Security Analyst

StarTech.com Ltd.

$95K — $110K *
Information Technology
5 - 7 years of experience
Job Overview by Ladders

Qualifications

  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related discipline required.
  • 5+ years of experience in an information security, cybersecurity, or related IT role.
  • CompTIA Security+, CISSP or CISM certification required.
  • Familiarity with security frameworks such as SOC 2, ISO 27001, NIST, CMMC required.
  • Hands-on experience with vulnerability management, SIEM platforms, and incident response.

Responsibilities

  • Conduct regular vulnerability scans and penetration testing; prioritize findings and track remediation.
  • Monitor security alerts and events using SIEM; lead investigation and response to incidents.
  • Maintain compliance posture against applicable frameworks and support audits.
  • Partner with IT teams to embed security controls into architectural decisions.
  • Develop security policies and deliver security awareness training for teams.

Benefits

  • Comprehensive benefits package including health and wellness programs.
  • Opportunities for skill growth in analytics, BI, and AI.
  • Collaborative and innovative work environment.
  • Tuition reimbursement program and retirement savings plans.
Full Job Description
As StarTech.com continues to grow, we're investing in the future of our cybersecurity program with the addition of a newly created Security Analyst role. This is an opportunity to become a foundational member of our IT team and help shape how security evolves across a global technology organization. As our dedicated Security Analyst, you'll be responsible for protecting our systems, networks, infrastructure, and data by identifying, assessing, and mitigating security risks while helping establish the security practices that will support our continued growth.

Working closely with Infrastructure, Operations, Development, and business stakeholders, you'll investigate security incidents, manage vulnerabilities, strengthen security controls, and support compliance initiatives . You'll analyze threats across applications, systems, networks, cloud environments, and enterprise platforms while contributing to the secure configuration, hardening, and ongoing protection of the technologies that power our business. This role is ideal for someone who enjoys solving complex problems and understands that effective security starts with a strong foundation in infrastructure.

What makes this opportunity unique is the ability to influence both strategy and execution. As the organization's security-focused resource, you'll help establish security baselines, identify gaps, drive remediation efforts, and foster a security-conscious culture across the company. You'll join a collaborative team that values ownership, innovation, and practical problem-solving, where your expertise will have a direct and visible impact on strengthening StarTech.com's overall security posture.

What You'll Do

  • Vulnerability Assessment & Threat Management: Conduct regular vulnerability scans, penetration testing across applications and infrastructure; prioritize findings by risk severity and track remediation to closure and work with the IT infrastructure & operations team to remediate the findings.
  • Security Monitoring & Incident Response: Monitor security alerts and events using SIEM tooling; lead investigation and response to security incidents; document findings and implement measures to prevent recurrence.
  • Compliance & Risk Management: Maintain and advance the organization's compliance posture against applicable frameworks (e.g., SOC 2, ISO 27001, NIST); conduct risk assessments and support internal and external audits.
  • Security Architecture Alignment: Partner with the IT teams to ensure security requirements and controls are embedded into architectural decisions, integration patterns, and modernization initiatives from the outset.
  • Security Awareness & Policy: Develop and maintain security policies, standards, and guidelines; deliver security awareness training and regular phishing campaigns. Act as a subject matter expert for engineering and business teams.


Skills & Knowledge

Technical Skills:

  • Vulnerability scanning and penetration testing tools
  • SIEM platforms and log analysis (Microsoft Sentinel or equivalent)
  • Cloud security controls across Azure, AWS or GCP
  • Network security fundamentals: firewalls, IDS/IPS, VPNs, segmentation
  • Identity and access management (IAM), MFA, and privileged access controls
  • Secure coding awareness and ability to review code or configurations for common vulnerabilities


Knowledge:

  • Security frameworks and standards: NIST CSF, ISO 27001, SOC 2, CIS Controls
  • Threat intelligence concepts and attack lifecycle
  • Data privacy regulations relevant to the organization (e.g., PIPEDA, GDPR)
  • Risk assessment methodologies and security risk quantification
  • Solid understanding of underlying infrastructure systems (servers, hypervisors, network components, and cloud platforms) and their associated security considerations


Non-Technical Skills:

  • Strong problem-solving and analytical thinking
  • Clear written and verbal communication
  • Self-directed with the ability to manage multiple priorities in a fast-moving environment
  • High degree of professional discretion in handling sensitive and confidential information


What You Bring

  • Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related discipline required.
  • 5+ years of experience in an information security, cybersecurity, or related IT role.
  • CompTIA Security+, CISSP or CISM
  • Familiarity with SOC 2, ISO 27001, NIST, CMMC Cybersecurity Framework required.
  • Hands-on experience with vulnerability management, SIEM platforms, and incident response.
  • Experience working within complex or legacy technical environments is a strong asset.
  • Strong experience working within enterprise IT environments, including infrastructure technologies such as virtualization platforms, network systems (firewalls, wired/wireless networking), and Microsoft-based services (e.g., Active Directory, Azure).


Travel / On-Call Support

  • Limited travel may be required.
  • As business needs arise, potential travel to distribution centers in Canada, U.S.A, or the U.K.

  • Availability to provide occasional after-hours support or assistance with incident response may be required when operational needs arise.


Why Join StarTech.com?

  • Competitive salary and bonus potential
  • Comprehensive benefits package
  • Collaborative and innovative work environment
  • Opportunities to grow your skills in analytics, BI, and AI


What to expect from the Hiring Process:

We respect your time and value transparency. Here's a general idea of what to expect:

  • Intro call with Talent Acquisition (30-minutes)
  • Interview with Hiring team - Manager, Infrastructure & IT + Director, IT (60-minutes)
  • Final interview with VP, Data Analytics & IT (30-minutes)
  • Offer & onboarding


This role offers a competitive salary range of CAD $95,000 to $110,000 and eligibility to participate in our bonus program. At StarTech.com, we value fairness and regularly benchmark pay to stay competitive, recognizing each person's unique contributions.

As part of the StarTech.com "One Team," you'll also enjoy:

  • Comprehensive health benefits
  • Tuition reimbursement program
  • Retirement savings plans
  • Wellness Program
  • Additional perks and rewards


Similar Jobs

More Jobs at StarTech.com Ltd.

More Information Technology Jobs

Find similar Security Analyst jobs: