61 Security Analysis jobs in Canada

Job Description

Job Title – Cybersecurity Analyst II

Department – Information Technology

Reports to – Sr Director IT

Location – Calgary, AB or Houston, TX

Job Summary

The Cybersecurity Analyst II will play a critical role in protecting the organization’s systems, data, and cloud environments by implementing, monitoring, and improving security controls. This position is responsible for administering and optimizing key security platforms—including SIEM, EDR, IAM, and vulnerability management—while supporting compliance with industry regulations and frameworks. The ideal candidate is a hands-on security professional who excels in threat detection, incident response, and risk reduction, and who can collaborate across IT, legal, and operations to ensure a strong security posture.

Key Areas of Responsibility

• Security Operations & Monitoring
  • Manage and maintain enterprise security tools, including SIEM, EDR, IAM, Vulnerability Management, CSPM, and cloud-native security solutions
  • Monitor alerts, investigate potential threats, and recommend or implement remediation
• Compliance & Risk Assessment
  • Support compliance initiatives aligned with SOC 2, ISO 27001, NIST, GDPR, and SOX
  • Perform risk assessments, audits, and vulnerability scans to identify and mitigate security gaps
  • Maintain security documentation and reporting for compliance tracking
• Incident Response & Threat Management
  • Contribute to the development and execution of incident response plans
  • Conduct investigations of security events and assist with containment, eradication, and recovery
  • Provide after-action reporting and recommend control improvements
• Security Policies & Awareness
  • Support the development and enforcement of security policies, standards, and procedures
  • Assist in delivering security awareness and training programs across the organization
• Cloud & Data Protection
  • Implement and monitor Cloud Security Posture Management (CSPM) to protect cloud resources
  • Support data protection initiatives including encryption, PKI, and Data Loss Prevention (DLP)
  • Help ensure sensitive data is safeguarded across on-premise and cloud platforms
• Continuous Improvement & Research
  • Stay up to date with emerging threats, vulnerabilities, and regulatory changes
  • Recommend and implement proactive measures to strengthen the organization’s security posture
• Collaboration
  • Work closely with IT, legal, operations, and business stakeholders to ensure security is embedded into processes and systems
  • Support and uphold HS&E policies and procedures of NCS and the customer
  • Align individual goals with NCS corporate goals, while adhering to the NCS Promise
  • Participate in your Personal Development for Success (PDS)
• Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills and Abilities

• Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in IT security, with a focus on compliance management
• Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)
• Proven experience in managing security audits and assessments
• Expertise in risk management, vulnerability scanning tools, and incident response
• Excellent problem-solving and communication skills
• Industry certifications such as CISSP, CISM, CISA, or similar are preferred
• Experience with cloud security and multi-cloud environments
• Ability to manage complex compliance projects

Additional Information

• Status: Overtime Exempt
• Employment Classification: Full-time, Regular
• Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs
• Travel: up to 5% domestic and international travel required
• Bonus: Eligible
• Special Equipment: Cell phone and Laptop
• Criminal background check required for all positions
• Safety sensitive positions will require additional pre-employment testing

Core Competencies

• Teamwork/Collaboration – Able to work cooperatively with other individuals
• Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers
• Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach
• Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action
• Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach
• Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements
• Accountability – Obligation or willingness to be answerable for an outcome

Job Description

Job Title – Cybersecurity Analyst II

Department – Information Technology

Reports to – Sr Director IT

Location – Calgary, AB or Houston, TX

Job Summary

The Cybersecurity Analyst II will play a critical role in protecting the organization’s systems, data, and cloud environments by implementing, monitoring, and improving security controls. This position is responsible for administering and optimizing key security platforms—including SIEM, EDR, IAM, and vulnerability management—while supporting compliance with industry regulations and frameworks. The ideal candidate is a hands-on security professional who excels in threat detection, incident response, and risk reduction, and who can collaborate across IT, legal, and operations to ensure a strong security posture.

