106 Threat Detection jobs in Canada

Job Description

Description

At ActiveState, we're dedicated to helping DevOps, InfoSec, and Development teams improve their security and get secure applications to market faster. We're the only solution that offers Intelligent Remediation, a process that helps organizations prioritize vulnerabilities, assess the impact of updates, and quickly get fixes into production.

We're looking for an Information Security Analyst to join our team. This is a great opportunity for a hands-on individual who is eager to learn and grow in the information security field. You'll play a crucial role in supporting our security program by assisting with the development, implementation, and maintenance of policies and controls that protect our systems and assets.

This is a unique opportunity to contribute to security research that will directly influence our products and help protect millions of developers worldwide.

• 
  You're focused on our customers —Developers and DevOps Engineers. You understand that your role is to help solve their problems.
• You're passionate about open source and want to learn more about the communities that build the software we all rely on.
• You're a problem-solver. You enjoy finding the best approach to a challenge, thinking about customer issues, not just the technology itself.
• You're a great communicator. You can explain technical topics clearly and concisely to help others understand what needs to be done.
• You have good judgment. You're learning to prioritize tasks and understand which problems need immediate attention and which can wait.
• You're a collaborator. You work well with others across different teams like Research, Product, and Engineering.
• You're enthusiastic about our mission and want to help our platform become a global success.
  
  

• Assist in managing the cross-functional InfoSec Squad to maintain and enhance compliance management and continually monitoring, assessing and strengthening ActiveState’s security posture.
• Collaborate with Product, Engineering, and Business teams to embed security into systems and processes, ensuring compliance with secure development frameworks and driving continuous security improvements.
• Assist in implementing and maintaining information security policies, standards and  guidelines for data governance, privacy, and access controls and leading audits as required.
• Assist in the maintaining SOC 2 Type 2 compliance and achievement of additional certifications, ensuring alignment with evolving industry regulations and frameworks (e.g., ISO 27001, NIST, GDPR, HIPAA, PCI-DSS), while staying ahead of evolving standards, and continuously strengthening the overall security posture.
• Assist in risk assessments, vulnerability management, and incident response, including 24/7 monitoring, alert triage, initial investigations, and maintaining detailed records of these along with remediation efforts.
• Facilitate and support the execution of SAST, DAST, penetration testing, and other industry-leading security assessments to achieve organizational security objectives.
• Support the evaluation and management of third-party vendors to ensure they meet compliance and certification requirements.
• Coordinate and support security awareness and training programs to strengthen the security culture across the organization.
• Coordinate responding to security questionnaires with internal and external parties.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Contribute to security reporting and metrics to inform leadership decisions and drive continuous improvement efforts.
• Assist in configuring and maintaining security tools and systems, such as SIEM platforms and endpoint protection solutions, to ensure optimal performance and coverage.
• Perform daily review of CVEs and other vulnerability data related to our product offerings and produce the reports required for our teams to action them, including VEX documents, risk register, etc.
  
  

• Bachelor’s degree in Computer Science/Information Technology, or equivalent through specialized coursework and/or training.
• Recent graduate in relevant field up to 3 years experience or demonstrated knowledge of infosec frameworks and methodologies in information security, with a desire to learn about security research.
• Currently pursuing or have obtained a relevant security certification (e.g., CompTIA Security+, CEH) 
• Basic understanding of the software development lifecycle (SDLC), including concepts like CI/CD pipelines.
• Familiarity with GDPR is a plus
• Experience with SOC II is a plus
• Knowledge of theory and principles within a professional IT discipline and basic cybersecurity practices (e.g. Familiarity with industry standards such as ITIL).
• A foundational understanding of IT and cloud environments.
• An eagerness to learn how to translate technical security risks into business impact.
• Interest in or some experience with scripting and programming (Python is a plus).
• Good written and verbal communication skills.
• A genuine passion for open-source software and a commitment to security.
• The ability to work independently and manage your time effectively.
  
  

• A competitive salary and comprehensive benefits.
• A remote-first culture with a focus on work-life balance and flexibility.
• The opportunity to work on a mission-driven product that has a meaningful impact on the global software ecosystem.
• A collaborative and innovative environment with a team of passionate and talented individuals.

Nous bâtissons une banque axée sur les relations pour un monde moderne. Nous recrutons des professionnels talentueux et passionnés qui ont à cœur de faire ce qu’il faut pour nos clients. 

À la Banque CIBC, nous misons sur vos forces et vos ambitions pour vous donner le pouvoir d’agir. Les membres de notre équipe disposent de ce dont ils ont besoin pour apporter une contribution significative et être valorisés, à la fois pour ce qu’ils sont et ce qu’ils font. 

Pour en savoir plus sur la Banque CIBC, visitez le site .

