Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Security, or a related field
• 3+ years of experience in Security Operations, SOC, or Incident Response roles
• Hands-on experience with SIEM, EDR/XDR, and cloud security platforms (e.g., Microsoft Defender, Sentinel)
• Experience working with MSSPs or external SOC providers
• Familiarity with threat detection, incident response processes, and MITRE ATT&CK framework
• Experience coordinating vulnerability management and remediation activities
• Familiar with commonly used Information Security frameworks such as CIS and NIST
• Knowledge of identity and access management concepts, including privileged access controls
• Strong analytical and problem-solving skills with the ability to investigate and respond to security events
• Experience with KQL, PowerShell, or Python for detection and automation
• Experience with SOAR platforms or automation playbooks
• Familiarity with cloud security controls (Azure preferred)
• Familiarity with regulatory expectations (e.g. PIPEDA, OSFI related guidelines)

Nice To Haves

• Relevant industry certifications are considered an asset, including: CompTIA Security+ or CySA+, GIAC (e.g., GCIH, GCIA), Microsoft Certified: Azure Security Engineer Associate (or equivalent M365 security certifications), Certified Cloud Security Professional (CCSP) or similar cloud-focused certification

Responsibilities

• Monitor, triage, and coordinate the response to security alerts and incidents in collaboration with our MSSP; perform incident analysis, support containment and remediation, maintain incident documentation, and contribute to post-incident reviews and root cause analysis
• Develop, tune, and maintain detection use cases across security platforms aligned to MITRE ATT&CK; continuously improve detection coverage through threat intelligence, incident learnings, and proactive threat hunting
• Coordinate vulnerability identification, prioritization, and remediation with IT teams. Track remediation progress, report on risk exposure, and support patch validation
• Design and execute security awareness and training programs, manage phishing simulations and analyze results for reporting and improvement actions
• Support security assessments for new and existing vendors
• Support security reviews for new and existing systems, ensuring adherence to security requirements, secure design principles, and regulatory expectations
• Leverage SIEM, EDR/XDR, and SOAR capabilities to automate detection, response, and reporting activities, including development of hunting queries and custom detection logic
• Support monitoring and control activities related to identity and access management, including user access reviews and privileged access monitoring
• Contribute to data protection initiatives, including alignment with data classification and DLP controls
• Produce and maintain operational security metrics (e.g., MTTD, MTTR, vulnerability remediation timelines) and provide regular reporting to leadership
• Create configuration baseline and policies using industry best practices such as the Center for Information Security (CIS) benchmarks and configuration checklists
• Oversee the enforcement of security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating possible security exceptions; update and maintain documented security controls
• Stay up-to-day on information security trends and industry best practice approaches

Benefits

• Haventree Bank is committed to providing accommodation when needed. If you require an accommodation, we will work with you to meet your needs.