Infrastructure Security Operations Analyst in Renfrew

We’re looking for an experienced Infrastructure Security Operations Analyst to help protect and strengthen our ICT and OT environments across the EMEA region. In this role, you’ll take ownership of day-to-day security operations, lead on vulnerability management and incident response, and work closely with internal teams and external partners to ensure security controls are effective, practical, and aligned to business needs. This is a great opportunity for a proactive security professional who enjoys solving complex challenges, influencing stakeholders, and driving high standards across infrastructure, systems, and operational technology.

What You’ll Be Doing

• Risk and Vulnerability Analysis: Own and lead the assessment of risks, threats, and vulnerabilities affecting confidential information and critical systems. Review, validate, and approve vulnerability reports, ensuring stakeholders receive clear, actionable conclusions. Drive remediation and track progress until full resolution.
• Security Measures and Policy Implementation: Implement, operate, and enforce security controls across all ICT systems and networks. Ensure adherence to corporate security policies, standards, and guidelines, escalating deviations when necessary. Govern role-based access controls (RBAC) and approve access decisions to prevent unauthorized access or disclosure.
• Device and Network Security Assessment: Act as the accountable owner for security assessments of servers, endpoints, mobile devices, and network infrastructure. Evaluate and certify departmental and network segments for compliance with security requirements. Issue mandatory corrective actions where compliance gaps are identified.
• Incident Monitoring and Response: Oversee and direct all SOC-related activities for Terumo EMEA. Own the classification, prioritization, and escalation of security events and incidents. Ensure rapid and complete resolution, verify root cause analysis, and confirm closure.
• Collaboration and Advisory: Advise and influence project teams on security risks and ensure designs meet regulatory and corporate standards. Approve or block proposed changes based on security assessment and risk impact. Lead security involvement in projects to ensure proper implementation of controls.
• Access and Data Security Management: Plan and approve data security controls for new or modified software and systems. Evaluate and authorize security-related programming changes. Ensure protection against data loss, unauthorized access, or improper disclosure.
• OT Security Oversight: Lead monitoring, assessment, and governance of OT security controls. Direct responses to OT-related security incidents and ensure remediation by responsible teams. Validate compliance with internal standards and regulatory requirements.
• Training, Awareness, and Audits: Act as the accountable responder for internal and external inquiries related to information security. Audit and approve access-related requests and unusual account changes. Support and represent the organization in security audits, ensuring accurate and complete evidence delivery. Own and maintain security awareness materials to promote best practices.
• Research and Problem Solving: Investigate and resolve complex or high-impact security issues. Design and implement innovative solutions to prevent recurrence. Own the governance of change and project management processes relating to security.

What We’re Looking For

• Education & Language: Bachelor’s or Master’s degree in Information Technology or equivalent experience. Good working knowledge of English (written and spoken); other languages are an advantage.
• Skills: Basic to advanced knowledge and hands-on experience in Information Technology disciplines including LAN/WAN/SD-WAN, network servers, and personal computers. Existing network infrastructure and multi-service provider architecture. Security systems such as firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, and content filtering. Infrastructure domains like hosting, cloud computing, storage, and access management. Advanced knowledge of techniques to detect, prevent, and remediate security problems across end-user devices, computers, and network systems. In-depth knowledge of security standards and experience in their implementation. Advanced understanding of information security best practices, regulations, and technologies related to cloud computing. Ability to analyse, implement, operate, and maintain technical solutions for information security-related problems. Experience performing vulnerability assessments using tools like Tenable Nessus or similar. Ability to install and configure security software in computer networks. Capability to perform post-incident computer forensics without compromising critical data. Knowledge and proficiency in relevant PC software applications. Strong problem-solving skills for complex and rare security issues. Strong interpersonal skills with the ability to communicate effectively at all organizational levels, both verbally and in writing, with a global environment. Self-motivated, self-directed, and independent thinker while being a team player. Enthusiastic and passionate professional with a hands-on, proactive attitude. Well-organized and detail-oriented.