed decisively
• Sensitive data in email file sharing cloud storage and business systems is protected by designnot discovered after an incident
• Security controls balance risk reduction without breaking productivity in platforms like Microsoft 365 and other SaaS tools
• Business and IT leaders understand cyber and data risk in clear plain language
• Junior analysts get stronger because of your guidance not despite it

Key Responsibilities

Security Operations & Incident Response (Core)

• Lead investigation and response to security incidents across network endpoint cloud infrastructure SaaS platforms (including Office 365) email and identity systems
• Proactively hunt for threats suspicious behavior and signs of data compromise across onprem cloud and SaaS environments
• Analyze logs alerts and telemetry from SIEM EDR identity email and cloud platforms to identify unauthorized access privilege abuse lateral movement and account compromise
• Act as an escalation point for complex or highimpact security incidents including cloud security breaches and SaaS account takeovers
• Produce clear defensible incident reports with evidence root cause analysis and corrective actions

Data Protection Governance & DLP

• Play a lead role in Data Governance and Data Classification initiatives covering onpremise systems cloud platforms and SaaS applications
• Design tune and support Data Loss Prevention (DLP) controls across:
  • Email and collaboration platforms (e.g. Office 365)
  • Endpoints
  • Cloud storage and SaaS collaboration tools
• Investigate datarelated security events including:
  • Unauthorized access to sensitive or regulated data in cloud and SaaS platforms
  • Large or unusual data transfers from cloud storage or collaboration systems
  • Data shared externally or to personal accounts from corporate email or SaaS environments
• Partner with business owners to apply riskbased data protection controls without unnecessary friction

Security Architecture & Project Enablement

• Embed security and data protection requirements into IT and businessled projects involving cloud SaaS and hybrid environments
• Identify risks introduced by new systems integrations SaaS vendors cloud services or workflows
• Recommend pragmatic remediation options compensating controls and secure design improvements
• Provide handson security architecture guidance for cloud services SaaS platforms and identitycentric solutions when needed

Governance Risk & Compliance

• Contribute to security standards policies procedures and technical guidelines related to cloud security SaaS usage identity and data protection
• Perform and review technical risk and threat assessments for critical systems including cloudhosted and SaaSbased services
• Support internal and external audits (e.g. PCI ISO 27001 regulatory reviews)
• Define and track remediation plans through to closure

Tooling Detection & Continuous Improvement

• Improve detection logic alert quality and investigation workflows across SIEM EDR email security cloud security and SaaS telemetry
• Evaluate new security tools and capabilities with a practical outcomesfocused mindset
• Reduce noise false positives and manual effort where possible
• Stay current on emerging threats targeting cloud platforms SaaS environments identity systems and collaboration tools

Leadership & Mentorship

• Act as a technical mentor to junior and intermediate analysts
• Lead by example during incidents investigations and projects
• Raise the overall maturity of the security operations function across enterprise cloud and SaaS environments

Required Qualifications & Experience

Experience

• 8 years of progressive experience in Information Security Security Operations or Incident Response
• Demonstrated experience leading complex security investigations endtoend including cloud and SaaSbased incidents
• Handson expertise with SIEM / logging platforms (e.g. Splunk QRadar ArcSight Elastic)
• Strong background investigating endpoint network cloud SaaS and emailbased threats
• Proven experience working directly with IT infrastructure cloud platforms Microsoft 365 and enterprise applications

Data Protection Experience (Required)

• Practical experience with Data Classification Data Governance and/or DLP
• Strong understanding of how sensitive data moves across email collaboration tools cloud services and enterprise systems
• Experience investigating data misuse data exfiltration or insiderrelated incidents

Technical Experience (Strongly Preferred)

• Endpoint Detection & Response (EDR) platforms
• Network security and traffic analysis
• Identity and access security (including cloud identity platforms)
• Vulnerability management and riskbased remediation
• Cloud security controls and SaaS environments (including Office 365 / Microsoft 365)

Certifications (Nice to Have)

• CISSP CISM CRISC or similar
• Relevant cloud or security platform certifications

Core Skills & Attributes

• Excellent investigative and analytical skills
• Ability to explain cyber and data risk in plain business language
• Calm and decisive during incidents
• Strong written documentation skills (incident reports risk assessments recommendations)
• Comfortable influencing without authority
• Pragmatic riskbased mindsetknows when perfect is the enemy of secure

Education & Other Requirements

• Bachelors degree in Information Technology Computer Science or related field preferred
• Ability to travel across North America and Europe as required

Benefits of Employment: IKO recognizes that its success is due to the strength of its employees. A primary goal of IKO is to promote individual employees sense of accomplishment and contribution so that employees enjoy their association with IKO. The Company invests in its employees so that they are the most knowledgeable in the industry and undertakes great efforts to nurture loyalty to and teamwork at IKO. We are pleased to offer competitive compensation health care a progressive and challenging workplace and a commitment to teamwork and integrity.

Diversity and Equal Opportunity Employment: IKO Industries Ltd. is an equal opportunity employer. We are committed to diversity and inclusion and are pleased to consider all qualified applicants for employment without consideration to race religion creed color national origin age gender sexual orientation marital status veteran status or Industries Ltd. encourages and welcomes applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.