The role of the Cyber Security Analyst is to help ensure that Roots Corporation remains a leader in information security. Reporting to the Sr. Manager of Network and Security, the successful applicant will be a leader in helping Roots Corporation identify security threats, remedy gaps, and develop countermeasures to ensure the security and integrity of our infrastructure and data. The successful candidate will play a leading role in ensuring the organization's security policies and procedures are followed and be accountable for delivering configuration changes in accordance with change control policies to a broad range of IT systems.

Duties and Responsibilities:

• Monitor security event logs and alerts to identify potential security incidents.
• Investigate and respond to security incidents, including analyzing security logs, conducting digital forensics, phishing email, collecting artifacts and managing incident response activities.
• Monitor and manage the vulnerability management program, including patch management and system hardening.
• Manage regular vulnerability assessments and penetration tests to identify weaknesses in our systems and work closely with IT teams to prioritize and remediate identified vulnerabilities.
• Performing security audits, risk assessments, and analysis
• Collaborate with internal teams and external partners to mitigate security incidents and minimize impact.
• Maintaining and monitoring security software and detection systems and updating security software and systems where required
• Assist in developing, implementing, and maintaining cyber security policies, standards, and procedures.
• Ensure compliance with relevant industry regulations and standards, such as PCI DSS, data protection laws & CIS Benchmark.
• Analyzing and reporting on anomalous behavior
• Recording and investigating potential security threats and escalating those findings to relevant parties
• Manage cybersecurity awareness programs.
• Supporting information assurance processes and making recommendations for improvements
• Provide support in audits/assessments.
• Partnering with the Incident Response Team (IRT) to investigate and manage cyber incidents.
• Prepare detailed reports and documentation of security incidents, investigations, and findings.
• Maintain accurate and up-to-date records of security incidents, actions taken, and lessons learned.
• Keeping abreast of the latest IT security measures and controls

Job Specifications:

• Minimum of three years of practical information security experience
• A Bachelor's degree in computer science, cyber-security, or a related field is desirable
• Professional cyber security certifications CompTIA Security+ is required.
• Solid cyber, infrastructure and data security skills
• Hands-on experience with SIEM, SOAR, Crowdstrike, Cisco security solutions & Microsoft security services.
• Ability to understand cloud architecture and associated security concerns.
• Ability to identify security threats, trends and anomalies
• Researching attempted breaches of data security and rectifying security weaknesses
• Formulating security policies and procedures
• Knowledge of data protection regulations and security standards/frameworks
• Hands-on skills in WAF, ASV Scanners, DLP, Security Certificate Management, EDR, DNS Filtering, Email Security, Identity & Access Management.
• Experienced in firewall, data centre solutions and intrusion detection/prevention system
• Ability to set up automated alerts for Anomalies
• Knowledge of Secure SDLC best practices & testing procedures
• Excellent verbal and written communication skills
• Skilled at dealing with a range of technical and non-technical stakeholders
• Logical thinker and creative problem solver
• Flexible attitude and willingness to work to tight deadlines
• Adhere to the Roots Information Security standards, policies, and procedures

At Roots we appreciate that skills and expertise are cultivated through a range of experiences. We are committed to reflecting Canada's diverse landscape in our products, team, and workplace culture. We value your unique perspective and encourage you to apply, even if you don't meet every listed requirement. Accommodations are available for applicants throughout the recruitment process.