Cybersecurity Analyst

The Cybersecurity Analyst, working within CanSSOC, will be accountable for monitoring and delivering timely, relevant threat intelligence, investigating events and incidents, and providing technical guidance and support to partners within the community.

This is a full-time, permanent position that reports to CANARIE’s Director, Cybersecurity Services Innovation.  The Cybersecurity Analyst will work with a federated team of analysts across Canada.

Key Responsibilities

  • Collaborating with partners to monitor and analyze security events and incidents, providing incident response support, risk management, proposing mitigations, and supporting user awareness.
  • Identifying and prioritizing vulnerabilities and collaborating with stakeholders to ensure they are understood and triaged effectively.
  • Reviewing threat intelligence to provide effective threat reporting to partner organizations.
  • Reviewing events and alerts from various security platforms and providing analysis, trending, and insights.
  • Developing training material and process documentation on relevant security platforms.
  • Onboarding new academic institutions as members to relevant platforms and initiatives, conducting health-checks, and proactively alerting customers to impending operational issues.
  • Providing recommendations for future projects, security tools, applications, along with associated benefits of the solution.
  • Travel may occasionally be required.
  • Other related duties and responsibilities, as required.

The Ideal Candidate

To excel at CANARIE, you have a demonstrated capacity to work collaboratively on teams and are also an energetic self-starter with the self-motivation to work independently. You have excellent oral and written communication skills, and can count time management, problem solving, and managing multiple priorities as your strengths. You also share a dedication to CANARIE’s core values: service, teamwork, inclusion, innovation, quality, and integrity.

Relevant experience in publicly funded not-for-profit organizations is desirable. Bilingualism is preferred.

What You Bring

Education and Experience

  • College diploma or university degree or a suitable combination of education, experience, or other relevant training.
  • Minimum of 5 years of relevant, related experience.
  • Experience documenting cybersecurity processes, procedures, and playbooks.
  • (ISC)2, CompTIA, GIAC, or other relevant cybersecurity certifications are desirable.


  • Ability to identify, analyze, document, and report relevant threats and incidents.
  • Experience in identifying and containing security incidents.
  • Experience automating investigations and processes using basic scripting and tooling.
  • Demonstrated understanding of cybersecurity risks.
  • Demonstrated understanding of patch and vulnerability management.
  • Demonstrated ability to gain trust and credibility from internal and external stakeholders.
  • Understanding of cybersecurity risks to the academic sector is desirable.

Technical Proficiencies

  • Demonstrated understanding of attack activities such as network probing/scanning, DDoS, APT TTPs, malware analysis, etc.
  • Working knowledge of the following:
    • MITRE ATT&CK Framework
    • NIST Cybersecurity Framework
    • Security of cloud and on-prem environments
    • Security platforms such as Firewalls, SIEMs, EDRs, IDS, SOAR
    • Case management and information management tools such as ServiceNow, Atlassian (Confluence/Jira), etc.
  • Working knowledge of the Microsoft Office Suite.

Come Work with Us

We are committed to employment equity and encourage anyone who can contribute to the diversification of ideas and perspectives to apply. For applicants with disabilities, accommodation is available upon request throughout the recruitment and assessment process.

If this position seems to be the right fit for you, please send a note and your resume to, and include the position title in your subject.

We thank all applicants, however only those applicants selected for an interview will be contacted.