IT Senior Analyst, Security & Compliance

At Saputo, we bring good to the table by making high-quality products, investing in our people, and supporting communities around the world . As a top 10 global dairy processor, we value contributions that matter and strive to foster an inclusive, growth-driven work environment. Ready to bring your best?

Overview of the Role

Saputo, one of the top ten dairy processors in the world, produces, markets, and distributes a wide array of high-quality dairy products, including cheese, fluid milk, extended shelf-life milk and cream products, cultured products, and dairy ingredients. Our manufacturing plants are located across Canada, Australia, Argentina, the USA, and the United Kingdom, and our products are sold in several countries under market-leading and private label brands.

Saputo offers a rewarding and safe work environment with opportunities and challenges that will help grow your skills. We are seeking talent to fill the position of Security Senior Analyst at our locations in Montreal, QC, or Georgetown, ON.

The selected candidate will report to the Manager of Security and Compliance and will be part of a highly dynamic team where leaders and members are encouraged to exceed expectations.

The Security Senior Analyst is responsible for maintaining a robust cybersecurity presence across Saputo’s IT and OT environments. This position involves identifying, tracking, monitoring, containing, and mitigating cybersecurity threats across complex and dispersed environments.

How You Will Make Contributions That Matter:

• Coordinate cybersecurity activities across the global Saputo Inc.’s manufacturing environments.
• Conduct vulnerability and risk assessments to identify potential security threats.
• Utilize advanced tools and methodologies to perform thorough assessments and recommendations.
• Manage the cybersecurity vulnerability process from identification to remediation and reporting.
• Collaborate with team members to ensure successful project and operations delivery.
• Provide cybersecurity support and expert advice for projects and operations (IT and OT).
• Define key performance indicators to assess the cybersecurity program's health and effectiveness
• Contribute and participate to the cybersecurity incident response lifecycle.
• Implement proactive and reactive measures to minimize cybersecurity incidents and production loss.
• Monitor, manage, and assess IT and OT cybersecurity risks.
• Offer recommendations on how best to mitigate cybersecurity risks.
• Stay informed about the latest cyber threats to the IT and OT environments.

You Are Best Suited for The Role If You Have the Following Qualifications:

• University degree in information systems, computer science, engineering, or a related field. A master’s degree in information security is preferred.
• Minimum of 4 years of experience in cybersecurity, with a focus on IT and OT environments.
• Certifications such as CISSP or GICSP are an asset.
• Experience in vulnerability and patch management processes in IT and/or OT.
• Proficiency with vulnerability management tools such as Tenable, Qualys, or similar.
• Experience in conducting cyber incident investigations.
• Knowledge of information security frameworks and standards (NIST CSF, NIST 800-53, NIST 800-82, IEC 62443, ITIL).
• Technical expertise with SIEM, endpoint threat management technologies (e.g., QRadar, Sentinel, Microsoft XDR) is an asset.
• Technical expertise with networking concepts (e.g., TCP, switches, firewalls, routers, IDPS, secure remote access) and an understanding of the Purdue model.

Skills Required

• Excellent written and verbal communication and presentation skills in both French and English
• Effectively communicate technical concepts to all organizational levels.
• Demonstrates strong leadership and effective collaboration with IT and OT teams.
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Excellent understanding of the differences between IT and OT environments as they pertain to cybersecurity and mitigation.
• Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
• Ability to manage tasks and priorities in a fast-paced teamwork environment.
• Understanding of operating systems and network protocols.
• Sound judgment and the ability to make informed decisions.
• Practical approach to problem-solving and decision-making.

As part of their duties, the incumbent will have to communicate and collaborate in English, both orally and in writing with colleagues or other stakeholders in Quebec as well as in the rest of Canada or in North America. 

We support and care for our employees and their families by providing:

• Competitive salaries
• A hybrid work environment with the possibility to work from home 2 days a week
• Advantageous corporate agreements
• Full range of group insurance benefits
• Group retirement pension plan with employer contribution
• Purchase option of company stocks
• Group RRSP
• Health and wellness program in the workplace
• Assistance program for employees and their families
• Saputo products at a discounted price

Salary Range: $83,890 - $110,110

*Salary offers will vary commensurate with experience, education, skills, and training.

We support employment equity. Saputo strives to embed diversity and inclusion in its operations and invites candidates from all horizons to join its family.

This year, Saputo is celebrating 70 years of passion and craftsmanship!

In Canada, Saputo is a leading cheese manufacturer and fluid milk and cream processor, with a portfolio of well-loved brands such as Dairyland, Armstrong, Neilson, Alexis de Portneuf, and many more. Whether your expertise lies in manufacturing, operations, supply chain management, sales, quality assurance, or in any other function, your role is integral to our success. You will make contributions that matter, all while working alongside colleagues who genuinely care about your success and who will roll up their sleeves to help.    

The material contained herein is provided for informational purposes only. All open jobs offered by Saputo Inc. and all companies, corporations, partnerships, limited partnerships and other entities controlled by Saputo Inc. (collectively, “Saputo”) on Saputo's web site are subject to specific job skill requirements. The job skill requirements, qualifications, and preferred experience are determined by a Saputo subsidiary, office or department, and all positions are subject to local prevailing employment laws and restrictions. This would include immigration laws pertaining to work authorization requirements and any other applicable government permissions or compliance. The materials on this site are provided without warranties of any kind, either expressed or implied, including but not limited to warranties regarding the accuracy or completeness of the information contained on this site or in any referenced links. While Saputo attempts to update this site on a timely basis, the information is effective only as of the time and date of posting. Strict confidentiality will be observed at all times. Saputo is an equal opportunity employer. The information on this site is for information purposes only and is not intended to be relied upon with legal consequence.

Saputo welcomes and encourages applications from people with disabilities. Accommodations may be available upon request for candidates taking part in all aspects of the selection process.