Key Areas of Responsibility

• Security Operations & Monitoring
  • Manage and maintain enterprise security tools, including SIEM, EDR, IAM, Vulnerability Management, CSPM, and cloud-native security solutions
  • Monitor alerts, investigate potential threats, and recommend or implement remediation
• Compliance & Risk Assessment
  • Support compliance initiatives aligned with SOC 2, ISO 27001, NIST, GDPR, and SOX
  • Perform risk assessments, audits, and vulnerability scans to identify and mitigate security gaps
  • Maintain security documentation and reporting for compliance tracking
• Incident Response & Threat Management
  • Contribute to the development and execution of incident response plans
  • Conduct investigations of security events and assist with containment, eradication, and recovery
  • Provide after-action reporting and recommend control improvements
• Security Policies & Awareness
  • Support the development and enforcement of security policies, standards, and procedures
  • Assist in delivering security awareness and training programs across the organization
• Cloud & Data Protection
  • Implement and monitor Cloud Security Posture Management (CSPM) to protect cloud resources
  • Support data protection initiatives including encryption, PKI, and Data Loss Prevention (DLP)
  • Help ensure sensitive data is safeguarded across on-premise and cloud platforms
• Continuous Improvement & Research
  • Stay up to date with emerging threats, vulnerabilities, and regulatory changes
  • Recommend and implement proactive measures to strengthen the organization’s security posture
• Collaboration
  • Work closely with IT, legal, operations, and business stakeholders to ensure security is embedded into processes and systems
  • Support and uphold HS&E policies and procedures of NCS and the customer
  • Align individual goals with NCS corporate goals, while adhering to the NCS Promise
  • Participate in your Personal Development for Success (PDS)
• Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills and Abilities

• Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in IT security, with a focus on compliance management
• Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)
• Proven experience in managing security audits and assessments
• Expertise in risk management, vulnerability scanning tools, and incident response
• Excellent problem-solving and communication skills
• Industry certifications such as CISSP, CISM, CISA, or similar are preferred
• Experience with cloud security and multi-cloud environments
• Ability to manage complex compliance projects

Additional Information

• Status: Overtime Exempt
• Employment Classification: Full-time, Regular
• Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs
• Travel: up to 5% domestic and international travel required
• Bonus: Eligible
• Special Equipment: Cell phone and Laptop
• Criminal background check required for all positions
• Safety sensitive positions will require additional pre-employment testing

Core Competencies

• Teamwork/Collaboration – Able to work cooperatively with other individuals
• Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers
• Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach
• Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action
• Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach
• Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements
• Accountability – Obligation or willingness to be answerable for an outcome

Job Description

Job Title – Cybersecurity Analyst II

Department – Information Technology

Reports to – Sr Director IT

Location – Calgary, AB or Houston, TX

Job Summary

The Cybersecurity Analyst II will play a critical role in protecting the organization’s systems, data, and cloud environments by implementing, monitoring, and improving security controls. This position is responsible for administering and optimizing key security platforms—including SIEM, EDR, IAM, and vulnerability management—while supporting compliance with industry regulations and frameworks. The ideal candidate is a hands-on security professional who excels in threat detection, incident response, and risk reduction, and who can collaborate across IT, legal, and operations to ensure a strong security posture.

