Security Analyst

About the Role:

The Analyst plays a vital role in assessing our customers Risks Gaps Vulnerabilities and Maturity. Under direction of the Service Lead and Vice President Services ISAs Analysts undertake projects on an ad hoc basis or via a MSSP Retainer following the defined ISA methodologies approaches and leveraging our templates/tooling. This individual will work to identify and correct flaws in the customers security systems solutions and programs while recommending specific measures that can improve the companys overall security posture. Typical exercises include cybersecurity and AI Threat and Risk Assessments Privacy Impact Assessments Gap Assessments Maturity Assessments Development of Policies and Standards among other ISA Offerings

About Us:

ISA Cybersecurityis a proudly Canadiancyberand AIservices and solutions by over 500 clients from SMB to global enterprise we empower organizations to safeguard their most critical assetsand adopt AI ourhighly customizableCyber 360and AI 360offerings we deliver a comprehensive range of governance assuranceengineeringprotection detectionand response services for the public and private sectors. Backed by over three decadesof operational experienceand a vast network ofhighly specialized andcertified experts weleveragecutting-edgetechnologies and AI to ensure that clients achieve their privacysecurity and businessgoals.

We operate in a remote-first environment. Office presence is typically less than 20% of the time varying by role and work requirements. Our office space located at Bloor and Islington is a collaborative space designed for in-person meetings and drop-ins. We enjoy hosting in-person quarterly townhalls and social events throughout the year to encourage teambuilding and collaboration.

Responsibilities:

• Assess customer risks gaps vulnerabilities and security maturity across people processes and technology
• Deliver security projects and MSSP engagements with moderate independence following ISA methodologies templates and tooling
• Conduct security assessments including Threat and Risk Assessments (TRA) Privacy Impact Assessments Gap Assessments and Maturity Assessments
• Analyze findings to identify weaknesses in client security controls and recommend practical risk-based improvements
• Contribute to the development and maintenance of security policies standards methodologies and governance documentation
• Execute assigned project and MSSP deliverables to meet quality standards timelines and client expectations
• Apply governance strategies and service frameworks established by the Vice President Services to ensure consistent service delivery
• Follow project plans managed by internal project and program managers escalating risks or scope concerns as required
• Assist with the maintenance and management of any tools and technologies to be used to support the client
• Collaborate with client project managers and technical teams to support successful project outcomes
• Support MSSP operations by assisting the CIOC with engineering tickets and service requests when required
• Deliver knowledge transfer and training to clients and internal team members on tools methodologies and security practices
• Create and maintain accurate procedural documentation for security projects and MSSP services in collaboration with Service Leads

Qualifications:

• Minimum of five years experience delivering security assessments including Threat and Risk Assessments (TRA) Gap Assessments Maturity Assessments and Privacy Impact Assessments as well as related services such as policy and standards development and risk management implementation
• Degree in IT Computer Science Cybersecurity or a related field
• Strong understanding of industry frameworks such as ISO 27001/2 NIST CSF CIS Top 18 and Privacy by Design
• Thorough knowledge of current security threats attacker techniques and threat modeling frameworks such as MITRE ATT&CK
• Solid understanding of modern security principles techniques and protocols
• Expert knowledge of TCP/IP common network protocols and standards
• Exceptional analytical and problem-solving skills with the ability to identify strategic issues and make informed decisions
• Ability to manage multiple projects simultaneously prioritize tasks and meet deadlines in a high-volume environment
• Strong organizational skills attention to detail and the ability to work independently
• Excellent communication and influencing skills with a proven ability to drive change and collaborate across teams
• Ability to maintain deep knowledge of security and networking infrastructure including management and reporting requirements
• Hands-on experience with security systems including firewalls intrusion detection/prevention systems antivirus software authentication systems and content filtering

• Experience with network security networking technologies and monitoring tools for systems networks and security
• Vendor certifications in tools such as Metasploit Tenable Qualys or Rapid7
• Desirable professional certifications:
  • Security (SEC)
  • Certified Ethical Hacker (CEH)
  • Certified Information Security Manager (CISM)
  • GIAC Security Essentials (GSEC)
  • Certified Information Systems Security Professional (CISSP)

Why Join Us

At ISA Cybersecurity we lead with our Why. Our Why is to make people feel safe. This not only applies to the result of services that we provide to our clients but how people feel when interacting with us. Whether youre an employee of ISA or a client we want you to feel safe and supported. Each one of our team members is expected to uphold this leadership quality and embrace it through consistent demonstration of our core values of Explore Persevere Adapt and Uplift.

We are proud to offer a variety of employee friendly programs that enable our team to perform at their best.

Highlights of our programs and policies include:

• Flexible sick and personal days for all employees
• Generous health plan with enhanced mental health resources and programs
• Professional development opportunities and education reimbursement up to $2000 annually for all employees
• Maternity and parental leave top-up
• Employee referral bonus of $2000
• Competitive salaries complemented with RRSP matching and bonus programs
• Distance remote working policy
• LinkedIn Learning access for all team members

We also place great value on celebrating the contributions of all employees through the following service recognition programs:

• Service anniversary recognition and generous five-year milestone service awards
• Presidents Club recognizing special achievement awards: Team Member of the Year for Sales CIOC and Cyber Services the Rich Uhrich Founders Award that is nominated on by all employees and four Presidents Awards (Risk Taker Lost Without You Money Maker and On the Rise)
• Spot rewards providing opportunities for instant peer recognition

Information-sharing and team-building initiatives include:

• Annual kick-off meeting to communicate our strategic priorities
• Quarterly town hall meetings
• Regular team get togethers and client events
• Scheduled employee feedback surveys and goal setting focus groups

Thank you for your interest in joining ISA Cybersecurity. Our team looks forward to reviewing your application. We will be reaching out to you directly if your experience matches our needs.

Vacancy Status: This posting is for an existing vacancy
Salary Range: $90200.00 - $129800.00
AI Disclosure:ISA Cybersecurity does not currently use artificial intelligence tools as part of our recruitment process.

Accessibility:

ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need please inform ISAs Human Resources team () so arrangements can be made for appropriate accommodation to be in place during the recruitment process.

Required Experience:

Manager