Aucun renseignement au sujet de ce profil d’emploi n’est actuellement disponible. Pour en savoir davantage au sujet de ce profil d’emploi, n’hésitez pas à communiquer avec votre partenaire d’affaires, Ressources humaines.

Si vous êtes un gestionnaire embauchant pour ce poste, vous pouvez inclure les renseignements pour votre affichage de poste ici. Pour en savoir plus sur la façon de créer une demande de personnel, rendez-vous sur le site CIBC et moi.

Ce que la Banque CIBC vous offre

À la Banque CIBC, vos objectifs sont une priorité. En fonction de vos forces et de vos ambitions en tant qu’employé, nous nous efforçons de créer des occasions qui vous permettront d’exploiter votre potentiel. Notre objectif est de vous offrir une carrière, pas uniquement un chèque de paie.

* Sous réserve des modalités du régime et du programme

Ce que vous devez savoir

Lieu de travail

Type d’emploi

Heures de travail hebdomadaires

Compétences

Work Location:
Toronto, Ontario, Canada

Hours
37.5

Line Of Business
Technology Solutions

Pay Details
$91,200 - $136,800 CAD

TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.

As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.

Job Description
Job Summary:
The Senior Information security analyst is responsible for identifying, assessing, prioritizing, and coordinating responses to security vulnerabilities within the organization's systems, applications, and networks. This role requires a deep understanding of vulnerability management, risk assessment, and cross-functional collaboration to ensure timely remediation and alignment with organizational security objectives.

Key Responsibilities
Vulnerability Management and Triage:

• Oversee the end-to-end vulnerability triage process, including identification, assessment, prioritization, and tracking.
• Develop and maintain a triage framework that balances risk levels, exploitability, and business impact.
• Analyze vulnerability reports from various sources (e.g., scanners, penetration tests, threat intelligence) to determine criticality.
• Ensure vulnerabilities are accurately classified and assigned to the appropriate teams for remediation.

Collaboration And Coordination

• Work closely with system owners, application teams, DevOps, and IT infrastructure to drive vulnerability remediation.
• Act as a liaison between technical teams and business stakeholders to communicate risk and remediation priorities effectively.
• Collaborate with threat intelligence teams to assess the real-world impact of vulnerabilities.

Risk Assessment And Prioritization

• Develop and maintain a risk-based approach to prioritize vulnerabilities based on business context, likelihood of exploitation, and potential impact.
• Establish timelines for remediation based on severity and compliance requirements.

Process Improvement

• Implement and optimize workflows for vulnerability triage and reporting.
• Continuously review and refine vulnerability management policies, processes, and tools.
• Stay updated on evolving industry best practices and emerging threats

Reporting And Metrics

• Define and track key performance indicators (KPIs) for vulnerability management, such as mean time to remediate (MTTR) and vulnerability closure rates.
• Create regular reports on vulnerability status and risk posture for executive leadership and technical teams.

Leadership And Team Management

• Manage and mentor the vulnerability triage team, ensuring high performance and professional growth.
• Provide training and guidance to enhance the team's technical expertise and analytical skills.
• Foster a culture of security awareness and proactive risk management across the organization.

Container Security

• Provide technical expertise and oversight for container scanning, container vulnerability prioritization, and remediation.
• Be a lead contributor to enterprise-level initiatives pertaining to container security and risk remediation.
• Effectively communicate critical vulnerabilities, their impacts, associated risk, and remediation priorities to cross-functional leadership teams.
• Help build and enforce technology controls, along with container security standards to ensure best practices are followed, when building and deploying application containers.
• Influence behavior to reduce risk and foster a strong technology risk management culture throughout the bank.

Qualifications
Education: Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent experience).

Experience

• 5+ years of experience in vulnerability management, security operations, or related fields.
• 2+ years of experience in a leadership or management role

Technical Skills

• Expertise in vulnerability scanning tools (e.g., Qualys, Nessus, Rapid7).
• Knowledge of CVSS (Common Vulnerability Scoring System) and threat modeling.
• Strong understanding of operating systems, cloud platforms, networks, and application security.
• Familiarity with compliance frameworks (e.g., ISO 27001, NIST, PCI-DSS).
• Soft Skills:
• Strong analytical and problem-solving skills.
• Excellent verbal and written communication skills, with the ability to present technical information to non-technical audiences.
• Proven ability to manage multiple priorities and work under tight deadlines.

Preferred Qualifications

• Certifications such as CISSP, CISM, CEH, or GIAC.
• Experience with threat intelligence platforms and integration.
• Familiarity with automation tools and scripting languages (e.g., Python, PowerShell).

Who We Are
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.

TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing – and so will you.

Our Total Rewards Package
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more

Additional Information
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.

Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.

Colleague Development
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we're committed to helping you identify opportunities that support your goals.

Training & Onboarding
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.

Interview Process
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.

We look forward to hearing from you

Language Requirement (Quebec Only)
Sans Objet