Key Areas of Responsibility

• Security Operations & Monitoring
  • Manage and maintain enterprise security tools, including SIEM, EDR, IAM, Vulnerability Management, CSPM, and cloud-native security solutions
  • Monitor alerts, investigate potential threats, and recommend or implement remediation
• Compliance & Risk Assessment
  • Support compliance initiatives aligned with SOC 2, ISO 27001, NIST, GDPR, and SOX
  • Perform risk assessments, audits, and vulnerability scans to identify and mitigate security gaps
  • Maintain security documentation and reporting for compliance tracking
• Incident Response & Threat Management
  • Contribute to the development and execution of incident response plans
  • Conduct investigations of security events and assist with containment, eradication, and recovery
  • Provide after-action reporting and recommend control improvements
• Security Policies & Awareness
  • Support the development and enforcement of security policies, standards, and procedures
  • Assist in delivering security awareness and training programs across the organization
• Cloud & Data Protection
  • Implement and monitor Cloud Security Posture Management (CSPM) to protect cloud resources
  • Support data protection initiatives including encryption, PKI, and Data Loss Prevention (DLP)
  • Help ensure sensitive data is safeguarded across on-premise and cloud platforms
• Continuous Improvement & Research
  • Stay up to date with emerging threats, vulnerabilities, and regulatory changes
  • Recommend and implement proactive measures to strengthen the organization’s security posture
• Collaboration
  • Work closely with IT, legal, operations, and business stakeholders to ensure security is embedded into processes and systems
  • Support and uphold HS&E policies and procedures of NCS and the customer
  • Align individual goals with NCS corporate goals, while adhering to the NCS Promise
  • Participate in your Personal Development for Success (PDS)
• Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills and Abilities

• Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in IT security, with a focus on compliance management
• Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)
• Proven experience in managing security audits and assessments
• Expertise in risk management, vulnerability scanning tools, and incident response
• Excellent problem-solving and communication skills
• Industry certifications such as CISSP, CISM, CISA, or similar are preferred
• Experience with cloud security and multi-cloud environments
• Ability to manage complex compliance projects

Additional Information

• Status: Overtime Exempt
• Employment Classification: Full-time, Regular
• Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs
• Travel: up to 5% domestic and international travel required
• Bonus: Eligible
• Special Equipment: Cell phone and Laptop
• Criminal background check required for all positions
• Safety sensitive positions will require additional pre-employment testing

Core Competencies

• Teamwork/Collaboration – Able to work cooperatively with other individuals
• Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers
• Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach
• Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action
• Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach
• Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements
• Accountability – Obligation or willingness to be answerable for an outcome

Job Description

Job Title – Cybersecurity Analyst II

Department – Information Technology

Reports to – Sr Director IT

Location – Calgary, AB or Houston, TX

Job Summary

The Cybersecurity Analyst II will play a critical role in protecting the organization’s systems, data, and cloud environments by implementing, monitoring, and improving security controls. This position is responsible for administering and optimizing key security platforms—including SIEM, EDR, IAM, and vulnerability management—while supporting compliance with industry regulations and frameworks. The ideal candidate is a hands-on security professional who excels in threat detection, incident response, and risk reduction, and who can collaborate across IT, legal, and operations to ensure a strong security posture.

Key Areas of Responsibility

• Security Operations & Monitoring
  • Manage and maintain enterprise security tools, including SIEM, EDR, IAM, Vulnerability Management, CSPM, and cloud-native security solutions
  • Monitor alerts, investigate potential threats, and recommend or implement remediation
• Compliance & Risk Assessment
  • Support compliance initiatives aligned with SOC 2, ISO 27001, NIST, GDPR, and SOX
  • Perform risk assessments, audits, and vulnerability scans to identify and mitigate security gaps
  • Maintain security documentation and reporting for compliance tracking
• Incident Response & Threat Management
  • Contribute to the development and execution of incident response plans
  • Conduct investigations of security events and assist with containment, eradication, and recovery
  • Provide after-action reporting and recommend control improvements
• Security Policies & Awareness
  • Support the development and enforcement of security policies, standards, and procedures
  • Assist in delivering security awareness and training programs across the organization
• Cloud & Data Protection
  • Implement and monitor Cloud Security Posture Management (CSPM) to protect cloud resources
  • Support data protection initiatives including encryption, PKI, and Data Loss Prevention (DLP)
  • Help ensure sensitive data is safeguarded across on-premise and cloud platforms
• Continuous Improvement & Research
  • Stay up to date with emerging threats, vulnerabilities, and regulatory changes
  • Recommend and implement proactive measures to strengthen the organization’s security posture
• Collaboration
  • Work closely with IT, legal, operations, and business stakeholders to ensure security is embedded into processes and systems
  • Support and uphold HS&E policies and procedures of NCS and the customer
  • Align individual goals with NCS corporate goals, while adhering to the NCS Promise
  • Participate in your Personal Development for Success (PDS)
• Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills and Abilities

• Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in IT security, with a focus on compliance management
• Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)
• Proven experience in managing security audits and assessments
• Expertise in risk management, vulnerability scanning tools, and incident response
• Excellent problem-solving and communication skills
• Industry certifications such as CISSP, CISM, CISA, or similar are preferred
• Experience with cloud security and multi-cloud environments
• Ability to manage complex compliance projects

Additional Information

• Status: Overtime Exempt
• Employment Classification: Full-time, Regular
• Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs
• Travel: up to 5% domestic and international travel required
• Bonus: Eligible
• Special Equipment: Cell phone and Laptop
• Criminal background check required for all positions
• Safety sensitive positions will require additional pre-employment testing

Core Competencies

• Teamwork/Collaboration – Able to work cooperatively with other individuals
• Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers
• Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach
• Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action
• Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach
• Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements
• Accountability – Obligation or willingness to be answerable for an outcome

Job Description

Job Title – Cybersecurity Analyst II

Department – Information Technology

Reports to – Sr Director IT

Location – Calgary, AB or Houston, TX

Job Summary

The Cybersecurity Analyst II will play a critical role in protecting the organization’s systems, data, and cloud environments by implementing, monitoring, and improving security controls. This position is responsible for administering and optimizing key security platforms—including SIEM, EDR, IAM, and vulnerability management—while supporting compliance with industry regulations and frameworks. The ideal candidate is a hands-on security professional who excels in threat detection, incident response, and risk reduction, and who can collaborate across IT, legal, and operations to ensure a strong security posture.

Key Areas of Responsibility

• Security Operations & Monitoring
  • Manage and maintain enterprise security tools, including SIEM, EDR, IAM, Vulnerability Management, CSPM, and cloud-native security solutions
  • Monitor alerts, investigate potential threats, and recommend or implement remediation
• Compliance & Risk Assessment
  • Support compliance initiatives aligned with SOC 2, ISO 27001, NIST, GDPR, and SOX
  • Perform risk assessments, audits, and vulnerability scans to identify and mitigate security gaps
  • Maintain security documentation and reporting for compliance tracking
• Incident Response & Threat Management
  • Contribute to the development and execution of incident response plans
  • Conduct investigations of security events and assist with containment, eradication, and recovery
  • Provide after-action reporting and recommend control improvements
• Security Policies & Awareness
  • Support the development and enforcement of security policies, standards, and procedures
  • Assist in delivering security awareness and training programs across the organization
• Cloud & Data Protection
  • Implement and monitor Cloud Security Posture Management (CSPM) to protect cloud resources
  • Support data protection initiatives including encryption, PKI, and Data Loss Prevention (DLP)
  • Help ensure sensitive data is safeguarded across on-premise and cloud platforms
• Continuous Improvement & Research
  • Stay up to date with emerging threats, vulnerabilities, and regulatory changes
  • Recommend and implement proactive measures to strengthen the organization’s security posture
• Collaboration
  • Work closely with IT, legal, operations, and business stakeholders to ensure security is embedded into processes and systems
  • Support and uphold HS&E policies and procedures of NCS and the customer
  • Align individual goals with NCS corporate goals, while adhering to the NCS Promise
  • Participate in your Personal Development for Success (PDS)
• Other duties, relevant to the position, shall be assigned as required

