Senior Information Security Analyst (12 Month Contract)

We’re building the future of insurance by blending technology, innovation and people in new ways to create meaningful, trusted experiences for our clients.

Gore Mutual & Beneva announced intent to merge in 2026, uniting two well‑established, financially strong brands to become Canada’s strongest mutual insurer, ensuring Canadians have purpose‑driven options for generations to come.

As a Senior Information Security Analyst, you will work as part of the Enterprise Security team to protect the organization’s information systems and networks from cyber threats. This role involves monitoring, analyzing and responding to security incidents, as well as implementing security measures to safeguard sensitive data. You will work with our cloud and infrastructure teams to maintain our security controls, ensure accurate logging and drive continuous improvement of our security program.

This role will report to the Manager, Security Operations. As a senior, you will mentor and coach colleagues on the team, especially less experienced teammates.

• Primary liaison between our MDR partner and Gore for escalations, tuning and management of alerts and incidents. In addition, track vendor performance and service delivery.
• Lead the investigation and response into security breaches, trigger emergency response escalations adhering to playbook workflows, ensure appropriate resource allocation, timely resolution and high‑quality documentation.
• Continuously develop and maintain incident response plans and procedures.
• Engage with other technical and business departments within Gore Mutual to plan for incidents and proactively develop security best practices.
• Mentor junior analysts in incident response activities.

• Stay updated on the latest cyber threats, vulnerabilities, and attack vectors.
• Analyze threat intelligence data to identify trends and potential risks.
• Develop and implement automation scripts and logic apps to support and streamline security operations.
• Leverage Cyber Threat Intelligence to provide direction, context and TTP’s to hunt for emerging threats within our environment.
• Provide knowledge and expertise to other departments such as networking and cloud engineering to assist in developing our platforms to reduce our threat exposure to emerging threats.

• Develop knowledge and awareness of emergency response procedures related to physical security.
• Liaise with Shared Services and Facilities Departments to support and continuously improve physical security across all the company’s offices and facilities.
• Work with Facilities and Shared Services teams to implement automated security and surveillance solutions that enhance the effectiveness of our physical security monitoring and response capabilities.
• Work with business departments to create playbooks and procedures to respond to physical threats.
• Assume a lead role for Physical Incident Response including for threats and imminent and active.

• Work with management to develop and continuously improve reporting metrics and dashboards for overall department operational reporting.
• Leverage knowledge of SIEM and other Data Warehouse and analytics systems to do data discovery, high level forensics and general analysis of security telemetry.
• Facilitate and ensure collection of ongoing SLAs, KPIs and KRIs across all security teams.
• Assist in creating monthly, quarterly and yearly reports and dashboards.
• Act as a backup for creation and delivery of reports including for senior leadership in the event the department manager is unavailable.

• Community college degree in Computer Engineering or Information Security.
• 5+ Years of experience in an IT or CyberSecurity related role.
• 3 years experience in a Cyber Security Incident Response role.
• 3 years experience working with cloud environments leveraging Dev‑Ops and Kubernetes.

Must haves:

• Knowledge of security tooling to support Cloud, Network, Email Security, Endpoint Protection and IDPS.
• Experience working on an Emergency Response Team or Incident Response Team (War room).
• Knowledge of SIEM software and its associated functions such as use case building, log ingestion, CMDB integration, SOAR.
• Experience in monitoring security software consoles and dashboards and documenting security issues.
• Experience with Azure and/or AWS Cloud.
• Excellent written and oral communication skills; analysts will be expected to communicate effectively with internal and external users, contractors and partners.

• Cyber Security certifications such as CISSP, Microsoft, SANS, CISM, or CEH.
• Knowledge of Security Governance principles, exposure to NIST CFS or other frameworks.
• Experience working in a Security Operations Center (SOC).
• Understanding of patch management methodologies and practices.
• Familiar with identity and access management concepts.
• Knowledge of the Mitra Attack Framework, Cyber Kill Chain, Cyber Threat Modeling and the Diamond threat model would be beneficial.
• Experience in providing Physical Security Services.

#LI-Hybrid

Gore Mutual Insurance Company is committed to providing accommodations for people with disabilities during all phases of the recruiting process, including the application process. If you require accommodation because of a disability, we will work with you to meet your needs. Contact us and a human resources representative will consult with you to determine an appropriate accommodation. Should you request an accommodation during the interview process, please notify your Talent Acquisition Consultant.