68 Vulnerability Management jobs in Canada

Job Description

Why FirstOntario?

FirstOntario Credit Union is one of the largest credit unions in Ontario. We are a trusted co-operative financial intuition dedicated to providing competitive banking products and services and a quality Member service. More than 118,000 Ontarians choose FirstOntario for their financial needs - from chequing and savings accounts to loans and mortgages and highly qualified investment advice. Our Membership does more than save you money on fees, it also makes you an Owner. At FirstOntario, we believe the best way to ensure our success is by supporting the communities we serve. That's why our policies include volunteering our time, talent and resources to worthy local causes and events. It's also why we reinvest our profits in the same places they're earned, and why we sponsor programs that promote financial literacy and economic development.

Job Overview
The IT Security Analyst performs two core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions while the second is the identification, investigation and resolution of security events detected by those systems. Secondary tasks may include involvement in the implementation of new security solutions, participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The IT Security Analyst is expected to monitor computer networks and systems for security issues, and document any security issues or breaches, in line with the enterprise's security goals as established by FirstOntario's policies, procedures and guidelines and to actively work towards upholding those goals.

Role

• Participate in the planning and design of enterprise security architecture, under the direction of the Manager of IT Security.
• Create enterprise security documents (reports, baselines, guidelines and procedures) as required.
• Participate in the execution of an enterprise Business Continuity Plan and Disaster Recovery Plan.
• Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, new or revised security best practices and standards, and the latest attacks and threat vectors.
• Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
• Deploy, integrate and configure all new security solutions and any enhancements to existing security solutions in accordance with standard best practices generally and the enterprise's security documents specifically.
• Maintain up-to-date security baselines for the secure configuration and operations of assets, whether they are under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Monitor all assets for compliance with security baselines, security documents, and enterprise policies.
• Maintain operational configurations of all security solutions as per the established baselines.
• Monitor all security solutions for efficient and appropriate operations.
• Review logs and reports of all assets, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
• Interpret the implications of that activity and devise plans for appropriate resolution.
• Investigate problematic activity and report the findings to the Manager of IT Security.
• Participate in the design and execution of penetration tests and security audits.
• Design, and execute vulnerability assessments and discuss resolution planning with appropriate stakeholders
• Provide on-call support for end users for all security solutions (ex. Blocked email).
• Monitor for IT and Security policy violation(s) and recommend corrective action(s).
• Participate in IT GRC and data governance activities to ensure accurate and valuable KPI/KRI data for reporting
• Monitor, Maintain, and respond to alerts of Physical Security solutions such as Camera System and Physical Access Control
• Execute and continuously improve quarterly programs and audits such as Security Awareness Training, Access and Permission Audit, User Account audit, etc.
• Perform other duties are required.

Required Skills

• College diploma or university degree in the field of computer science and at least 4-6 years of experience in an IT related role.
• One or more of the following or equivalent Security certification:
  • CompTIA Security+
  • GIAC Information Security Professional (GISP)
  • Microsoft Certified: Security Operations Analyst Associate
  • CAP, CISA, CCFP
  • Associate of (ISC)2
• Experience with SEIM, Firewalls & data classification
• Experience with endpoint detection and response (EDR), CASB, IDPS and other security technologies.
• Demonstrated knowledge of security frameworks and standards such as MITRE, CIS, NIST, PCI, COBIT and ISO 27001.
• Experience with Varonis is an asset.
• Knowledge of VMware vSphere, vCenter and ESXI is an asset.
• Working technical knowledge of system vulnerability scanning and remediation.
• Strong understanding of OSI Model, IP, TCP/IP, and other network administration protocols.
• Strong understanding of Windows and Linux operating systems.
• Familiarity with core banking system related security.
• Proven analytical and problem-solving abilities.
• Ability to effectively prioritize and execute tasks in a high-pressure environment.
• Ability to conduct research into IT security issues and products as required.
• Ability to present ideas in a business-friendly and user-friendly language.
• Strong written and verbal communication skills
• Team-oriented and skilled in working within a collaborative environment.
• Lifting and transporting moderately heavy objects, such as computers and peripherals.
• Valid Driver's license and ability to travel to branch location as required.

