Cyber Security Analyst

Role: Cybersecurity Operations Analyst Permanent Location: Vancouver, hybrid On behalf of one of our clients, we are seeking a Cybersecurity Operations Analyst. Using leading edge cybersecurity systems, the client’s Cybersecurity team is accountable for the protection of the company’s IT assets; the detection, response, and management of cybersecurity incidents; and the operation and support of a diverse range of cybersecurity systems across an agile and complex IT environment. Accountabilities: As part of the Cybersecurity Operations team, you will play a key role in the delivery of enterprise operational security services, including the collection of cyber-threat intelligence, security vulnerability management, scanning, logging, monitoring, event collection and correlation, and collecting and reporting on operational metrics. Areas of responsibility are noted below: Lead/assist in optimizing and improving Security Operations processes. Support the orgs cybersecurity toolset which includes, but not limited to, the following technologies: firewalls, Endpoint detection and response, SIEM, PAM, Vulnerability scanners, EPM, MFA, Network Detection and Response, email security, Security Training platforms. Validate and review configuration changes made to the cybersecurity toolset. Anticipate security breaches and remain up to date on intelligence, including hackers’ methodologies; maintains high degree of knowledge by tracking trends and best practices. Perform or assist with vulnerability assessments and recommend remedial actions. Develop and deploy security monitoring use cases. Triage and analyze security events and incidents to determine the root cause and apply the appropriate mitigation measure. Perform incident analysis by correlating data from various sources and determining if a critical system or data set has been impacted. Monitor external events and security logs to identify new threats, vulnerabilities, and incidents. Propose and collect KPIs and create meaningful daily, weekly, and monthly operational reports. Mentor and provide guidance to other cybersecurity operational analysts in the team. Collaborate with diverse groups of internal and external IT teams and key stakeholders by interacting effectively and persuasively to investigate and resolve enterprise-wide security violations. Lead or participate in cybersecurity investigations and audit reviews. Assist with developing, documenting, and maintaining org’s standards, and guidelines as required. Assist with establishing and maintaining security incident response plans and procedures. Assist in the transition of new cybersecurity systems and devices from project to operations. Validate baseline security configurations for operating systems, applications, and networking and telecommunications equipment. Requirements: Minimum 5 years of hands-on experience in a Cybersecurity operations role in an environment the size and complexity of the client. Have hands-on experience on systems/technologies such as firewalls, Endpoint detection and response, SIEM, PAM, Vulnerability scanners, EPM, MFA, Network Detection and Response, email security, Security Training platforms…(the more the better). Completed degree in a technical discipline such as Engineering or Computer Science. Obsession with quick learning and attention to details. Ability to work independently and with minimal supervision. Excellent interpersonal, written, verbal, communication, and presentation skills. Strong analytical and problem-solving skills. Strong collaborator who likes sharing their expertise. Understanding of enterprise-level networks, networking protocols, devices, and architecture with understanding of TCP/IP, OSI model, IDS, IPS, VPN and SSL Decryption. Technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, O365 Defender, Azure Defender, Azure AD Conditional Access. Proficient with scripting languages (e.g. PowerShell, Windows Command Line). Advanced knowledge in email security, phishing techniques, and secure email gateways Familiarity with various malware categories, their characteristics, and network-based indicators of compromise. Industry certifications such as CISSP, CEH, CRISC, CISA, CISM, Security , CCNA, CCNP, ITIL. Available to work regular office hours Monday to Friday (9am – 5 pm). Come remote work is possible but there is a requirement to work in the office as needed (20-40%) This role does not require the candidate to be on-call after hours or weekends. Legally able work in Canada.

Location: Greater Vancouver, CA

Posted Date: 6/15/2025