Petal

Cybersecurity Analyst – Security Monitoring, Cloud Security

Petal

full-time

Posted on:

Location Type: Remote

Location: Canada

Visit company website

Explore more

AI Apply
Apply

Tech Stack

AzureCloudCyber Security

About the role

  • Monitor and analyze security events across Microsoft Sentinel, Sumo Logic, Azure Event Hub, and related log sources, investigating anomalies, identifying threat patterns, and escalating incidents as needed.
  • Design and optimize detection capabilities by implementing and fine-tuning detection rules, correlation logic, dashboards, and automated response playbooks to improve threat visibility and response effectiveness.
  • Administer and optimize the Wiz cloud security posture management platform, including threat monitoring, misconfiguration identification, compliance enforcement, investigation workflow optimization, and project structuring.
  • Conduct continuous cloud security assessments in Azure environments, working with platform teams to address misconfigurations, vulnerabilities, and security gaps while ensuring proper resource labeling and governance.
  • Configure and tune Cloudflare Web Application Firewall rules and policies to protect against web-based attacks while minimizing false positives and coordinating with development teams on application impacts.
  • Manage the complete vulnerability lifecycle including running scans across endpoints, infrastructure, applications, and cloud resources, performing triage and risk ranking, coordinating pentests, and tracking remediation KPIs.
  • Oversee Git CI/CD security scanning including SAST, dependency scanning, container scanning, and secret detection, reviewing pipeline configurations and collaborating with developers on mitigation strategies.
  • Provide security guidance for web and application environments, monitoring Petal's websites for vulnerabilities, evaluating themes and plugins, and conducting security analysis of new software, libraries, and SaaS products.
  • Manage and secure Azure Event Hub configurations to ensure reliable telemetry ingestion for SIEM and monitoring tools, collaborating with cloud teams on log routing and retention.
  • Lead threat investigations and forensic analysis by managing sandbox environments, analyzing suspicious files and behaviors, and supporting investigations into malware, phishing, or suspicious activity.
  • Support threat modeling initiatives for new applications, features, and cloud deployments, partnering with DevOps, platform, and engineering teams to improve design-stage security.
  • Actively participate in incident response including triage, root-cause analysis, containment, and remediation, documenting findings and contributing to continuous improvement initiatives.
  • Generate security dashboards and reports for leadership, highlighting risk trends, compliance posture, remediation progress, and providing actionable insights to stakeholders.
  • Collaborate cross-functionally with DevOps, IT, GRC, Product Management, and SOC teams to ensure security is integrated throughout the software development lifecycle and organizational operations.

Requirements

  • 3–5 years of experience in cybersecurity operations, cloud security, or security engineering.
  • Bachelor's degree in Cybersecurity, Computer Science, Information Systems, or related field.
  • Strong hands-on experience with Azure, including cloud logging, monitoring tools, and cloud-native security features.
  • Familiarity with security tools such as Cloudflare WAF, Wiz CNAPP, Microsoft Sentinel, GitLab CI/CD scanning, and SIEM platforms.
  • Understanding of threat detection techniques, vulnerability management practices, and web application security principles.
  • Demonstrated rigor and strong analytical skills, with exceptional attention to detail when investigating security events and assessing risks.
  • Excellent communication skills, able to articulate security concepts clearly to both technical and non-technical colleagues.
  • Ability to collaborate effectively with DevOps, engineering, IT operations, and cross-functional teams.
  • Strong organizational skills, able to manage multiple priorities and work effectively in a dynamic, fast-paced environment.
  • High integrity and discretion when handling sensitive security information in a healthcare context.
  • Certifications such as Security+, CySA+, AZ-500, SC-200, CCSP, or GIAC credentials (nice to have).
  • Experience working in environments handling PHI/PII or under frameworks like SOC 2, HIPAA, or ISO 27001 (nice to have).
  • Knowledge of container security, OWASP Top 10, and CI/CD pipeline security best practices (nice to have).
  • Experience supporting threat modeling or penetration testing programs (nice to have).
  • Interest in artificial intelligence technology to optimize security and processes (nice to have).
Benefits
  • Recurring hybrid work allowance;
  • Compensation that recognizes your contribution;
  • 4 to 6 weeks of paid vacation per year;
  • 5 paid personal days per year;
  • A group RRSP / DPSP plan with employer contribution;
  • A complete group insurance plan, from day 1;
  • An annual wellness allowance;
  • Access to the Lumino Health™ telehealth application;
  • Flexible work hours and more.
Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools
cybersecurity operationscloud securitysecurity engineeringthreat detection techniquesvulnerability managementweb application securitycloud security posture managementincident responseforensic analysissecurity assessments
Soft Skills
analytical skillsattention to detailcommunication skillscollaborationorganizational skillsintegritydiscretionability to manage multiple prioritiesability to work in a dynamic environmentarticulation of security concepts
Certifications
Security+CySA+AZ-500SC-200CCSPGIAC