Security Analyst

EXFO

Security Analyst at EXFO monitoring threats and responding to incidents for IT systems. Collaborating with IT teams to enhance cybersecurity measures with diverse client environments.

Posted 5/15/2026full-timeQuebec City • 🇨🇦 CanadaMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

DNSTableau

About the role

Key responsibilities & impact

Participate in implementing the cybersecurity protection, detection, and response plan for the company's IT systems.
Serve as the primary point of contact for the Security Operations Center (SOC): monitor alerts, coordinate remediation actions, and escalate when necessary.
Lead the handling and resolution of security incidents, intervening directly on systems when required.
Develop remediation plans based on technical audit findings and track them through to implementation.
Actively contribute to patch deployment, configuration of security solutions, and improvement of existing controls.
Maintain continuous monitoring of threats and cybersecurity trends to anticipate emerging risks.
Create and maintain an operational security dashboard.
Integrate security requirements into IT projects by providing expertise from the design phase.
Advise teams and staff on cybersecurity best practices to minimize risk and ensure compliance with applicable standards.
Contribute to security awareness and training efforts for internal stakeholders.
Participate in updating the risk mapping and propose appropriate corrective actions.
Contribute to formalizing and updating operational security guidelines and procedures.
Support IT leadership in monitoring security posture and preparing periodic reports.

Requirements

What you’ll need

3 to 5 years of experience in cybersecurity, particularly in incident management, risk analysis, and security operations.
Strong technical skills enabling direct intervention on systems and security solutions when necessary.
Good knowledge of security standards and frameworks (NIST, ISO 27001, CIS, etc.).
Ability to translate technical concepts into clear language and support IT and business teams in implementing protective measures.
Excellent communication skills and cross-functional collaboration.
Ability to manage priorities and adapt to a constantly evolving environment.
Operational experience with endpoint protection and threat detection solutions (EDR/XDR) — required.
Hands-on experience with a vulnerability management platform — required.
Functional knowledge of a SIEM, including creating detection rules and investigating alerts; proficiency in a query language (e.g., KQL or equivalent) is an asset.
Experience administering and analyzing network security solutions (firewalls, VPNs, DNS filtering, network access control).
Knowledge of identity and privileged access management principles (IAM/PAM).
Strong familiarity with cloud collaboration and productivity environments (email, managed workstations, mobile device management).
Knowledge of Active Directory environments and associated attack vectors.
Scripting for automation and investigation (PowerShell or equivalent) — an asset.
Certifications (a plus): CompTIA Security+; SC-200, GCED or other certifications focused on detection, investigation, and defense; GCIH, GCIA, or any certification related to incident handling and threat response.

Benefits

Comp & perks

Inclusive and diverse work environment

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident managementrisk analysissecurity operationsendpoint protectionthreat detectionvulnerability managementSIEMnetwork security solutionsidentity and access managementscripting

Soft Skills

communication skillscross-functional collaborationpriority managementadaptability

Certifications

CompTIA Security+SC-200GCEDGCIHGCIA