Senior Security Analyst

Senior Security Analyst Codan (Canada) Inc. (CCI) was created in 2009 and is affiliated with the offshore law firm Conyers. Conyers has offices in Bermuda, Cayman Islands, British Virgin Islands, Hong Kong, Singapore and London. CCI is devoted to providing superior technology, marketing, innovation and project management support to the Conyers user community. We are a young, dynamic company where talented, creative, results‑oriented technology professionals can thrive. Join our team in downtown Toronto where you will develop and support internal web applications used worldwide by our clients. Roles and Responsibilities The Senior Security Analyst will report to the Head of Cybersecurity located in our Toronto office and work as an integral part of the Security Operations Team, alongside the Team Lead, Security Operations. The ideal candidate will understand security risks over a broad range of technologies and will champion efforts to mitigate risks through realistic, tactical and strategic responses. This role requires a highly specialized technical skillset across computer systems with a strong focus on cybersecurity. This role also requires a pragmatic touch while interfacing with end‑users and the business. Fully manage and maintain the Vulnerability Management platform Fully manage and maintain the Data Loss Prevention and Endpoint Detection and Response platforms Work with vendors on external penetration testing, code reviews and vulnerability assessments Continually analyze current infrastructure and identify security implications or shortcomings, advise on improvements. Infrastructure includes Windows desktops with M365 suite, VMware, Windows Servers, Linux, remote access, Cisco routers, switches and Wifi Access Points Keep up‑to‑date on all security trends, threats, exploits – be an authority on security knowledge. Establish, monitor, maintain security systems such as logging and alerting, honeypot, intrusion prevention, and application hardening and firewalls. Work with colleagues on the Infrastructure Security Management System documentation of tools, logic, policies, and procedures Work closely with the Service Desk and the Tier 1 Security Analyst to assist with service tickets Participate in ISMS meetings and be actively involved in ISO 27001 certification obligations Participate in security risks evaluation, threats and vulnerabilities assessments Write procedures and policy pertaining to cybersecurity workflows and best practice Provide support to our LMS group in developing and maintaining security training initiatives Continually develop a corporate culture where “Security is Everyone’s Job” Provide security reviews on change control submissions Chair and manage regular security advisory meetings and track action items to implementation. Work collaboratively with various levels of technical resources to address security concerns What You’ll Need Computer Science or other related degree. Experience with SIEM, EDR and DLP products Solid technology generalist with several years’ experience in a security focused function. Good understanding of networking concepts, tcp/ip suite, client/server models, DNS and network protocols Willing to learn on the job, pick up concepts quickly Keen interest in malware, how malware works and methods of infection Understanding of the uses of cryptography in technology. Programming skills (e.g. familiarity with tools such as BASH shell, Powershell, Python, KQL, C etc.) Ethical hacker certification is an asset Excellent verbal and written communication and presentation skills Able to employ a variety of soft skills and tactics to influence stakeholders, peers and management Ability to prioritize appropriately and adjust to shifting priorities Note: Some international travel required (