Security Analyst

Fullscript is an industry-leading health technology company focused on improving patient care. They are seeking a skilled Security Analyst to join their Security Operations Centre (SOC) team, responsible for enhancing their security posture through proactive threat monitoring, incident response, and vulnerability management.

Responsibilities

• Proactive Threat Monitoring: Support real-time security monitoring and response using SIEM and other security tools
• Incident Triage & Escalation: Analyze security events, identify potential threats, and escalate incidents based on predefined criteria
• Vulnerability Management: Monitor, track, and follow up on outstanding vulnerabilities, working with internal teams to ensure timely remediation and risk mitigation
• Threat Investigation: Assist in identifying and analyzing indicators of compromise (IoCs) to detect potential attacks
• Security Documentation: Help maintain and refine security documentation, including standard operating procedures (SOPs) and playbooks
• Data-Driven Insights: Collaborate with the security team and partner teams as needed to develop meaningful dashboards and visualizations that enhance threat awareness and improve security posture
• Incident Response Support: Contribute to investigations by collecting evidence, documenting findings, and assisting in remediation efforts
• Continuous Learning: Stay up to date on emerging cybersecurity threats, attack techniques, and best practices

Skills

• Strong proficiency in SQL for data manipulation, along with expertise in SIEM-specific search languages and DSLs (such as OpenSearch, Lucene, or DataPrime) to conduct deep-dive investigations and custom threat hunting
• Experience securing network infrastructure, including firewalls, IDS/IPS, VPNs, network segmentation, and Zero Trust Network Access (ZTNA) to enhance access control and reduce the attack surface
• Proficiency in scripting languages such as Python, Bash, or PowerShell to automate security tasks and enhance monitoring
• Exposure to digital forensics, malware analysis, or threat hunting methodologies
• Understanding of common attack techniques, defense strategies, and cybersecurity risk management frameworks
• Experience and familiarity with SIEM architecture, EDR solutions, and general security tool administration
• A sharp analytical mindset with the ability to identify patterns, investigate anomalies, and think critically about security challenges
• A strong enthusiasm for cybersecurity, with a continuous desire to learn and stay ahead of evolving threats
• Ability to thrive in a fast-paced, dynamic environment while effectively responding to emerging threats
• Strong verbal and written communication skills, with the ability to convey technical findings clearly to both technical and non-technical audiences
• Willingness to ask questions, collaborate with team members, and actively seek mentorship to enhance skills
• Strong situational analysis skills with the ability to assess security risks, make informed decisions, and influence outcomes
• Familiarity with integrating security into CI/CD pipelines, securing cloud environments, and automating security processes within development workflows
• Hands-on experience with cloud security monitoring tools and best practices in AWS, Azure, or GCP
• Knowledge of security frameworks and compliance standards such as NIST, CIS, ISO 27001, HITRUST, or regulatory requirements (e.g. HIPAA, PCI-DSS)

Benefits

• Generous PTO and competitive pay
• Fullscript’s RRSP match program for financial health
• Flexible benefits package and workplace wellness program
• Training budget and company-wide learning initiatives
• Discount on Fullscript catalog of products
• Ability to work Wherever You Work Well

Company Overview