Cybersecurity Analyst

Working within CanSSOC – a federated team of cybersecurity analysts across Canada – the Cybersecurity Analyst will be accountable for monitoring and delivering timely, relevant threat intelligence, investigating events and incidents, and providing technical guidance and support to partners within the Research and Education community.

This is a full-time, permanent position that reports to CANARIE’s Director, Cybersecurity Operations.

Key Responsibilities

  • Collaborate with partners to monitor and analyze security events and incidents, providing incident response and risk management support, proposing mitigations, and supporting user awareness
  • Identify and prioritize vulnerabilities and collaborate with stakeholders to ensure they are understood and triaged effectively
  • Review threat intelligence to provide effective threat reporting to partner organizations
  • Review events and alerts from various security platforms and provide analysis, trends, and insights
  • Develop training material, procedures, and general documentation related to daily tasks and tools
  • Onboard new academic institutions as members to relevant platforms and initiatives, conducting health-checks of systems, and proactively alerting customers to operational issues
  • Provide recommendations for future projects, security tools, and process improvements
  • Travel may occasionally be required
  • Other related duties and responsibilities, as required

The Ideal Candidate

To excel at CANARIE, you have a demonstrated capacity to work collaboratively on teams and are also an energetic self-starter with the self-motivation to work independently. You have excellent oral and written communication skills, and can count time management, problem solving, and managing multiple priorities as your strengths. You also share a dedication to CANARIE’s core values: service, teamwork, inclusion, innovation, quality, and integrity.

What You Bring

Education and Experience

  • College diploma or university degree or a suitable combination of education, experience, or other relevant training
  • Minimum 5 years of progressive IT security experience, with exposure to Security Operations Center (SOC) environment
  • Experience documenting cybersecurity processes, procedures, and playbooks
  • Experience in identifying and containing security incidents
  • Experience automating investigations and processes using basic scripting and tooling
  • (ISC)2, CompTIA, GIAC, or other relevant cybersecurity certifications are desirable


  • Knowledge and experience with information system architecture and security controls (i.e., firewalls, operating systems configurations, databases, information security policies, and procedures)
  • Knowledge of application security best practices, tools, and methodologies
  • Demonstrated understanding of patch and vulnerability management
  • Demonstrated ability to gain trust and credibility from internal and external stakeholders
  • Understanding of cybersecurity risks to the academic sector is desirable

Technical Proficiencies

  • Demonstrated understanding of attack activities such as network probing/scanning, brute forcing, DDoS, APTs TTPs, malware analysis, etc.
  • Strong working knowledge of the Microsoft Office suite
  • Working knowledge of the following:
    • MITRE ATT&CK Framework
    • NIST Cybersecurity Framework
    • Security of cloud and on-prem environments
    • Security platforms such as Firewalls, SIEMs, EDRs, IDS, SOAR, Threat Intel Platforms (TIP)
    • Case management and information management tools such as Atlassian (Confluence/Jira), ServiceNow, etc.

Come Work with Us

We are committed to employment equity and encourage anyone who can contribute to the diversification of ideas and perspectives to apply. For applicants with disabilities, accommodation is available upon request throughout the recruitment and assessment process.

If this seems to be the right fit for you, please send a note and your resume to, and include the position title in your subject line.

We thank all applicants; however, only those selected for an interview will be contacted.