Knowledge, Skills and Abilities

• Bachelor’s degree or Master’s degree in Information Technology, Cybersecurity, or a related field
• Minimum of 5 years of experience in IT security, with a focus on compliance management
• Strong knowledge of security frameworks and compliance standards (e.g., NIST, ISO, SOC 2, SOX)
• Proven experience in managing security audits and assessments
• Expertise in risk management, vulnerability scanning tools, and incident response
• Excellent problem-solving and communication skills
• Industry certifications such as CISSP, CISM, CISA, or similar are preferred
• Experience with cloud security and multi-cloud environments
• Ability to manage complex compliance projects

Additional Information

• Status: Overtime Exempt
• Employment Classification: Full-time, Regular
• Work schedule: 5 days on, 2 days off, 8:00am – 5:00pm; and may vary dependent on business needs
• Travel: up to 5% domestic and international travel required
• Bonus: Eligible
• Special Equipment: Cell phone and Laptop
• Criminal background check required for all positions
• Safety sensitive positions will require additional pre-employment testing

Core Competencies

• Teamwork/Collaboration – Able to work cooperatively with other individuals
• Service Focus – Builds & maintains customer satisfaction and provides excellent service to internal & external customers
• Decision Making – Able to make decisions and solve problems of varied levels of complexity using logical, systematic, and sequential approach
• Ethics & Integrity – Trustworthiness and ethical behavior with consideration for impact & consequence when making decisions/taking action
• Problem Solving – Ability to approach a problem by using a logical, systematic, sequential approach
• Continuous Improvement – Ongoing improvement of products, services, or processes through incremental & breakthrough improvements
• Accountability – Obligation or willingness to be answerable for an outcome

Job Description

Position Overview

We are seeking a skilled Cybersecurity Analyst to monitor, detect, and respond to security threats across our IT and cloud environments. The ideal candidate will have expertise in threat analysis, incident response, vulnerability management, and security monitoring. This role requires strong technical skills, attention to detail, and the ability to work in a fast-paced security operations environment.

• Monitor and analyze security events, logs, and alerts using SIEM and monitoring tools.

• Detect, investigate, and respond to cybersecurity incidents and breaches .

• Conduct threat analysis, malware analysis, and digital forensics when needed.

• Perform vulnerability scans and risk assessments , recommending remediation measures.

• Maintain and improve security incident response plans and playbooks .

• Support patch management and system hardening efforts .

• Collaborate with IT and DevOps teams to ensure secure system and application configurations .

• Monitor and enforce compliance with security policies, standards, and regulatory requirements .

• Provide security awareness training and guidance to employees.

• Stay current with emerging cyber threats, attack techniques, and defense technologies .

• Bachelors degree in Cybersecurity, Computer Science, or related field.

• 2 - 4 years of experience in cybersecurity, SOC operations, or information security.

• Knowledge of threat detection, incident response, and vulnerability management .

• Experience with SIEM platforms (Splunk, QRadar, ELK, Microsoft Sentinel, etc.).

• Familiarity with firewalls, IDS/IPS, EDR, and endpoint security tools .

• Basic understanding of cloud security (AWS, Azure, GCP) .

• Strong knowledge of network protocols, operating systems, and common attack vectors .

• Excellent analytical, problem-solving, and communication skills.

• Security certifications such as:

  • CompTIA Security+

  • Certified Ethical Hacker (CEH)

  • GIAC Certified Incident Handler (GCIH)

  • Certified Information Systems Security Professional (CISSP) (plus).

• Hands-on experience with forensics tools, threat intelligence platforms, and SOAR .

• Familiarity with regulatory frameworks (ISO 27001, NIST, GDPR, PCI-DSS, HIPAA).

• Competitive salary and performance-based bonuses.

• Comprehensive health, dental, and vision insurance.

• Training and certification support.

• Flexible work arrangements (onsite, hybrid, or remote).

• Opportunity to work on advanced cybersecurity challenges and career progression paths.

Job Description

Company Description

ISAAC partners with North American fleets to provide a user-friendly solution that simplifies trucking. Focused 100% on the trucking industry, we help carriers overcome challenges, while boosting driver happiness. With proven system reliability and system integration capabilities driven by our open platform, our solution helps your drivers and back-office team work smoothly.

