Senior Analyst - Cyber Threat Modeling and Risk

About The Position

Requirements

• A college diploma or university degree in Computer Science, Information Technology, Cyber Security, or a related discipline is required.
• 2–3 years of experience in information security, IT risk, or technology roles is preferred.
• Foundational understanding of threat modeling concepts or methodologies; practical experience is an asset.
• Basic understanding of application security principles and common vulnerabilities (e.g., OWASP Top 10).
• Ability to support IT security risk assessments and document findings clearly.
• Familiarity with security diagrams and documentation such as data flow diagrams and architecture diagrams.
• Strong communication, documentation, and collaboration skills.

Nice To Haves

• Exposure to cloud and hybrid environments is an asset.
• Understanding of APIs, CI/CD pipelines, or secure software development practices is an asset.
• Interest in pursuing security certifications (e.g., Security+, CCSP, CISSP in future) is an asset.

Responsibilities

• Provide security advisory support to technology and business teams under supervision.
• Help conduct threat modeling and security assessments for applications and infrastructure.
• Review solution designs with senior analysts and SMEs to identify threats, attack paths, and risks.
• Document outputs like data flow and architecture diagrams, along with basic threat scenarios.
• Assist in tracking and addressing design flaws and security findings from threat modeling.
• Support onboarding of security services (e.g., MFA, logging, vulnerability scanning) guided by senior team members.
• Keep accurate records in risk tracking repositories.
• Aid continuous improvement of threat modeling processes, templates, and documentation.
• Build foundational knowledge of the organization’s enterprise security frameworks, policies, and standards.
• Review solution designs for risk and threat assessment.
• Record risks, threat scenarios, and control gaps in tracking tools.
• Track remediation actions and assist risk discussions with stakeholders.
• Build knowledge of cyber security controls and their technology applications.

Benefits

• Competitive discretionary bonus
• Market leading RRSP match program
• Medical, dental, vision, life, and disability benefits
• Employee Share Purchase Plan
• Maternity/Parental top-up while you care for your little one
• Generous vacation policy and personal days
• Virtual events to connect with your fellow colleagues
• Professional development and comprehensive Career Development program