Cybersecurity Operations Analyst

Edmonton, AB
Permanent
Full-time

9 days ago

We are seeking a hands-on Cybersecurity Operations Analyst to lead day-to-day security operations across Canada, the US, and Australia. The role focuses on Identity & Access Management (IAM), security monitoring, threat detection, incident response, compliance, and tool administration, ensuring the protection and resilience of enterprise and cloud environments.
Key Responsibilities
Identity & Access Management (IAM)Manage full user lifecycle (on/offboarding, role changes) across enterprise, cloud, and SaaS platforms (Okta, Azure AD, Microsoft Identity).Enforce Zero Trust and least privilege models; implement/monitor MFA.Conduct access reviews, maintain documentation, and ensure audit readiness.Security Operations & Incident ResponseMonitor and respond to alerts from SIEM, EDR, and email security systems (e.g., SentinelOne, Proofpoint).Lead investigations, escalate critical incidents, and update playbooks.Coordinate with SOC partners/vendors to mitigate threats.Governance, Compliance & DocumentationMaintain security policies, procedures, and standards in alignment with the IT Policy Framework.Prepare evidence for audits/compliance (FTC, PCI) and support regulatory requirements.Maintain incident reports, access logs, and control documentation.Security Tools & Vulnerability ManagementAdminister EDR, email security, and vulnerability scanning tools; monitor Microsoft 365, Azure, and SaaS platforms.Conduct vulnerability assessments, track remediation, and collaborate on resolutions.Stay informed on emerging threats, vulnerabilities, and defensive tools.Awareness & CollaborationContribute to security awareness training and phishing simulations.Build strong IT/business unit relationships to embed security into operations.Track/report key metrics to improve security performance.
QualificationsBachelors in Computer Science, IT, or equivalent experience.57 years IT experience, including 23 in hands-on security operations (IAM, incident response, vulnerability management).Security certifications (SSCP, CISSP, CISA, etc.) preferred.Proficiency with IAM (Okta, Azure AD), EDR, SIEM, email security, and vulnerability tools (SentinelOne, Proofpoint, Qualys, Arctic Wolf, Blackpoint, Abnormal Security, BitSight, KnowBe4).Knowledge of Zero Trust, MFA, network segmentation, and industry frameworks (NIST CSF, CIS Controls, ISO 27001).Strong problem-solving, communication, and stakeholder engagement skills.Able to balance priorities, meet deadlines, and adapt in fast-paced environments.

Johnson Service Group

Apply Now