Security Analyst, Tier 1 – Monitoring & Triage

About the Role:

The function of the Security Analyst Tier 1 Monitoring & Triage is to be at the forefront of incident response utilizing the latest in network security technology while providing Computer Network Defense and Information Assurance (IA) support to ISAs client base and internal network. This role involves a demanding schedule with a 12-hour shift rotation including nights and weekends. Flexibility and adaptability to varying shift patterns are essential for success in this position. This posting is for an existing vacancy.

About Us:

We are proud to be recognized as a top employer for multiple years in a row we currently hold the distinctions of Canadas Top Small and Medium Employers 2025 Greater Torontos Top Employers 2025 and are Certified Great Place to Work 2025-2026.

At ISA Cybersecurity our mission is to help clients achieve their privacy and security goals and to be proactive in the fight against security threats. ISA is Canadas leading cybersecurity-focused company with three decades of experience delivering cybersecurity services and people you can trust. We provide our clients with comprehensive counsel on complex evolving and multi-faceted issues related to cybersecurity and breach incident response.

ISA Cybersecurity also offers a world-class 24/7 by 365 SOC 2 Type II certified CIOC (cybersecurity intelligence operations center) giving our clients deeper insights and earlier warnings about coordinated cyber-attacks. ISA strategically partners with many of the most respected security technology firms in the world. Through these relationships our clients can gain access to a broad portfolio of industry-leading cyber solutions best suited to protect their corporate assets and customer data.

In todays volatile world of digital threats we help Canadian companies to better understand their current security posture and how to mitigate risks.

Optional

We operate in a remote-first environment. Office presence is typically less than 20% of the time varying by role and work requirements. Our office space located at Bloor and Islington is a collaborative space designed for in-person meetings and drop-ins. We enjoy hosting in-person quarterly townhalls and social events throughout the year to encourage teambuilding and collaboration.

Responsibilities:

• Monitor and analyze network traffic and IDS alerts
• Investigate intrusion attempts and perform in-depth analysis of exploits
• Provide network intrusion detection expertise to support timely and effective decision making of when to declare an incident
• Conduct proactive threat research
• Review security events that are populated in a Security Information and Event Management (SIEM) system
• Analyze a variety of network and host-based security appliance logs (Firewalls NIDS HIDS Sys Logs etc.) to determine the correct remediation actions and escalation paths for each incident
• Independently follow procedures to contain analyze and eradicate the malicious activity
• Perform Tier I/II initial incident triage
• Document all activities during an incident and providing leadership with status updates during the life cycle of the incident
• Create a final incident report detailing the events of the incident
• Provide information regarding intrusion events security incidents and other threat indications
• Assist with the development of processes and procedures to improve incident response times analysis of incidents and overall CIOC functions

Qualifications:

• Knowledge of information security event monitoring and detection and NID monitoring and incident response
• Familiarity with network security methodologies tactics techniques and procedures
• Experience with IPS/IDS SIEMs and other CND security tools
• Experience reviewing and analyzing network packet captures
• Experience performing security/vulnerability reviews of network environments
• Possess a comprehensive understanding of the TCP/IP protocol security architecture network and remote access security techniques/products
• Experience with enterprise anti-virus solutions virus outbreak management and the ability to differentiate virus activity from directed attack patterns
• Working knowledge of network architecture
• Strong research background utilizing an analytical approach
• Must be able to react quickly decisively and deliberately in high stress situations
• Strong verbal/written communication and interpersonal skills are required to document and communicate findings escalate critical incidents and interact with customers
• Working knowledge of Windows and Linux OS to include experience working in the command line interface
• Highly motivated individual with the ability to self-start prioritize multi-task and work in a team setting

Salary Range: $48875.00 - $66125.00

Why Join Us

At ISA Cybersecurity we lead with our Why. Our Why is to make people feel safe. This not only applies to the result of services that we provide to our clients but how people feel when interacting with us. Whether youre an employee of ISA or a client we want you to feel safe and supported. Each one of our team members is expected to uphold this leadership quality and embrace it through consistent demonstration of our core values of Explore Persevere Adapt and Uplift.

We are proud to offer a variety of employee friendly programs that enable our team to perform at their best.

Highlights of our programs and policies include:

• Flexible sick and personal days for all employees
• Generous health plan with enhanced mental health resources and programs
• Professional development opportunities and education reimbursement up to $2000 annually for all employees
• Maternity and parental leave top-up
• Employee referral bonus of $2000
• Competitive salaries complemented with RRSP matching and bonus programs
• Distance remote working policy
• LinkedIn Learning access for all team members

We also place great value on celebrating the contributions of all employees through the following service recognition programs:

• Service anniversary recognition and generous five-year milestone service awards
• Presidents Club recognizing special achievement awards: Team Member of the Year for Sales CIOC and Cyber Services the Rich Uhrich Founders Award that is nominated on by all employees and four Presidents Awards (Risk Taker Lost Without You Money Maker and On the Rise)
• Spot rewards providing opportunities for instant peer recognition

Information-sharing and team-building initiatives include:

• Annual kick-off meeting to communicate our strategic priorities
• Informal staff events like pizza lunches or games day
• Quarterly town hall meetings
• Regular team get togethers and client events
• Scheduled employee feedback surveys and goal setting focus groups

Thank you for your interest in joining ISA Cybersecurity. Our team looks forward to reviewing your application. We will be reaching out to you directly if your experience matches our needs.

ISA Cybersecurity does not currently use artificial intelligence tools as part of our recruitment process.

Accessibility:

ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need please inform ISAs Human Resources team () so arrangements can be made for appropriate accommodation to be in place during the recruitment process.

Required Experience:

Junior IC