Senior Security Analyst – Vulnerability Management

Role Overview

• Join our vulnerability management team as an experienced security analyst.
• You will be an expert in assessing and tracking infrastructure vulnerabilities, technology obsolescence, and security configurations, leveraging Python automations to accelerate analysis, prioritization, and remediation.
• Your primary mission is to analyze risks, orchestrate remediation, and industrialize the process through Python scenarios and tools.
• Serve as the principal expert in infrastructure vulnerabilities, software obsolescence management, and configuration standards (CIS Benchmarks), with a focus on Python-based automation.
• Analyze, prioritize, and triage threats (CVE/CVSS, obsolescence, configuration drift) and develop Python workflows to correlate findings, enrich data (platform APIs), and generate reports.
• Collaborate closely with system administrators and application teams to interpret analysis results and validate remediation plans, enabling these steps through automation.
• Coordinate remediation with systems/network/cloud and application teams; remove technical blockers; manage exceptions and risk compensations, measuring progress via Python-generated dashboards.
• Ensure adherence to security timelines by setting up automated alerts, metrics, and tracking.
• Advise technical teams on remediation best practices and explain the impact of identified risks, relying on evidence and indicators from Python-developed tools.
• Continuously improve the process (lightweight automations and data pipelines), aligned with CIS Benchmarks, NIST CSF, ISO 27001, and internal governance.

Requirements

• Studies in computer science, cybersecurity, IT management, or equivalent experience.
• Minimum of 5 years of relevant experience in information security as a security analyst (vulnerability management, remediation coordination, risk prioritization).
• Mastery of CVE, CVSS, technology obsolescence, and configuration standards (CIS Benchmarks).
• Strong experience in Python development applied to security: scripting, platform APIs (Tenable, Qualys, Rapid7, CrowdStrike, Prisma Cloud), data transformation (CSV/JSON), automated reporting and dashboards.
• Proven experience in project coordination, priority management, and tracking complex cases involving multiple teams.
• Good understanding of operating systems and networks.
• No Canadian work experience required however must be eligible to work in Canada.
• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country

Tech Stack

• Cloud
• Cyber Security
• Python

Benefits

• Flexible work arrangements and a hybrid work model
• Possibility to purchase up to 5 extra days off per year
• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more
• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)