Story

Our emphasis on service means we're constantly searching for new team members whose dedication to helping people is as powerful as their ambition to succeed. We're committed to providing professional development, and to extending employee activities beyond day-to-day operations to support the communities where we're located. Our people are the difference, it's a part of why we love coming to work.

FirstOntario is proud and privileged to be able to assist and touch the lives of so many in our communities.

• We believe giving back to our communities helps everyone.
• We believe in volunteering, active community support and participation.
• We believe in investing our profits back into the credit union and the community.
• We believe in finding solutions to help our Members and communities.

If this sparks your interest and you demonstrate high levels of integrity and credibility, we should talk. Check out our website for the full job description and prepare your cover letter and resume listing your experience, qualifications, and submit it online through our careers page on the company website.

We appreciate all who express interest; however, only those selected for an interview will be contacted. No phone calls please.

FirstOntario Credit Union will provide accommodations for persons with disabilities, where needed, to support their participation in our recruitment process.

Job Description

Key Responsibilities:

As a Network Security Analyst , your responsibilities could include, but are not limited to:

• Reviewing, analyzing, and applying internet security protocols such as SSL , S-HTTP , S-MIME , IPSec , SSH

• TCP/IP , UDP , DNS , SMTP , SNMP

• Approved GC Cryptographic Algorithms

• Directory Standards such as X.400 , X.500 , and SMTP

• Networking protocols (for example, HTTP , FTP , Telnet )

• Network hardening (e.g., shell scripting, service identification)

• Implementing technical IT security safeguards and utilizing IT security tools and techniques

• Working with operating systems such as MS , Unix , Linux , and Novell

• Managing intrusion detection systems and firewalls

• Handling network routers , multiplexers , and switches

• Wireless technology security

• Analyzing security data and providing advisories and reports

• Conducting impact analysis for new software implementations, major configuration changes, and patch management

• Developing proof-of-concept models and trials for IT security

• Designing/developing IT security protocols

• Identifying and analyzing technical threats to and vulnerabilities of networks

• Analyzing IT security tools and techniques

• Supporting authorization and authentication in both physical and logical environments

• Preparing tailored IT security alerts and advisories from open and closed sources

• Completing tasks related to supporting the departmental IT security and cyber protection program

• Developing and delivering training material relevant to the resource category

• Level 1: Less than 5 years of experience

• Level 2: 5 to less than 10 years of experience

• Level 3: 10 or more years of experience

Please include any certifications , industry knowledge , and technologies you have worked with in your application.

Follow us on LinkedIn to explore more opportunities!

Job Description

Salary:

VistaVu Solutions is an employee-owned tech company on a high growth curve. We deliver full lifecycle ERP implementations, transformation projects, and responsive support through our partnerships with SAP S/4Hana Cloud, SAP Business One, SAP Business ByDesign, Boomi, and Amazon Web Services to mid-market companies in a broad range of industries primarily within the United States and Canada. Our industry specific expertise, product extensions, and award-winning services help our customers
RUN GREAT!

Its our people that make VistaVu unique and different from other technology solution providers. We are intelligent, caring, driven and committed to the vision. We advocate for our customers and earn their trust by understanding their business, using proven processes to serve their needs, and delivering a high return on investment. Our core values shape our culture, define our character, and guide how to make decisions across every level of our organization.

Our Core Values

Results: You want to work in a company based on meritocracy where your results determine your trajectory (not time served).

Trust: When your manager gives you something you use your critical thinking and proactive mindset to find a way to get it done and done well.

User Experience: You appreciate what good customer experience looks like and are driven to consistently go above and beyond for the customer.

Embrace Change: You thrive within a dynamic and evolving organization.

Growth: You are consistently investing into and upgrading your skills and experiences.