For more information, visit

Become a key player in cybersecurity at ISAAC! As a Cybersecurity Analyst, you play a crucial role in protecting ISAAC's information technology infrastructure. Your main mission is to proactively identify and mitigate security threats and vulnerabilities, ensuring the protection of data and systems. This role requires vigilant and effective responses to security incidents, compliance with regulatory and normative standards, and the promotion of security awareness and resilience among all colleagues.

Responsibilities

• Identify potential threats and vulnerabilities within ISAAC's IT infrastructure through continuous monitoring
• Conduct regular vulnerability assessments to detect weaknesses and deploy patches.
• Stay updated on the latest security threats and trends
• Quickly contain and mitigate the impact of detected breaches or threats
• Analyze the causes of incidents and restore affected systems while preventing future events
• Document and report incidents comprehensively
• Ensure ISAAC's IT practices comply with regulatory standards
• Participate in security audits to address compliance gaps
• Align security strategies with legal and regulatory standards
• Implement and manage security measures such as encryption, access controls, and firewalls to protect data integrity, confidentiality, and availability
• Develop and enforce data protection policies and procedures
• Monitor network traffic for unusual activities and respond to threats
• Perform regular backups and ensure their secure storage
• Collaborate with IT teams to integrate security protocols into system architectures and workflows
• Review and verify access logs to detect unauthorized access or anomalies
• Develop and offer security training and awareness programs to educate colleagues on best security practices, phishing threats, and safe online behaviors
• Participate in the evaluation and recommendation of security products and technologies that enhance the organization's security posture.

• College or university degree in computer science
• Minimum of 5 years of equivalent work experience
• Bilingual (Reason: Multilingual internal clientele, no role duplication)
• One or more of the following certifications or equivalent: CISSP; CISA; CompTIA Security+; ITIL
• Experience in managing various security tools and processes:
  • SIEM
  • Incident detection and response
  • SOC management
  • Security processes and procedures
  • Vulnerability management
  • Endpoint protection
  • DLP deployment (MS Purview)
  • Network and cloud security (firewalls, IDS/IPS)
• Experience with ISO 27001 or SOC audits
• Experience in conducting or supervising penetration tests
• Good understanding of IP, TCP/IP, and other network administration protocols
• Good understanding of Windows Server, VMware, HyperV, and related technologies
• Practical knowledge of ITIL.

Conditions

• Available to work occasionally in the evenings and weekends.

Collaborators are at the center of ISAAC’s interests and values. This explains the numerous benefits of working at ISAAC, namely:

• varied career opportunities
• a stimulating work environment focused on innovation
• enthusiastic and collaborative teams
• competitive salaries and benefits promoting work-life balance: a complete group insurance plan, group RRSP, an EAP, flexible hours, 4 weeks of vacation, etc.
• various social activities and free snacks and coffee every day.

Job Description

Next Horizon is here. Fueled by investments in talent and technology, our bold strategy to transform is nearly complete.

At Gore Mutual, we've always set ourselves apart as a modern mutual that does good. Now, we're proudly building on that legacy to transform our company—and our industry—for the better.

Our path forward sharpens our focus on business performance, driven by leading technology, innovation and an agile, high-performing culture. With Gore Mutual and Beneva announcing their intent to merge in 2026, we'll be uniting two well-established, financially strong, and trusted brands to become the strongest mutual insurer in Canada, ensuring Canadians have purpose-driven insurance options for generations to come. Come join us.

Cybersecurity Compliance Analyst

The Cybersecurity Compliance Analyst will be responsible for identifying, assessing, and monitoring Internal IT systems and vendor solutions for security misconfigurations, vulnerabilities and policy violations related to server and network infrastructure, desktop, virtual and cloud environments, applications and code. The candidate will work closely with internal departments and 3rd parties to ensure the confidentiality, integrity, and availability of company systems and data.

