Reports to: Technical Manager- Enterprise Infrastructure & EUS

Location: Mississauga, ON ( Hybrid)

Job Scope:
The Cybersecurity and Cloud Infrastructure Analyst will be responsible for securing and managing both on-premises and cloud-based assets. They will assist in the design, implementation, and maintenance of security policies and controls that align with industry standards and regulatory requirements, ensuring the protection of sensitive data and systems. Additionally, they manage the deployment of security measures, such as encryption, firewalls, and intrusion detection systems, within Azure and other Microsoft cloud services, continuously monitoring for anomalies and potential threats.

The Analyst is a hands-on, proactive cybersecurity professional who excels in technical execution and has deep expertise in threat detection, vulnerability management, and incident response across hybrid environments. The incumbent is a true team player who can provide solid recommendations to the IT Manager and IT team on how to optimize existing and new technology to benefit business operations. They will have to stay ahead of emerging threats, adapt to evolving cloud technologies, and coordinate with cross-functional teams to integrate security seamlessly into all aspects of the cloud infrastructure.

Role Responsibilities:
Threat & Vulnerability Management

• In collaboration with the IT team, oversee the deployment, configuration, and management of tenable solutions across the organization.
• Mitigate threats found in penetration tests.
• Regularly conduct vulnerability scans and assessments, analyze results, and develop remediation plans.
• Ensure timely patch management and risk mitigation strategies in response to identified vulnerabilities.
• Manage and maintain MDR and XDR solutions to ensure comprehensive endpoint security across all devices (including ensuring real-time monitoring and response capabilities).
• Develop and maintain threat hunting protocols, leveraging EDR/XDR capabilities to identify potential risks.
• Implement policies for malware detection, prevention, and response.
• Conduct regular security assessments, identifying vulnerabilities and areas for improvement.
• Stay updated on the latest cybersecurity trends and technologies, recommending enhancements to existing security posture.
• Work closely with MDR providers to monitor, detect, and respond to security incidents.
• Coordinate incident response activities with MDR teams, ensuring effective risk mitigation.
• Review and analyze MDR reports, implementing recommended security improvements.
• Investigate and respond to endpoint security incidents, coordinating with other IT, business teams, and staff as necessary.
• Administer and monitor IDS/IPS solutions, ensuring real-time detection and prevention of security threats.
• Assist in the development and execution of incident response plans, ensuring rapid and effective responses to security incidents.
• Document and report on incidents, providing insights for continuous improvement of security measures.

Cloud Infrastructure & SaaS Administration

• Administer and secure cloud environments, including IaaS, PaaS, and SaaS platforms.
• Implement cloud security best practices, including data encryption, access controls, and network security.
• Regularly audit cloud environments for security compliance and risk management.
• Monitor email traffic for security threats, spam, and phishing attempts, implementing necessary countermeasures.
• Ensure compliance with organizational email security policies and industry standards.
• Manage and secure Microsoft Azure environments, including Entra ID resource groups, and subscriptions, by implementing Azure policies and governance frameworks that align with organizational security standards.
• Manage Microsoft Intune policy configuration.
• Develop and enforce IAM policies, ensuring proper user authentication, authorization, and access control.
• Implement and manage SSO solutions, ensuring seamless and secure user access to multiple applications.
• Regularly review and audit access controls, ensuring compliance with security policies and regulatory requirements.
• Implement and manage DLP solutions to prevent unauthorized access and exfiltration of sensitive data.
• Regularly audit systems and processes for compliance, addressing any gaps or nonconformities.
• Prepare for and participate in security audits, providing necessary documentation and support when needed.

Server & Network Administration

• Active Directory (ADUC, site replications, AD Connect, DNS, Meta Data cleanup, GPO implementation, etc.). Windows Server (DHCP, DNS, MMC, IIS, Server Manager, etc.).
• Manage Hypervisor, VMware and Hyper-v
• Administer organizational networks (multiple sites, public / private Wi-Fi, ACL's, IPsec VPN, Client VPN, etc.).
• Troubleshoot and diagnose network errors or failures.

Job Qualifications

• Relevant experience may include education with a focus in Computer Science or a closely related IT field, or equivalent hands-on career experience
• 5 years' experience in a similar IT role supporting systems, networks, and data
• Expertise in Threat Detection and Mitigation, Security Information and Event Management (SIEM), Vulnerability Management, Incident Response, Network Security, Identity and Access Management (IAM), and Endpoint Security
• Strong cloud infrastructure skills, including Cloud Platforms (Microsoft Azure, AWS), Cloud Security Best Practices, Cloud Identity and Access Management, Cloud Monitoring and Logging, Data Protection in the Cloud, Automation and Scripting, Cloud Incident Response, and Container and Microservices Security
• Hands-on experience with Microsoft Purview is considered an asset.
• Certifications such as CCSP, OSCP, CompTIA Security+, CCNA, are considered assets
• Analytical thinker with excellent communication skills and the ability to collaborate with all levels of an organization
• Strong sense of responsibility and accountability, with the ability to work independently and as part of a team
• Ability to work outside of regular business hours, which may include evenings and/or weekends

Gay Lea Foods is a leading Canadian dairy co-operative renowned for producing high-quality, nutritious dairy products that Canadian families love and trust. From farm to table, our 1,200 farmer members in Ontario and Manitoba, and more than 1,200 employees across four provinces, work together to nourish communities through award-winning brands including Gay Lea, Nordica, Salerno, Bothwell Cheese, and more. As part of its deeply rooted, balanced commitment to people, profit, and planet, Gay Lea Foods proudly invests one percent of pre-tax earnings back into Canadian communities through a national food security partnership with Second Harvest, and the community-building efforts of the Gay Lea Foundation. To learn more, visit gayleafoods.com.

Gay Lea Foods is an equal-opportunity employer and values diversity in our workplace.

Reasonable accommodation is available upon request throughout our recruitment and selection process.

Thank you for your interest in Gay Lea Foods.

Wishing you all the best with your career search!