Information Security Officer

This position is posted by Jobgether on behalf of a partner company. We are currently looking for an Information Security Officer in Canada.

The Information Security Officer is responsible for ensuring the confidentiality, integrity, and availability of organizational information assets. This role involves maintaining and enhancing a comprehensive information security program, monitoring for potential threats, and implementing proactive security measures. The officer will collaborate with multiple departments to foster a security‑conscious culture, assess and mitigate risks, and respond effectively to security incidents. This position provides the opportunity to work in a dynamic, high‑growth technology environment, contributing to the protection of critical systems and data. Ideal candidates are analytical, detail‑oriented, and possess advanced knowledge of cybersecurity principles, cloud security, and threat detection.

• Operate and continuously improve the information security program in accordance with company policies, standards, and procedures.
• Monitor and analyze security alerts, system logs, and events using advanced SIEM tools, escalating incidents as appropriate.
• Conduct detailed forensic investigations during security events and document findings and lessons learned.
• Support the vulnerability management program, validate scan results, prioritize critical issues, and assist in remediation planning and execution.
• Implement security configurations and mitigations to enforce compliance with security policies and standards.
• Collaborate with technology teams to enforce secure baselines for network devices, operating systems, cloud environments, and applications.
• Develop improvements and automation workflows for security monitoring and incident response processes.
• Communicate security risks, incidents, and mitigation strategies clearly to both technical and non‑technical stakeholders.

• Minimum of 5 years of experience in information security or a related field.
• Relevant IT, Computer Engineering degree, diploma, or equivalent experience.
• Strong expertise in SIEM technologies, log analysis, threat detection, and incident response.
• Knowledge of security frameworks such as NIST Cybersecurity Framework, SOC 2, and compliance/regulatory requirements.
• Proficiency with security control areas including IPS/IDS, penetration testing, patch management, system/network hardening, data loss prevention, and multi‑factor authentication.
• Experience with modern security solutions: EDR, WAF, JWT, and application control.
• Excellent written and verbal communication skills with strong collaboration and interpersonal abilities.

• Security certifications such as CEH, OSCP, SSCP.
• Experience with Splunk Enterprise Security and advanced SPL queries for alerting, dashboards, and reporting.
• Knowledge of Microsoft Azure Defender for Cloud, IAM, and Azure monitoring/analytics.
• Experience applying NIST Cybersecurity Framework 2.0 principles.

• Competitive base salary with variable bonus structure.
• Full‑time, permanent employment with comprehensive benefits package.
• Opportunity to work in a dynamic, high‑growth technology environment.
• Collaborative, security‑focused culture fostering professional growth.
• Exposure to modern cybersecurity tools, cloud security, and threat intelligence practices.
• Work remotely with no travel requirements.

We use an AI‑powered matching process to ensure your application is reviewed quickly, objectively, and fairly against the role's core requirements. Our system identifies the top‑fitting candidates, and this shortlist is then shared directly with the hiring company. The final decision and next steps (interviews, assessments) are managed by their internal team.

We appreciate your interest and wish you the best!

By submitting your application, you acknowledge that Jobgether will process your personal data to evaluate your candidacy and share relevant information with the hiring employer. This processing is based on legitimate interest and pre‑contractual measures under applicable data protection laws (including GDPR). You may exercise your rights (access, rectification, erasure, objection) at any time.

#LI-CL1