What will you do?

Monitor IT systems for compliance with security policy.

Review internal security policy to ensure alignment with industry standards and frameworks such as NIST & CIS.

Maintain documented security policies, standards, and procedures.

Perform internal compliance assessments against standards such as the PCI-DSS and regulatory entities such as OSFI and PIPEDA

Conduct security assessments of third parties.

Review vendor security controls and certifications.

Monitor third-party data breaches or cyber threats.

Advise on remediation plans for security gaps identified in third-party systems.

Liaise with the ERM Team to ensure alignment with the 3rd Party Risk Framework

Discovery of internal and external IT Systems

Proactively scan, identify, and assess vulnerabilities in servers, network devices, desktops, and cloud platforms.

Monitor external sources for the latest security advisories and trends.

Prioritizing vulnerabilities based on risk and potential impact.

Drive internal and external stakeholder engagements to ensure timely remediation of vulnerabilities

Identify, update and maintain cybersecurity metrics, KPIs and KRIs.

Clearly communicate findings, risks, and recommended mitigation measures to both technical and non-technical stakeholders

Collaborate with IT and other teams to integrate security throughout the infrastructure.

Provide training and guidance on best security practices related to vulnerabilities.

What will you need to succeed?

• Post Secondary diploma or degree
• 1-3 years of relevant work experience
• Information Security experience in regulated industry like Financial Services/ Insurance.
• Experience with Information Security standards and frameworks such as PCI-DSS and NIST CSF
• Exposure to Business Risk Management principles and procedures
• Technical experience in operating and interpreting reports for mainstream security scanning and detection tools
• Proven ability to recognize and respond to serious situations and initiate issue escalation
• Vulnerability Assessment Tools: Knowledge of tools such as Nessus, Prisma and Snyk.
• Network Protocols: Good understanding of TCP/IP, UDP, ICMP, and other network protocols.
• Operating Systems: Knowledge of various OS including Windows, Linux/Unix, and MacOS, as well as their associated vulnerabilities and hardening techniques.
• Exposure to Cloud platforms in a security capacity
• Governance Risk and Compliance: Knowledge of security frameworks and standards such as NIST CSF, PCI-DSS, and CIS benchmarks.
• Scripting/Programming: Ability to use scripting languages like Python, Bash, or PowerShell for automation, data analysis, and integration tasks will be an added advantage.
• Analytical Thinking: Ability to analyze complex security issues and deduce the potential impacts and appropriate remediation steps.

Please note that this role operates in a hybrid environment, with one day a week expected in our Cambridge, Ontario office or Toronto, Ontario office.

#LI-HYB #INDHP

#LI-HYB
#INDHP

Accessibility for applicants

Gore Mutual Insurance Company is committed to providing accommodations for people with disabilities during all phases of the recruiting process, including the application process.

If you require accommodation because of a disability, we will work with you to meet your needs. Contact us and a human resources representative will consult with you to determine an appropriate accommodation.

Should you request an accommodation during the interview process, please notify your Talent Acquisition Consultant.

The Business Analyst acts as an intermediary between the partner and the Information Systems and Technologies (Cybersecurity Operations, Governance, Risks and Compliance) department, analyzing the organization’s business requirements before launching IT projects and helping clients prepare project rationale.

The Business Analyst’s main responsibilities are to identify, define, analyze and document the business requirements of the organization. The Business Analyst turns these requirements into goals for project or improvement requests. Together with the architects, the Delivery Team and Business Leaders, the Business Analyst turns their analyses into visual diagrams, technical process flows, and technical documentation while maintaining technical knowledge management by adapting to changes. The Business Analyst also ensures that solutions comply with customer requirements.

The successful candidate has excellent communication skills, in-depth technical knowledge of cybersecurity and strategic business judgment. The successful candidate will work closely with partners, the development team and department managers. The Business Analyst participates in the full implementation cycle of IT solutions and provides ongoing support to clients from development to implementation.

