Security Analyst

The Security Analyst, Cantanhede, plays a key role in safeguarding Tilray's global networks and systems. This position is responsible for implementing and maintaining security tools, documentation, and strategic planning to mitigate cyber threats and support the organization's security posture. You'll be part of a collaborative global security team committed to proactive defense, continuous improvement, and knowledge sharing.

• Collaborate with the Information Security team to provide security guidance for project delivery.
• Contribute to the development and implementation of security standards, policies, and architectural principles.
• Assist in the creation, testing, and maintenance of Disaster Recovery and Business Continuity plans.
• Support vendor and risk management efforts across IT and business initiatives.
• Analyze system, network, and application configurations for security vulnerabilities.
• Participate in penetration testing and remediation planning.
• Promote a culture of security awareness and understanding across teams.
• Evaluate and enhance information protection technologies and processes.
• Support incident response efforts, including root cause analysis and lessons learned.
• Manage and maintain key security platforms such as SIEM, CWAF, EDR, Email Security and other various technology stacks.
• Drive continuous improvement in security operations and practices.
• Partner with IT Operations to ensure secure technology solutions.
• Collaborate with Legal and business teams to review IT-related contractual terms.
• Monitor security alerts and logs to identify and respond to potential threats in real-time.
• Generate security reports and dashboards to support audits, compliance, and executive visibility.
• Manage identity and access controls including Privileged Identity Management (PIM) activation and governance.
• Deploy and maintain data governance tools to ensure compliance and data protection.

• 3+ years of experience in an information security role, preferably in security operations.
• Hands-on experience with security technologies, such as: endpoint, firewalls, and more.
• Deep knowledge of network protocols, routing, and architecture.
• Systems administration skills, specifically with Windows and Linux systems, Active Directory.
• Good knowledge of cyber threats and vulnerabilities related to platform and infrastructure.
• Experience in creating information security documentation, policies, and procedures.
• Experience in IT Disaster Recovery and Business Continuity planning.
• Experience in Risk and Vendor Management.
• Outstanding communication skills written and verbal.
• Ability to build and earn trust of co-workers and clients quickly.
• Friendly, positive demeanor.
• Relevant certifications in cybersecurity or information security are highly desirable. Examples include CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CompTIA Security+, and CEH (Certified Ethical Hacker).
• Strong collaboration skills and adaptability in cross-functional environments, especially when working with IT, Legal, and business stakeholders.
• Experience with scripting languages such as Python, PowerShell, or Bash for automating security tasks is an asset.
• Knowledge of cloud platforms such as Azure, Entra ID, and AWS is strongly preferred.
• Familiarity with vulnerability management tools
• Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls is preferred.
• Experience deploying and managing data governance tools