Cyber Security Analyst

Base Pay Range

CA $90,000.00/yr - CA $95,000.00/yr

The Cyber Security Analyst is a key member of the Cloud Technology & Security team, reporting to the Director of the department. You will play a critical role in ensuring compliance with security standards and regulations, conducting security analysis and vulnerability scans, designing secure solutions, analyzing threats, and implementing safeguards to protect sensitive data. This role combines proactive security reviews, incident response, and collaboration with cross‑functional teams to maintain and strengthen Lorex’s security posture.

In addition to security, the candidate should be comfortable with privacy considerations, as privacy goes hand in hand with security, though not required to be a subject matter expert.

• Conduct Threat and Risk Assessments (TRAs), Audits and/or Security Reviews on Lorex Products and Services that are based on an industry reputable standard such as ISO 27001/2, SOC2, NIST, and GDPR requirements
• Perform security analysis and vulnerability scans of mobile apps (iOS/Android), cloud services, and embedded system firmware
• Partner with project teams to provide secure design and deployment guidance
• Performs a gap analysis of Lorex security environment against industry best practices and recommend remediation
• Recommend and validate secure configurations for infrastructure systems (Windows, Linux, macOS, AD, IDS/IPS, SIEM, etc.)
• Define, review, and report on security analytics and metrics
• Stay current with evolving information security technologies and best practices

• Responds to security incidents applying appropriate containment and eradication techniques
• Monitor infrastructure, security reports, and vulnerability assessments to identify threats or weaknesses
• Support disaster recovery and business continuity planning and testing
• Collaborate with software development, Dev Ops, and engineering teams to integrate security requirements and perform security testing
• Serve as an internal security consultant across projects and external stakeholders engagements
• Promote and foster a strong security culture within the organization

• Undergraduate degree in Information Security, Computer Engineering, or related field
• 3-5 years of hands on experience in information security roles with large scale environments
• Professional certifications such as Certified Information Systems Security Professional (CISSP) certification, Certified Information Security Auditor (CISA), Certified Ethical Hacker (CEH) or Certificate of Cloud Security Knowledge (CCSK) are assets
• Solid technical expertise in vulnerability assessments, penetration testing, application and OS hardening, firewalls, VPNs, PKI, IDS/IPS, encryption, and incident response
• Familiarity with industry standards such as ISO
  27001, NIST, CIS, SOC2 benchmarks
• Experience designing and implementing security controls in cloud (AWS, GCP, Digital Ocean etc.)
• Experience conducting security analysis and vulnerability scans for mobile apps, cloud services, and embedded system firmware
• Knowledge of SIEM, endpoint protection, and monitoring tools
• Experience with surveillance, video, real‑time communications and similar considered an asset
• Ability to work independently and collaboratively, with strong problem‑solving and analytical skills
• All prospective employees must pass a background check

Associate

Full‑time

Information Technology

Computers and Electronics Manufacturing

Lorex welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.