IT Senior Analyst, Vulnerability Management & Incident Response

At Saputo, our best comes from our people. We’re a talented and caring team with a longstanding history of excellence. Since our first days delivering cheese on a bicycle, we’ve grown into a leading global dairy processor by staying true to the culture that defines us.

Each of our employees is committed to uphold our tradition of care, quality, and passion through food, and together, we foster an environment where we can all make contributions that matter from our manufacturing plants to our office locations and everywhere in-between.

Overview of The Role

Saputo is looking for a cybersecurity Senior Analyst, reporting to the IT Security and Compliance Manager. The position is a key role involved in many areas : Vulnerability Management, Cybersecurity Incident Response and Simulation.

The Senior Analyst will also need to work collaboratively with an outsourced partner to coordinate task completion. They will be responsible for documenting executive content and presenting it to upper management.

The ideal candidate should be able to work autonomously and under pressure, demonstrating a strong sense of priorities in managing tasks effectively.

This role is important within the organization, requiring a blend of technical expertise, communication skills, and project management abilities.

It’s a great opportunity for someone looking to make a significant impact in the cybersecurity field.

How you will make contributions that matter :

Vulnerability Management Program

Develop and manage a comprehensive Vulnerability Management Program to identify, prioritize, and remediate security vulnerabilities across the organization's systems and networks.

Conduct vulnerability assessments and penetration tests to proactively identify and address security weaknesses.

Conduct internal meeting to review report, prioritize and remediate critical vulnerabilities in a timely manner.

Proven knowledge in cloud technologies (Azure) to track and prioritize vulnerabilities for remediation.

Incident Response

Perform incident investigation following incident response lifecycle.

Coordinate effectively with IT teams, stakeholders, and external partners during and post-incident.

Ensuring clear communication and a unified response strategy.

Produce cybersecurity incident report, and recommendation to minimize the impact on operations.

Draft cybersecurity incident communication to upper management.

Review and develop the Incident Response Plan & Playbooks on yearly basis.

Assist and con in contribute to yearly mock breach exercises.

Stay up-to-date on the latest cybersecurity threats, trends, and best practices to continuously improve the organization's security posture.

You are best suited for the role if you have the following qualifications :

Undergraduate degree in Information Management, Computer Science, Computer Engineering, or related field.

Overall 5+ years of information security consulting, security operations or advisory.

Strong knowledge in application security followed by OWASP

Very strong written and communication skills to non-technical stakeholders.

Ability to work with teams to achieve goals and meet deadlines in a fast-paced environment.

Experience in project management.

Technical and Soft skills

CISSP, CISA certification a strong asset.

Proven knowledge in cloud technologies (MS Azure) a strong asset.

Broad understanding of Cybersecurity framework (NIST Cybersecurity Framework CSF, ISO27001).

Experience in working on Dark Web monitoring tool is an asset

Knowledge of information security and risk mitigation principles, theories, and techniques.

Experience with vulnerability management tools and practices, incident response skills, and excellent communication and teamwork skills.

Excellent French and English written and verbal communication skills.

As part of his duties, the incumbent will have to communicate and collaborate in English, both orally and in writing with colleagues or other stakeholders in Quebec as well as in the rest of Canada or in North America.

We support and care for our employees and their families by providing :

Competitive salaries

A hybrid work environment with the possibility to work from home 2 days a week

Advantageous corporate agreements

Full range of group insurance benefits

Group retirement pension plan with employer contribution

Purchase option of company stocks

Group RRSP

Health and wellness program in the workplace

Assistance program for employees and their families

Saputo products at a discounted price

We support employment equity. Saputo strives to embed diversity and inclusion in its operations and invites candidates from all horizons to join its family.

Our story began in Canada in 1954, when the Saputo family's hard work and dedication created a thriving dairy business. More than 65 years later, our roots in this country remain strong with our Corporate Headquarters in Montréal.

Today, we are a leading cheese manufacturer and fluid milk and cream processor in Canada with well-loved brands, such as Saputo, Alexis de Portneuf, Armstrong, Baxter, Dairyland, Joyya, Milk2Go, Milk2Go Sport, Neilson, Nutrilait, Scotsburn* and Woolwich Goat Dairy.

Thanks to our national footprint, we're proud to bring our best to our customers and consumers, and have plenty of opportunities for our employees to grow in their own way.

And we do it while also striving to build a healthier future for our people and the communities where we operate, guided by our values and the Saputo Promise.