IT Security Analyst

Canucks Sports & Entertainment (CSE)•Vancouver, BC

About The Position

The IT Security Analyst supports the execution and ongoing improvement of the organization’s cybersecurity program across Canucks Sports & Entertainment and Aquilini Group properties. The role is responsible for coordinating security operations, maintaining key security controls, and supporting risk and detection capabilities across the environment. This is a hands-on role suited to someone with foundational experience in cybersecurity and IT who is looking to further develop their skills across security technologies, incident coordination, and risk management. The successful candidate will be expected to take ownership of assigned work, prioritize effectively, contribute to continuous security improvements, and help translate technical risks into practical business decisions.

Requirements

2–5 years of experience in cybersecurity, infrastructure, or a related IT role.
Working knowledge of Microsoft 365, Windows administration, and core security concepts.
Solid understanding of networking fundamentals (TCP/IP, DNS, VPNs, firewalls).
Strong analytical and problem-solving skills.
Ability to assess and communicate technical risks in a business context and communicate effectively with both technical and non-technical stakeholders.
Self-motivated and able to manage competing priorities.

Nice To Haves

Experience with Microsoft security tools (Defender, Entra, Conditional Access).
Experience with MDR, EDR, SIEM, vulnerability management, or incident response processes.
Experience with VMware, Hyper-V, Azure or hybrid environments.
Familiarity with frameworks such as NIST, ISO 27001, or SOC 2.
Relevant certifications (Security+, CySA+).

Responsibilities

Review, investigate, and coordinate response to security alerts and incidents raised by MDR, EDR, Microsoft Defender, and related tools.
Support vulnerability management by reviewing findings, assessing risk, and coordinating remediation.
Conduct and support risk assessments for systems, projects, and vendors, including maintaining the risk register and documenting security exceptions.
Participate in the secure design, deployment, and review of infrastructure projects ensuring security requirements are incorporated into new systems and services.
Assist with the implementation, maintenance, and continuous improvement of Microsoft security technologies (Defender, Entra ID, Conditional Access) and endpoint protection platforms.
Support identity and access management processes, including privileged access reviews.
Support security policies, standards, and documentation.
Support the implementation and ongoing improvement of the organization’s SIEM, including onboarding data sources, developing detection use cases, and refining alert quality.
Conduct log analysis and threat hunting activities across endpoint, network, cloud, and identity platforms to identify potential indicators of compromise.
Assist with security awareness initiatives and user training.
Work with infrastructure, application teams, and external partners to resolve issues and improve security controls.
Support network security operations, including firewall rule reviews, network segmentation initiatives, secure remote access and wireless security controls.
Support third-party security assessments, penetration tests, and remediation activities arising from audit findings.
Support business continuity and disaster recovery activities.
Maintain security documentation and provide on-call support as required.