Security Analyst, Tier 1 – Monitoring & Triage

About the Role:

The function of the Security Analyst, Tier 1 – Monitoring & Triage is to be at the forefront of incident response, utilizing the latest in network security technology while providing Computer Network Defense and Information Assurance (IA) support to ISA's client base and internal network. This role involves a demanding schedule with a 12-hour shift rotation, including nights and weekends. Flexibility and adaptability to varying shift patterns are essential for success in this position. This posting is for an existing vacancy.

About Us: 

We are proud to be recognized as a top employer for multiple years in a row, we currently hold the distinctions of Canada’s Top Small and Medium Employers 2025, Greater Toronto’s Top Employers 2025 and are Certified Great Place to Work 2025-2026.    

ISA Cybersecurity is a proudly Canadian cyber and AI services and solutions provider. Trusted by over 500 clients from SMB to global enterprises, we empower organizations to safeguard their most critical assets and adopt AI securely. Through our highly customizable Cyber 360 and AI 360 offerings, we deliver a comprehensive range of governance, assurance, engineering protection, detection, and response services for the public and private sectors. Backed by over three decades of operational experience and a vast network of highly specialized and certified experts, we leverage cutting-edge technologies and AI to ensure that clients achieve their privacy, security, and business goals.   

We operate in a remote-first environment. Office presence is typically less than 20% of the time, varying by role and work requirements. Our office space, located at Bloor and Islington, is a collaborative space designed for in-person meetings and drop-ins. We enjoy hosting in-person quarterly townhalls and social events throughout the year to encourage teambuilding and collaboration.  

Responsibilities:

Monitor, analyze, and classify security alerts to identify and respond to potential incidents

Investigate intrusion attempts and perform in-depth analysis of exploits

Provide network intrusion detection expertise to support informed and timely incident declaration

Conduct proactive threat research and remain up to date on latest security trends

Review and assess security events across SIEM and EDR platforms

Analyze a variety of network and host-based security appliance logs (Firewall, Authentication, System, Endpoint, etc.) to determine appropriate remediations and escalation actions

Perform Tier I and Tier II incident triage, containment, and eradication in accordance with established procedures

Document all triage activities and deliver clear, timely updates to clients and leadership

Prepare and escalate reports detailing findings when malicious behavior is identified

Contribute to the development and improvement of incident response processes and overall CIOC operations

Qualifications:

Knowledge of information security event monitoring and detection and NID monitoring and incident response

Familiarity with information security methodologies, tactics, techniques and procedures

Experience with a variety of SIEM, EDR and other security tools

Experience detecting and responding to different cyber incidents

Experience reviewing and analyzing network, authentication, system and other event logs

Possess a comprehensive understanding of the TCP/IP protocol, security architecture, network and remote access security techniques/products

Working knowledge of network architecture and security controls

Strong research background and problem-solving skills

Must be able to react quickly, decisively, and deliberately in high stress situations

Strong verbal/written communication and interpersonal skills are required to document and communicate findings, escalate critical incidents, and interact with customers

Working knowledge of Windows and Linux OS

Highly motivated individual with the ability to self-start, prioritize, multi-task and work in a team setting

Certifications such as Security+ or CySA+ and development skills are considered an asset

Why Join Us?

At ISA Cybersecurity we lead with our "Why". Our Why is to make people feel safe. This not only applies to the result of services that we provide to our clients, but how people feel when interacting with us. Whether you're an employee of ISA or a client we want you to feel safe and supported. Each one of our team members is expected to uphold this leadership quality and embrace it through consistent demonstration of our core values of Explore, Persevere, Adapt and Uplift.

We are proud to offer a variety of employee friendly programs that enable our team to perform at their best.

Highlights of our programs and policies include: 

Flexible sick and personal days for all employees

Generous health plan with enhanced mental health resources and programs

Professional development opportunities and education reimbursement up to $2,000 annually for all employees

Maternity and parental leave top-up

Employee referral bonus of $2,000

Competitive salaries complemented with RRSP matching and bonus programs

Distance remote working policy

LinkedIn Learning access for all team members

We also place great value on celebrating the contributions of all employees through the following service recognition programs: 

Service anniversary recognition and generous five-year milestone service awards

President’s Club recognizing special achievement awards: Team Member of the Year for Sales, CIOC and Cyber Services, the Rich Uhrich Founder’s Award that is nominated on by all employees and four President’s Awards (Risk Taker, Lost Without You, Money Maker and On the Rise)

Spot rewards providing opportunities for instant peer recognition

Information-sharing and team-building initiatives include: 

Annual kick-off meeting to communicate our strategic priorities

Quarterly town hall meetings

Regular team get togethers and client events

Scheduled employee feedback surveys and goal setting focus groups

Thank you for your interest in joining ISA Cybersecurity. Our team looks forward to reviewing your application. We will be reaching out to you directly if your experience matches our needs.

Vacancy Status: This posting is for an existing vacancy
AI Disclosure: ISA Cybersecurity does not currently use artificial intelligence tools as part of our recruitment process

Accessibility:

ISA Cybersecurity is committed to providing accommodations for applicants with disabilities. If you require specific accommodation because of a disability or medical need, please inform ISAs Human Resources team ([email protected]) so arrangements can be made for appropriate accommodation to be in place during the recruitment process.