Gratitude: You want to feel appreciated, and you look to say thank you loudly and often to others on the team.

The Opportunity

The IT Security Analyst will provide protection against cyber threats, ensure compliance with regulations, and manage information security risks. They are responsible for developing incident response strategies, promoting security awareness among employees, and maintaining the organizations security infrastructure. This role acts as an internal advisor for integrating security into business operations, contributing to business continuity and disaster recovery planning. Their expertise is essential for safeguarding sensitive data and maintaining trust with stakeholders.

How do you know you are a fit?

• Have a get-it-done attitude.
• Easily adapt to changing environment and priorities.
• Collaboratively work within a supportive team/environment.
• Leverage creative thinking first approach.
• Manage your time effectively.
• Staying current on latest technologies.
• Keen attention to detail and proactive mindset.

What will you be doing?

General

• Identify opportunities for process improvement and automation to enhance integration efficiency and reduce manual effort.
• Keep up to date with emerging security technology and best practices and making recommendations for their adoption where appropriate.
• Develop and maintain documentation, including technical specifications, deployment guides and operational procedures.
• Ensure the solutions are scalable, flexible, and maintainable, and can support changing business needs.
• Identifying, assessing, and prioritizing risk to ensure a proactive approach to potential threats.
• Collaborate across the organization to integrate security measures seamlessly into all relevant business processes.

Threat Assessment and Monitoring

• Continually monitor networks and systems for security breaches using tools like intrusion detection systems.
• Analyze security alerts and logs to identify and assess potential threats.
• Keep abreast of the latest cybersecurity threats and vulnerabilities.
• Leverage advanced tooling like AI and machine learning for TDR

Implementation of Security Measures

• Install, configure, and update security software (firewalls, antivirus, etc.) to protect information assets.
• Develop and implement security standards and policies to safeguard digital data.
• Conduct vulnerability assessments and penetration tests to identify security weaknesses.

Incident Response

• Lead the investigation and resolution of security breaches and cyber attacks.
• Contain and mitigate the impact of security incidents and recover compromised data.
• Document incidents and their resolutions and conduct post-incident analysis for continuous improvement.

Security Audits and Compliance

• Perform regular security audits to evaluate the effectiveness of existing security measures.
• Ensure compliance with relevant legal and regulatory requirements related to information security.
• Identify security gaps and recommend improvements to meet security standards and regulations.

Awareness and Training

• Conduct security awareness training and disseminate security best practices to employees.
• Develop and communicate security policies and procedures across the organization.
• Advise on security enhancements and preventive measures to staff and management.

What experience do you need?

• Required: 6+ Years of related experience
• Required: Minimum 2 years post-secondary education with a focus on systems and security. Undergraduate is preferred.
• Required: Microsoft certifications (Azure, Security, Intune, etc.)
• Required: Professional Security Certification (CISSP, CISM, etc.)
• Experience with Microsofts Cloud Platform (Identity Management, Security, SIEM)
• Experience developing and implementing security policies.
• Experience in managing incident responses.
• Experience with vulnerability assessments, penetration testing, and security auditing tools
• Experience in performing security audits of processes and systems
• Strong analytical skills essential for evaluating security threats and vulnerabilities, and for conducting detailed risk assessments.
• Proficient in security technologies and practices, with expertise in firewalls, intrusion detection systems, encryption, and anti-virus software, to safeguard information assets.
• In-depth knowledge of network and system security protocols, including TCP/IP, DNS, HTTP/HTTPS, and experience with operating systems like Windows, Linux, and UNIX.
• Experience in identifying and mitigating vulnerabilities through regular security audits, penetration testing, and vulnerability assessments.
• Excellent communication skills necessary for drafting security documentation, reporting on incidents, and advising stakeholders on security best practices and influencing the organizations behavior.
• Ability to manage and respond to security incidents effectively, including the capacity to lead incident response teams and coordinate recovery efforts.
• Strong organizational skills to prioritize tasks, manage security projects, and implement security measures within agreed timelines.
• A commitment to continuous learning and staying current with the latest cybersecurity trends, threats, and technologies.
• Demonstrated ability to work collaboratively with IT teams and other departments to promote a culture of security awareness and compliance throughout the organization.
• Flexibility and adaptability to respond to new threats and adopt emerging security solutions and practices.
• Willingness to work on a hybrid in office model

Whats in it for you?

