Description

Security Analyst – Vulnerability Management and Cloud Remediation

Number of positions:1, 6-Month Contract (Potential for extension)

Location: Remote (Within Canada; Eastern Time Zone preferred)

Must be eligible to work in Canada

Roles and responsibilities:

We are seeking a hands-on, specialized Security Analyst to join a lean, high-impact security team supporting an enterprise environment of over 5,000 users. In this role, you will focus primarily on managing vulnerability operations and driving security posture remediation across our expanding cloud environments.

The ideal candidate bridges the gap between identifying vulnerabilities and collaborating directly with Cloud and Infrastructure teams to actively reduce overall security risk. Please note: This is an analyst-focused profile, not a developer/coder role.

Key Responsibilities

  • Vulnerability Management Operations: Maximize the efficiency of the Qualys VMDR platform. Monitor, analyze, prioritize, and oversee the end-to-end vulnerability lifecycle from detection to verified closure.
  • Cloud Security Posture & Remediation: Utilize Microsoft Defender for Cloud (CSPM) to identify risks, misconfigurations, and compliance drift. Drive hands-on remediation across core cloud pillars (Identity & Access Management, Network, Storage, and Compute/Workload Protection).
  • Collaboration & Risk Reduction: Partner closely with internal Cloud and Infrastructure teams to implement patches and fixes, communicating risks clearly to ensure efficient mitigation without disrupting business operations.

Must have skills/ experience/Qualifications

Required Technical Experience:

A minimum of 5-10yrs of the following:

  • Qualys VMDR: Mandatory, hands-on experience utilizing the Vulnerability Management, Detection, and Response module.
  • Microsoft Defender for Cloud: Proven experience using the platform’s CSPM capabilities to analyze and secure cloud infrastructure.
  • Cloud Security Foundations: Deep understanding of cloud security configurations surrounding identity, network, storage, and compute environments.
  • Analytical Mindset: Strong capability to interpret complex security metrics and map out clear remediation pathways.

Soft Skills & Working Style:

  • Self-Starter: Ability to thrive and deliver results independently within a fast-paced, lean team environment.
  • Strong Communicator: Capable of collaborating smoothly across different technical teams to drive action on security findings.

Nice-to-Have:

  • Prior experience in the Financial Services, Insurance, or other highly regulated industries.
  • Proximity to Toronto/Oakville for occasional major meetings.