Security Analyst

Fullscript is an industry-leading health technology company focused on improving patient care. They are seeking a skilled Security Analyst to join their Security Operations Centre (SOC) team, responsible for enhancing their security posture through proactive threat monitoring, incident response, and vulnerability management. Responsibilities Proactive Threat Monitoring: Support real-time security monitoring and response using SIEM and other security tools Incident Triage & Escalation: Analyze security events, identify potential threats, and escalate incidents based on predefined criteria Vulnerability Management: Monitor, track, and follow up on outstanding vulnerabilities, working with internal teams to ensure timely remediation and risk mitigation Threat Investigation: Assist in identifying and analyzing indicators of compromise (IoCs) to detect potential attacks Security Documentation: Help maintain and refine security documentation, including standard operating procedures (SOPs) and playbooks Data-Driven Insights: Collaborate with the security team and partner teams as needed to develop meaningful dashboards and visualizations that enhance threat awareness and improve security posture Incident Response Support: Contribute to investigations by collecting evidence, documenting findings, and assisting in remediation efforts Continuous Learning: Stay up to date on emerging cybersecurity threats, attack techniques, and best practices Skills Strong proficiency in SQL for data manipulation, along with expertise in SIEM-specific search languages and DSLs (such as OpenSearch, Lucene, or DataPrime) to conduct deep-dive investigations and custom threat hunting Experience securing network infrastructure, including firewalls, IDS/IPS, VPNs, network segmentation, and Zero Trust Network Access (ZTNA) to enhance access control and reduce the attack surface Proficiency in scripting languages such as Python, Bash, or PowerShell to automate security tasks and enhance monitoring Exposure to digital forensics, malware analysis, or threat hunting methodologies Understanding of common attack techniques, defense strategies, and cybersecurity risk management frameworks Experience and familiarity with SIEM architecture, EDR solutions, and general security tool administration A sharp analytical mindset with the ability to identify patterns, investigate anomalies, and think critically about security challenges A strong enthusiasm for cybersecurity, with a continuous desire to learn and stay ahead of evolving threats Ability to thrive in a fast-paced, dynamic environment while effectively responding to emerging threats Strong verbal and written communication skills, with the ability to convey technical findings clearly to both technical and non-technical audiences Willingness to ask questions, collaborate with team members, and actively seek mentorship to enhance skills Strong situational analysis skills with the ability to assess security risks, make informed decisions, and influence outcomes Familiarity with integrating security into CI/CD pipelines, securing cloud environments, and automating security processes within development workflows Hands-on experience with cloud security monitoring tools and best practices in AWS, Azure, or GCP Knowledge of security frameworks and compliance standards such as NIST, CIS, ISO 27001, HITRUST, or regulatory requirements (e.g. HIPAA, PCI-DSS) Benefits Generous PTO and competitive pay Fullscript’s RRSP match program for financial health Flexible benefits package and workplace wellness program Training budget and company-wide learning initiatives Discount on Fullscript catalog of products Ability to work Wherever You Work Well Company Overview Fullscript is a supplement dispensing platform and patient adherence tool that supports practitioners at the point of care and beyond. It was founded in 2011, and is headquartered in Ottawa, Ontario, CAN, with a workforce of 501-1000 employees. Its website is