• Influence the financial management, structure and direction of our rapidly growing mid-market business.
• Ownership through our Employee Share Option Program where you will have an integral role of influencing and contributing to the company success.
• Competitive remuneration
  • Flexible Health and wellness spending account.
  • Bonus program.
  • STD, LTD, Life and Critical Illness benefit program.
• Work with great people in an environment where we live our core values.
• Growth as we provide you challenges and opportunities to advance your career development and training.

At VistaVu Solutions, we are committed to an inclusive and equitable workforce that values, represents and supports the communities in which we work and live. We welcome people from all backgrounds, ethnicities, cultures, and experiences and are committed to maintaining a respectful work environment that also supports the diverse needs of our employees. We encourage applications from all individuals including those who are Indigenous, members of visible minority groups, of varied abilities, persons of any sexual orientation or gender identity and expression, as well as with any other dimension of diversity.

VistaVu will make reasonable accommodations for qualified applicants who would require accommodation in applying for this role or throughout our hiring process unless undue hardship would result. Any applicant who requires accommodation should contact VistaVu's hiring team The applicant should advise VistaVu what accommodations they need to participate in the process.

Inclusion without Exception

Tata Consultancy Services (TCS) is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity, and sexual orientation, to create a workforce that reflects the societies we operate in. Our continued commitment to Culture and Diversity is reflected in our people stories across our workforce and implemented through equitable workplace policies and processes.

About TCS

TCS is an IT services, consulting, and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 55 years. Its consulting-led, cognitive-powered portfolio of business, technology, and engineering services and solutions is delivered through its unique Location Independent Agile™ delivery model, recognized as a benchmark of excellence in software development. A part of the Tata group, India's largest multinational business group, TCS operates in 55 countries and employs over 607,000 highly skilled individuals, including more than 10,000 in Canada. The company generated consolidated revenues of US $30 billion in the fiscal year ended March 31, 2025, and is listed on the BSE and the NSE in India. TCS' proactive stance on climate change and award-winning work with communities across the world have earned it a place in leading sustainability indices such as the MSCI Global Sustainability Index and the FTSE4Good Emerging Index.

Skills Required:

Holds an active cybersecurity certification, such as CISSP, OSCP, etc.

• Experience working in an enterprise IT environment, including primary focus in Cybersecurity (network security).

• Demonstrable expertise in network & cyber security, including hands -on experience with Proxy,

Firewalls, Wireshark, CDN technology, SIEM, NGIPS, etc.

• Practical knowledge of web proxy security policy administration, management and design. Having

experience with WSS or ProxySG would be a huge advantage

• Knowledge of gateway security threats with an understanding of preventative

technologies/controls.

• Awareness and use of security and privacy concepts (e.g. international and industry standards,

legal and regulatory constraints, etc).

• Good, practical knowledge of general information technology including topics such as operating

systems (Windows, UNIX, etc) and networking technologies.

• Experience with gateway security technologies; security and inf rastructure operations.

• Possesses strong knowledge of DDOS attacks and remediation measures, networking

fundamentals including IP addressing, OSI layers, routers, and switches, as well as network -

related threats, attacks, and the protocols used to prevent them

• Demonstrated ability to contribute and establish ef fective working relationships and collaborative

work approaches with both internal and external peers.

• Ability to ef fectively inf luence without authority

• Outstanding communication, analytical, problem solving, and project management skills

• Deep technical skills, knowledge of network protocols and network communication principles,

understanding of vulnerabilities and remediation techniques.

• Experience with craf ting incident response plans and playbook.

