Security Analyst

At Alto, we are actively contributing to the transformation of Canada's future with our high-speed train project connecting Quebec City and Toronto. With the support of the Government of Canada, this innovative project aims to improve the quality of life of our citizens, strengthen ties between communities and stimulate economic growth.

Would you like to take on a stimulating, high-impact challenge?  We are looking for a Security Analyst for a temporary 2-year position. Please note that the candidate may be based in one of our 4 offices: Montreal, Quebec City, Toronto or Ottawa.

The role

The Security Analyst will support day‑to‑day cyber security operations and act as a Level 2 escalation point for our Security Operations Centre (SOC). The role includes alert triage and investigation, security tooling onboarding and integration, identity and email security operations, and support to Security Assessment & Authorization (SA&A) activities.

This role is hands‑on and technically focused, with a strong emphasis on automation and scripting to improve operational efficiency and security posture.

The responsibilities

• SOC Operations (Level 2)
  • Investigate and respond to security alerts escalated from Level 1.
  • Perform in‑depth analysis of security events across endpoints, identity platforms, email, and cloud services.
  • Conduct containment and remediation activities in collaboration with other IT and security teams.
  • Improve alert quality by working with SOC team for tuning, correlation, and documentation of detection logic.
• Day‑to‑Day Security Operations
  • Manage operational security controls including identity, AAA and email.
  • Security event investigation across cloud and on‑prem platforms
  • Support identity lifecycle security processes, including secure user onboarding and offboarding.
• Security Integration & Collaboration
  • Work with infrastructure, identity, application, and business teams to integrate security controls into existing workflows.
  • Support and improve security processes related to IdAM, logging, and incident response.
  • Contribute to the development of standard operating procedures, runbooks, and playbooks.
• Security Assessment & Authorization (SA&A)
  • Support SA&A activities in accordance with Government of Canada security frameworks (e.g. ITSG‑33).
  • Work with system owners to address security findings.
• Automation & Scripting
  • Develop and maintain scripts and automation to improve security operations,
  • Identify repetitive operational tasks and propose automation opportunities.

The requirements

Candidates must demonstrate 3–5 years of progressive experience in information security, IT operations, or cyber security, with practical, hands‑on responsibility in the areas below.

• Core Security Skills
  • 2+ years experience in alert triage, investigation (ideally with Microsoft Sentinel), and documentation/technical write-ups and on managing or supporting Identity and access management such as SSO, MFA, RBAC, and secure Authentication and Authorization flows.
  • Experience with email security (ie: working on DKIM, SPF, and DMARC) an asset.
  • 1+ year Experience with Endpoint Detection and Response (EDR/XDR), working in a role with requirement for key networking concepts (TCP/IP, DNS, HTTP) and supporting SA&A (Solution Security Assessment and Accreditation) or compliance activities.
• Scripting & Automation
  • 2+ years hands‑on scripting experience within an Enterprise using one or more languages such as Python/Node/Powershell/Bash and experience integrating scripts with APIs, logs, or security tools in a secure way.
  • Ability to read, modify, and create scripts for operational security use cases.
• Cloud & Modern IT
  • 2+ years Experience working on cloud identity, logging and security controls in a cloud environment (e.g. Azure, M365), modern SaaS security challenges and Cloud security logging and monitoring

• Post‑secondary education in Computer Science, Information Security, or a related field or equivalent experience (5+ years in an intermediate IT security role).
• Security certifications are an asset (e.g. GCIA, GSEC, AZ‑500).
• Ability to obtain and maintain a Government of Canada SECRET clearance.
• Ability to work in a bilingual environment (English/French) may be considered an asset.
  
  

Why join our innovative team?

• Basic paid group insurance for you and your family: medical, dental, life, etc.
• Vacations based on experience, available upon hiring.
• An incentive compensation program.
• Flexible hybrid work mode.
• A work environment that encourages initiative, innovation, and forward-thinking solutions.
• A unique opportunity to shape the future of transportation in Canada.

We work to create high-performance, diversified teams

At Alto, we believe in the power of diverse teams. We aspire to provide an inclusive and equitable work environment where everyone can develop and flourish. Alto offers equal employment opportunities to all and invites qualified individuals, regardless of their identity, origin or situation, to apply.

Please let us know if you need any adjustments during the recruitment process. We will do our utmost to provide you with a fair and pleasant experience, while keeping any adjustments confidential.

Please note that we will communicate only with those candidates whose applications are selected for further consideration. To find out more about the entire project, visit Alto - Home.