Security Analyst

Role Summary

We are seeking a detail-oriented and proactive IT Security/SOC Analyst to support our Governance, Risk, and Compliance (GRC) and incident response functions. This role is responsible for maintaining accurate security documentation, monitoring and analyzing security events through SIEM tools, and investigating potential threats to determine appropriate remediation and escalation actions. The Analyst will leverage network and security expertise to identify, contain, and eradicate malicious activity while providing timely updates and reporting throughout the incident lifecycle. You will play a key role in vulnerability management across infrastructure and web applications, deliver security awareness programs, and contribute to the continuous improvement of SOC processes and procedures. This position also requires staying current with emerging threats, maintaining detailed records within ticketing systems, and supporting informed decision-making during security incidents.

Salary Range: 60K to 75K

Eligible for Discretionary Bonus: YES

Job Type: Full-Time

Vacancy: Position Available Now

Location: Onsite

Key Responsibilities

• Maintain accuracy of security documents related to Governance Risk and Compliance (GRC)
• Maintain up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
• Investigate and perform in-depth analysis of exploits and recommend remediation.
• Provide network expertise to support timely and effective decision making of when to declare an incident
• Review security events that are populated in a Security Information and Event Management (SIEM) system and remediate accordingly.
• Analyze a variety of network and host-based security appliance logs (Firewalls, NIDS, HIDS, Sys Logs, etc.) to determine the correct remediation actions and escalation paths for each incident
• Independently follow procedures to contain analyze and eradicate malicious activity
• Document all activities during an incident and provide leadership with status updates during the life cycle of the incident
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to the client
• Assist with the development of processes and procedures to improve incident response times, analysis of incident, and overall SOC functions
• Daily shift change reports, security status reports and incident reports
• Perform Infrastructure vulnerability management program from configuration to reporting
• Perform WebApp vulnerability management program from configuration to reporting
• Perform Security Awareness Training program from configuration to reporting
• Working with Ticketing system to track events and incidents

Requirements

• 1-3 Years of exposure and understanding of SOC2, PCI DSS, NIST, ISO 27K, CIS security frameworks
• 1-3 Years of prior experience in some form of GRC or Operational capacity would be preferred
• 1-3 Years of working technical knowledge of Framework controls and testing
• 1-3 Years of experience with common IP, TCP/IP, and other network administration protocols.
• 1-3 Years of experience with syslog monitoring, and windows server, Linux.
• 1-3 Years of experience with common IDS/IPS platforms (Snort, Cisco, Fortigate, PaloAlto)
• 1-3 Years of exposure and understanding of Incident handling/response experience
• College diploma or university degree in the field of computer science and/or 1-2 years equivalent work experience in SOC would be preferred.

Certifications

• CompTIA Security+
• CGRC (ISC)2 , CRISC or equivalent
• GIAC Information Security Fundamentals
• Microsoft Certified Systems Administrator: Security
• Associate of (ISC)2

Benefits

• Comprehensive Health & Wellness: Extended health and dental coverage, plus a flexible health spending account (HSA), help you take care of yourself on your terms.
• Financial Wellbeing: Plan for your future with our group RRSP matching program.
• Learning & Growth: Access continuing education opportunities, professional development programs, and tuition support to grow your skills and advance your career.
• Work-from-home options: Flexibility of being able to work from home, especially during times when commuting or in-person interactions may not be ideal.
• Recognition & Rewards: Our gamified, people driven program lets employees and leaders give kudos, earn recognition, and be rewarded for collaboration and impact.
• Collaborative Culture: Join a supportive, inclusive team where ideas flow freely, feedback is welcomed, and teamwork drives success.
• Challenging & Innovative Projects: Work on high-impact projects that inspire creativity, experimentation, and forward-thinking solutions.
• Convenience & Comfort: On-site parking, casual dress code, free snacks & drinks, and company lunches twice a month to keep your day smooth.
• Team Connection: Participate in company events, outings, and team-building activities that celebrate successes and build lasting connections.

At SIMNET, we believe diverse and inclusive teams drive better outcomes. We are an equal opportunity employer and are committed to providing reasonable accommodations to applicants throughout the interview process.

#J-18808-Ljbffr