• Good interpersonal skills, ability to work on multiple projects simultaneously in a balanced and

controlled matter.

• Excellent communications skills including preparing brief ings, presentations, and oral status

reports

• Possess strong analytical skills and problem-solving capabilities

Tata Consultancy Services Canada Inc. is committed to meeting the accessibility needs of all individuals in accordance with the Accessibility for Ontarians with Disabilities Act (AODA) and the Ontario Human Rights Code (OHRC). Should you require accommodations during the recruitment and selection process, please inform Human Resources.

Thank you for your interest in TCS. Candidates that meet the qualifications for this position will be contacted within a 2-week period. We invite you to continue to apply for other opportunities that match your profile.

Inclusion without Exception

Tata Consultancy Services (TCS) is an equal opportunity employer, and embraces diversity in race, nationality, ethnicity, gender, age, physical ability, neurodiversity, and sexual orientation, to create a workforce that reflects the societies we operate in. Our continued commitment to Culture and Diversity is reflected in our people stories across our workforce and implemented through equitable workplace policies and processes.

About TCS

TCS is an IT services, consulting, and business solutions organization that has been partnering with many of the world’s largest businesses in their transformation journeys for over 55 years. Its consulting-led, cognitive-powered portfolio of business, technology, and engineering services and solutions is delivered through its unique Location Independent Agile™ delivery model, recognized as a benchmark of excellence in software development. A part of the Tata group, India's largest multinational business group, TCS operates in 55 countries and employs over 607,000 highly skilled individuals, including more than 10,000 in Canada. The company generated consolidated revenues of US $30 billion in the fiscal year ended March 31, 2025, and is listed on the BSE and the NSE in India. TCS' proactive stance on climate change and award-winning work with communities across the world have earned it a place in leading sustainability indices such as the MSCI Global Sustainability Index and the FTSE4Good Emerging Index.

Skills Required:

Holds an active cybersecurity certification, such as CISSP, OSCP, etc.

• Experience working in an enterprise IT environment, including primary focus in Cybersecurity (network security).

• Demonstrable expertise in network & cyber security, including hands -on experience with Proxy,

Firewalls, Wireshark, CDN technology, SIEM, NGIPS, etc.

• Practical knowledge of web proxy security policy administration, management and design. Having

experience with WSS or ProxySG would be a huge advantage

• Knowledge of gateway security threats with an understanding of preventative

technologies/controls.

• Awareness and use of security and privacy concepts (e.g. international and industry standards,

legal and regulatory constraints, etc).

• Good, practical knowledge of general information technology including topics such as operating

systems (Windows, UNIX, etc) and networking technologies.

• Experience with gateway security technologies; security and inf rastructure operations.

• Possesses strong knowledge of DDOS attacks and remediation measures, networking

fundamentals including IP addressing, OSI layers, routers, and switches, as well as network -

related threats, attacks, and the protocols used to prevent them

• Demonstrated ability to contribute and establish ef fective working relationships and collaborative

work approaches with both internal and external peers.

• Ability to ef fectively inf luence without authority

• Outstanding communication, analytical, problem solving, and project management skills

• Deep technical skills, knowledge of network protocols and network communication principles,

understanding of vulnerabilities and remediation techniques.

• Experience with craf ting incident response plans and playbook.

• Good interpersonal skills, ability to work on multiple projects simultaneously in a balanced and

controlled matter.

• Excellent communications skills including preparing brief ings, presentations, and oral status

reports

• Possess strong analytical skills and problem-solving capabilities

Tata Consultancy Services Canada Inc. is committed to meeting the accessibility needs of all individuals in accordance with the Accessibility for Ontarians with Disabilities Act (AODA) and the Ontario Human Rights Code (OHRC). Should you require accommodations during the recruitment and selection process, please inform Human Resources.

Thank you for your interest in TCS. Candidates that meet the qualifications for this position will be contacted within a 2-week period. We invite you to continue to apply for other opportunities that match your profile.