Title: Senior Information Security Analyst

Location: Toronto / hybrid-flexible environment (GTA-based, occasional office visits)

Type: Full-Time, Permanent

We're hiring a Senior Information Security Analyst to join a collaborative and high-performing Information Security team in Toronto. Reporting to the Manager of Information Security Operations, you'll own key platforms (PKI and Palo Alto) and work with the team on various security initiatives, strengthening the organization's cybersecurity posture.

This hands-on role focuses on security operations, incident response, vulnerability management, and cloud security. You'll work closely with Managed Security Services Providers (MSSPs) to design and implement security solutions and proactively manage monitoring, auditing, and risk mitigation efforts.

What You'll Be Working On:

• Serve as the SME for PKI (Keyfactor SaaS) and Palo Alto platforms.
• Support CA PKI modernization and PAM migration initiatives.
• Lead incident identification, investigation, and resolution activities.
• Respond to security alerts and manage incident support through an on-call rotation ( 1 week/month).
• Manage vulnerability assessments, penetration tests, and remediation efforts.
• Design and maintain enterprise security solutions across cloud (AWS, Azure, GCP) and on-prem environments.
• Help evaluate and implement new cybersecurity solutions.
• Collaborate on business continuity and disaster recovery planning.
• Develop and maintain security policies, baselines, and standards.

What We're Looking For:

• 5+ years in Information Security roles, ideally in mid-sized environments.
• Deep expertise with PKI management and Palo Alto security technologies.
• Strong experience in cloud security (AWS, Azure, GCP).
• Agile, collaborative, and proactive approach to working across technologies and projects.
• Strong knowledge of security technologies: SIEM, EDR, IDS/IPS, malware protection, IAM, patch management, URL filtering, and endpoint protection.
• Solid understanding of TCP/IP, IPSEC, SSL/TLS protocols.
• Relevant security certifications (CISSP or similar)

Bonus Points:

• CyberArk experience.
• Familiarity with Linux environments.