Senior Information Security Analyst

IKO North America•Mississauga, ON

1d•Onsite

About The Position

IKO Industries Ltd. is a market leader in the manufacturing of roofing and building materials. IKO is a Canadian owned and operated business with production facilities worldwide and has many years of unparalleled success in the roofing materials industry. Quality, integrity, and trustworthiness are the values that underlie this success, and we have built this company by hiring people who hold these values. People like you! We are seeking a Senior Information Security Analyst with deep, hands‑on experience across security operations, incident response, and data protection in enterprise, cloud, and SaaS environments. This role is responsible for defending the organization against advanced cyber threats while leading efforts to protect sensitive business, employee, and executive data across on‑premise systems, cloud platforms, and collaboration tools such as Microsoft 365. The Senior Analyst operates as a technical authority and trusted advisor, helping shape security detection, response, and data protection practices across the enterprise. This role goes beyond monitoring tools—it focuses on investigations, risk reduction, and building durable security controls that scale across modern hybrid IT and SaaS environments. This position is fully onsite at our Mississauga, ON office.

Requirements

8+ years of progressive experience in Information Security, Security Operations, or Incident Response
Demonstrated experience leading complex security investigations end‑to‑end, including cloud and SaaS‑based incidents
Hands‑on expertise with SIEM / logging platforms (e.g., Splunk, QRadar, ArcSight, Elastic)
Strong background investigating endpoint, network, cloud, SaaS, and email‑based threats
Proven experience working directly with IT infrastructure, cloud platforms, Microsoft 365, and enterprise applications
Practical experience with Data Classification, Data Governance, and/or DLP
Strong understanding of how sensitive data moves across email, collaboration tools, cloud services, and enterprise systems
Experience investigating data misuse, data exfiltration, or insider‑related incidents
Endpoint Detection & Response (EDR) platforms
Network security and traffic analysis
Identity and access security (including cloud identity platforms)
Vulnerability management and risk‑based remediation
Cloud security controls and SaaS environments (including Office 365 / Microsoft 365)
Excellent investigative and analytical skills
Ability to explain cyber and data risk in plain business language
Calm and decisive during incidents
Strong written documentation skills (incident reports, risk assessments, recommendations)
Comfortable influencing without authority
Pragmatic, risk‑based mindset—knows when “perfect” is the enemy of “secure”
Bachelor’s degree in Information Technology, Computer Science, or related field preferred
Ability to travel across North America and Europe as required

Nice To Haves

CISSP, CISM, CRISC, or similar
Relevant cloud or security platform certifications

Responsibilities

Lead investigation and response to security incidents across network, endpoint, cloud infrastructure, SaaS platforms (including Office 365), email, and identity systems
Proactively hunt for threats, suspicious behavior, and signs of data compromise across on‑prem, cloud, and SaaS environments
Analyze logs, alerts, and telemetry from SIEM, EDR, identity, email, and cloud platforms to identify unauthorized access, privilege abuse, lateral movement, and account compromise
Act as an escalation point for complex or high‑impact security incidents, including cloud security breaches and SaaS account takeovers
Produce clear, defensible incident reports with evidence, root cause analysis, and corrective actions
Play a lead role in Data Governance and Data Classification initiatives covering on‑premise systems, cloud platforms, and SaaS applications
Design, tune, and support Data Loss Prevention (DLP) controls across: Email and collaboration platforms (e.g., Office 365), Endpoints, Cloud storage and SaaS collaboration tools
Investigate data‑related security events, including: Unauthorized access to sensitive or regulated data in cloud and SaaS platforms, Large or unusual data transfers from cloud storage or collaboration systems, Data shared externally or to personal accounts from corporate email or SaaS environments
Partner with business owners to apply risk‑based data protection controls without unnecessary friction
Embed security and data protection requirements into IT and business‑led projects involving cloud, SaaS, and hybrid environments
Identify risks introduced by new systems, integrations, SaaS vendors, cloud services, or workflows
Recommend pragmatic remediation options, compensating controls, and secure design improvements
Provide hands‑on security architecture guidance for cloud services, SaaS platforms, and identity‑centric solutions when needed
Contribute to security standards, policies, procedures, and technical guidelines related to cloud security, SaaS usage, identity, and data protection
Perform and review technical risk and threat assessments for critical systems, including cloud‑hosted and SaaS‑based services
Support internal and external audits (e.g., PCI, ISO 27001, regulatory reviews)
Define and track remediation plans through to closure
Improve detection logic, alert quality, and investigation workflows across SIEM, EDR, email security, cloud security, and SaaS telemetry
Evaluate new security tools and capabilities with a practical, outcomes‑focused mindset
Reduce noise, false positives, and manual effort where possible
Stay current on emerging threats targeting cloud platforms, SaaS environments, identity systems, and collaboration tools
Act as a technical mentor to junior and intermediate analysts
Lead by example during incidents, investigations, and projects
Raise the overall maturity of the security operations function across enterprise, cloud, and SaaS environments