YOU’LL HAVE THE OPPORTUNITY TO:

• Analyze and model the business sector (infrastructure, network and cybersecurity) and the processes under its jurisdiction.

• Help the project delivery manager to identify and define opportunities, assess them through preliminary analysis and manage various client portfolios.

• Provide support to partners by defining, justifying and documenting the business requirements of the organization.

• Determine and control business requirements using various information-gathering techniques that allow partners to formulate their needs.

• Prioritize and manage requirements to facilitate the implementation of solutions.

• Communicate and present concrete solutions by using online collaborative platforms.

• Provide advice and support to partners to enable them to improve and innovate.

• Maximize achievements and strengthen team expertise by mentoring members with less experience.

• Help define essential business analysis methods, processes and tools.

• Contribute to quality controls by performing tests or structured checks.

• Assist users during acceptance testing.

• Contribute to the OCM.
  

YOU’LL THRIVE IN THIS ROLE IF YOU HAVE THE FOLLOWING SKILLS AND QUALITIES:

• A bachelor’s degree in computer science or a related field; mastery would be an asset.

• At least five years of experience in Cybersecurity.

• Knowledge of the business world with the ability to communicate at all levels.

• A demonstrated ability to identify and formulate business requirements and convert them into use cases, case studies or test scenarios.

• In-depth knowledge and solid experience in the implementation of administrative systems.

• The ability to assess costs, risks and profitability of IT projects.

• Proficiency in the Microsoft environment and Microsoft Office tools as well as the Google suite.

• Proven skills in customer relationship management and customer service.

• IIBA, PMI-PBA, CISA, CISM and CISSP certification would be an asset.

• Knowledge of infrastructure, network and cybersecurity, Microsoft 365, Cloud.

• An excellent ability to communicate visually and write technical documentation through collaboration solutions.

• Solid problem-solving skills and demonstrated curiosity about technological solutions.

• Strong analytical and information processing skills.

• The ability to influence, challenge, persuade and initiate change.

• The ability to set priorities and perform tasks in a fast-paced environment.

• An extensive background in a collaborative, team-run environment.

• Good judgment and discretion in dealing with sensitive situations.

• Excellent interpersonal and oral/written communication skills.

• Fluency in spoken and written French and English.

• Demonstrated strong leadership, and Agile savvy would be major assets.

ACKNOWLEDGING THE POWER OF DIVERSITY

BRP is dedicated to nurturing a culture that invites, connects, and propels the ambitions of people of all backgrounds, profiles, beliefs and experiences. Ultimately, the diversity and uniqueness of our people fuel our ingenuity and set the course for the path ahead!

For this reason, we value diversity and we strive to always push each other forward to build an inclusive workplace where every employee feels like they belong, where they can grow and find meaning.

AT BRP, WHEN WE TALK ABOUT BENEFITS, WE GO ALL IN.

Let’s start with a strong foundation - You want it, we have it:

• Annual bonus based on the company’s financial results
• Generous paid time away
• Pension plan
• Collective saving opportunities
• Industry leading healthcare fully paid by BRP
  

What about some feel good perks:

• Flexible work schedule
• A summer schedule that varies by department and location
• Holiday season shutdown
• Educational resources
• Discount on BRP products
  

WELCOME TO BRP

We’re a world leader in recreational vehicles and boats, creating innovative ways to move on snow, water, asphalt, dirt and even in the air. Headquartered in the Canadian town of Valcourt, Quebec, our company is rooted in a spirit of ingenuity and intense customer focus. Today, we operate manufacturing facilities in Canada, the United States, Mexico, Finland, Australia and Austria, with a workforce made up of close to 20,000 spirited people, all driven by the deeply held belief that at work, as with life itself, it’s not about the destination: It’s about the journey.

#LI-Hybrid

#LI-GB1