IKO Industries Ltd. is a market leader in the manufacturing of roofing and building materials. IKO is a Canadian owned and operated business with production facilities worldwide and has many years of unparalleled success in the roofing materials industry. Quality, integrity, and trustworthiness are the values that underlie this success, and we have built this company by hiring people who hold these values. People like you!Job DescriptionJob DescriptionSenior Information Security AnalystLocation: Mississauga, ON (Onsite)Reports to: Team Lead, Information SecurityCompensation: $106,000 - $120,000Role SummaryWe are seeking a Senior Information Security Analyst with deep, hands‑on experience across security operations, incident response, and data protection in enterprise, cloud, and SaaS environments. This role is responsible for defending the organization against advanced cyber threats while leading efforts to protect sensitive business, employee, and executive data across on‑premise systems, cloud platforms, and collaboration tools such as Microsoft 365.The Senior Analyst operates as a technical authority and trusted advisor, helping shape security detection, response, and data protection practices across the enterprise. This role goes beyond monitoring tools—it focuses on investigations, risk reduction, and building durable security controls that scale across modern hybrid IT and SaaS environments.This position is fully onsite at our Mississauga, ON office.What Success Looks Like in This RoleCyber incidents are detected early across network, endpoint, cloud, and SaaS platforms, investigated thoroughly, and closed decisivelySensitive data in email, file sharing, cloud storage, and business systems is protected by design—not discovered after an incidentSecurity controls balance risk reduction without breaking productivity in platforms like Microsoft 365 and other SaaS toolsBusiness and IT leaders understand cyber and data risk in clear, plain languageJunior analysts get stronger because of your guidance, not despite itKey ResponsibilitiesSecurity Operations & Incident Response (Core)Lead investigation and response to security incidents across network, endpoint, cloud infrastructure, SaaS platforms (including Office 365), email, and identity systemsProactively hunt for threats, suspicious behavior, and signs of data compromise across on‑prem, cloud, and SaaS environmentsAnalyze logs, alerts, and telemetry from SIEM, EDR, identity, email, and cloud platforms to identify unauthorized access, privilege abuse, lateral movement, and account compromiseAct as an escalation point for complex or high‑impact security incidents, including cloud security breaches and SaaS account takeoversProduce clear, defensible incident reports with evidence, root cause analysis, and corrective actionsData Protection, Governance & DLPPlay a lead role in Data Governance and Data Classification initiatives covering on‑premise systems, cloud platforms, and SaaS applicationsDesign, tune, and support Data Loss Prevention (DLP) controls across:Email and collaboration platforms (e.g., Office 365)EndpointsCloud storage and SaaS collaboration toolsInvestigate data‑related security events, including:Unauthorized access to sensitive or regulated data in cloud and SaaS platformsLarge or unusual data transfers from cloud storage or collaboration systemsData shared externally or to personal accounts from corporate email or SaaS environmentsPartner with business owners to apply risk‑based data protection controls without unnecessary frictionSecurity Architecture & Project EnablementEmbed security and data protection requirements into IT and business‑led projects involving cloud, SaaS, and hybrid environmentsIdentify risks introduced by new systems, integrations, SaaS vendors, cloud services, or workflowsRecommend pragmatic remediation options, compensating controls, and secure design improvementsProvide hands‑on security architecture guidance for cloud services, SaaS platforms, and identity‑centric solutions when neededGovernance, Risk & ComplianceContribute to security standards, policies, procedures, and technical guidelines related to cloud security, SaaS usage, identity, and data protectionPerform and review technical risk and threat assessments for critical systems, including cloud‑hosted and SaaS‑based servicesSupport internal and external audits (e.g., PCI, ISO 27001, regulatory reviews)Define and track remediation plans through to closureTooling, Detection & Continuous ImprovementImprove detection logic, alert quality, and investigation workflows across SIEM, EDR, email security, cloud security, and SaaS telemetryEvaluate new security tools and capabilities with a practical, outcomes‑focused mindsetReduce noise, false positives, and manual effort where possibleStay current on emerging threats targeting cloud platforms, SaaS environments, identity systems, and collaboration toolsLeadership & MentorshipAct as a technical mentor to junior and intermediate analystsLead by example during incidents, investigations, and projectsRaise the overall maturity of the security operations function across enterprise, cloud, and SaaS environmentsRequired Qualifications & ExperienceExperience8+ years of progressive experience in Information Security, Security Operations, or Incident ResponseDemonstrated experience leading complex security investigations end‑to‑end, including cloud and SaaS‑based incidentsHands‑on expertise with SIEM / logging platforms (e.g., Splunk, QRadar, ArcSight, Elastic)Strong background investigating endpoint, network, cloud, SaaS, and email‑based threatsProven experience working directly with IT infrastructure, cloud platforms, Microsoft 365, and enterprise applicationsData Protection Experience (Required)Practical experience with Data Classification, Data Governance, and/or DLPStrong understanding of how sensitive data moves across email, collaboration tools, cloud services, and enterprise systemsExperience investigating data misuse, data exfiltration, or insider‑related incidentsTechnical Experience (Strongly Preferred)Endpoint Detection & Response (EDR) platformsNetwork security and traffic analysisIdentity and access security (including cloud identity platforms)Vulnerability management and risk‑based remediationCloud security controls and SaaS environments (including Office 365 / Microsoft 365)Certifications (Nice to Have)CISSP, CISM, CRISC, or similarRelevant cloud or security platform certificationsCore Skills & AttributesExcellent investigative and analytical skillsAbility to explain cyber and data risk in plain business languageCalm and decisive during incidentsStrong written documentation skills (incident reports, risk assessments, recommendations)Comfortable influencing without authorityPragmatic, risk‑based mindset—knows when “perfect” is the enemy of “secure”Education & Other RequirementsBachelor’s degree in Information Technology, Computer Science, or related field preferredAbility to travel across North America and Europe as requiredBenefits of Employment: IKO recognizes that its success is due to the strength of its employees. A primary goal of IKO is to promote individual employee's sense of accomplishment and contribution so that employees enjoy their association with IKO. The Company invests in its employees so that they are the most knowledgeable in the industry, and undertakes great efforts to nurture loyalty to, and teamwork at, IKO. We are pleased to offer competitive compensation, health care, a progressive and challenging workplace and a commitment to teamwork and integrity.Diversity and Equal Opportunity Employment: IKO Industries Ltd. is an equal opportunity employer. We are committed to diversity and inclusion and are pleased to consider all qualified applicants for employment without consideration to race, religion, creed, color, national origin, age, gender, sexual orientation, marital status, veteran status or disability. IKO Industries Ltd. encourages and welcomes applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.#J-18808-Ljbffr