Job description
Working together to be our best!

First National is Canada’s largest non-bank lender, originating and servicing both commercial and residential mortgages since 1988. Over the past thirty years, we have been committed to hiring the best and brightest with over 1,000 proud team members. Through cooperation, ongoing coaching, development opportunities and a culture that celebrates both hard work and teamwork, First National team members are supported to lead, learn and grow.
If you are ready to join First National’s dynamic team, while working hard and having fun doing it, we invite you to apply online and let us know how you can be part of our success story.

We are hiring an Information Senior Security Analyst, Information Security!

Reporting To: Director, Information Security
Full-Time/Part- Time: Full-time
Posting Date: January 24, 2023
Closing Date: February 28, 2023
Hours of Work: 8:30 a.m. – 5:00 p.m.
Grade: 5
Office Location: Toronto Great location! Steps away from the main public transit station

What we offer:
Highly competitive compensation package which includes, base salary, bonus, benefits, and career advancement opportunities!
  • Eligibility for benefits is dependent on the terms of employment
The Opportunity:
The Senior Security Analyst shall have knowledge of, and experience in leading the Vulnerability Management practice, mining Indicators of Compromise (IOCs) along with Incident analysis and handling. Provides threat and intelligence analysis for briefing and reporting. The Senior Security Analyst will be required to provide support to monitor, correlate, identify, analyze, mitigate, manage, track and support processes for all security incidents

Primary Duties and Responsibilities:
  • General
  • Analyze available data sources, security tools, threat trends and lead security analysis efforts to identify attacks against the Organization
  • Non-business facing role but an ability to build strong relationships with internal teams, and security leadership, is essential.
  • Good Program Management skills to help lead, contribute and continuously mature the Vulnerability Management program.
  • Vulnerability Analysis
  • Perform security research, analysis, security vulnerability assessments and support with penetration testing and remediation actions. This includes:
  • The external and internal coordination of periodic penetration testing and remediation tracking
  • Conduct network vulnerability assessments to evaluate attack vectors, identify vulnerabilities, and develop remediation plans.
  • Work with IT Application and Infrastructure teams to coach, mentor and assist them during vulnerability remediation
  • Assist the team in identifying the relevant OEM patches, and maintaining compliance
  • Perform periodic secure configuration audits to complement the on-going Vulnerability Management program
  • Perform periodic certificate scanning and work with the internal stakeholders to address any issues
  • Prepare period reports to IT Executive Management to showcase the current security posture of our Vulnerability Management Program Incident Response
  • Compliance
  • Perform periodic firewall rule base reviews, and assist the team with remediation
  • Support the Security Operations team in the following tasks
  • Incident Response
  • Facilitate use of technology-based tools or methodologies for incident response.
  • Must demonstrate knowledge of tactics, techniques, and procedures associated with malicious activity
  • Detect and respond to malicious behavior on workstations, servers, cloud systems, SaaS, and networks
  • Review and respond to escalated security events
  • Thorough understanding of how to detect lateral movement within a network and thinking outside the box to discover the signal within the noise.
  • Malware Detection and Response
  • Understanding of malware and its behavior
  • Manage and respond to EDR Alerts through to resolution
  • Manage compliance reports for Anti-virus solution
  • Security Operations
  • Assist the team in on-going Security Operations tasks such as Log Monitoring, File Integrity Monitoring and other security technologies
  • Actively research, evaluate, and drive next generation security technologies and solutions to solve the organizations needs
  • Logs Analysis
  • Analyze logs, normalize and perform automated log correlations utilizing tools to identify anomalous and potentially malicious behavior
  • Analyze additional logs, required for forensic investigation, following defined procedures and protocols.
  • Digital forensics on host or network from malware perspective, ability to identify anomalous behavior on network or endpoint devices
The Requirements Needed:
  • Post-secondary education, University education and Technical Certifications required
  • Good working knowledge of:
  • Threat hunting and Incident Response
  • Security technologies (Firewalls, IDS/IPS etc.)
  • Vulnerability Assessment and Penetration testing
  • Networking fundamentals
  • Qualys VMDR Solution
  • Certifications and Skills
  • Good to have Certified Ethical Hacker (CEH) or Certified Information Systems Security Professional (CISSP)
  • Excellent verbal communication skills
  • Outstanding written skills for preparing reports and briefings
  • Excellent analytical and problem-solving skills
  • Work Experience
  • 5+ years of recent operational security experience
  • Experience with several of the following topics:
  • Software vulnerabilities & exploitation
  • Vulnerability Assessments
  • Penetration Testing
  • SOC Fundamentals
  • Incident Response
  • IDS/IPS Analysis, etc.
Why join First National?
  • Bright open concept office environment
  • Large kitchens with a coffee and latte maker to enjoy at no cost
  • Supportive teamwork focused environment
  • Collaborative entrepreneurial spirit
  • Opportunities to give back to the communities and work through events focused on a variety of charities
  • Ongoing social events throughout the year
  • Extensive training programs to set our employees up for success
First National is proud to be an equal opportunity employer and is committed to diversity and inclusion regardless of race, color, religion, national origin, age, gender identity, physical or mental disability, sexual orientation or any other category protected by law.

First National supports requests for accommodation from applicants with disabilities; please contact Human Resources at [email protected]

We would like to thank all applications for their interest, but only candidates selected for an interview will be contacted.


Apply Job
Job Information Senior Security Analyst in Toronto

First National Financial LP