Security Analyst

The Company

At Canopy Growth, our mission is clear: improve lives, end cannabis prohibition, and strengthen communities. We believe that cannabis can be a force for good. We’re building a consumer-centric organization that is focused on sharing the transformational potential of cannabis with the world. We will achieve this through an innovative and disruptive portfolio of cannabis and hemp-derived products.

Canopy Growth is the world's leading cannabis and hemp company. We recognize that employees are at the core of our success, and we take pride in a corporate culture that emphasizes inclusiveness, collaboration, and diversity.

Our employees come from a wide range of backgrounds, each bringing their own unique skills and talents to the table, working together to continue our incredible momentum of growth.  If you are interested in building global challenger brands, scaling a business, and working in a values-driven environment, we want to hear from you!

The Opportunity

Canopy Growth is seeking a highly motivated and technically proficient Security Analyst to join our Cyber Security & IT Engineering team. This is a unique opportunity for an individual passionate about cyber defense, and eager to engage with both strategic security design and operational threat response.

As a key member of our cybersecurity team, you will work hands-on with security tools and platforms, monitor threats, and lead response activities to ensure our environment remains secure. You will play a critical role in hardening our network and endpoint infrastructure, coordinating threat containment, and enforcing secure operational practices.

If you're driven by curiosity, thrive under pressure, and want to make an impact, this role offers the chance to contribute to Canopy Growth’s global security posture at scale.

Responsibilities

Security Operations & Monitoring

• Monitor, investigate, and respond to security events across SIEM, IDS/IPS, firewalls, and other telemetry sources.

• Act as an escalation point for security incidents; analyze root cause, determine risk, and drive remediation.

• Participate in security incident response planning and execution, including containment, recovery, and post-incident reporting.

Security Engineering & Tools

• Design, deploy, and manage endpoint, network, and cloud security technologies (e.g., firewalls, VPNs, NAC, EDR/XDR, vulnerability scanners).

• Ensure effective deployment and tuning of security technologies to eliminate noise while ensuring detection accuracy.

• Collaborate with infrastructure and application teams to enforce secure configuration baselines.

Threat & Vulnerability Management

• Conduct vulnerability scanning, penetration testing, and coordinate remediation efforts with responsible teams.

• Analyze threat intelligence feeds and reports; determine organizational relevance and initiate protective actions.

Governance, Risk & Compliance

• Support audit readiness efforts by gathering security evidence and addressing findings promptly.

• Maintain and enhance security documentation, including policies, procedures, runbooks, and standards.

• Track and report on security KPIs and posture metrics to technical and executive stakeholders.

Continuous Improvement & Leadership

• Research and recommend enhancements to existing security practices and controls.

• Contribute to knowledge sharing and mentoring of junior security staff.

• Stay current with cybersecurity trends, tools, threat actors, and best practices.

• Other duties as assigned.

Experience

• Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent practical experience).

• 3+ years of hands-on experience in cybersecurity operations or network security roles.

• Strong working knowledge of Linux operating systems and common open-source security tools.

• Proficiency in network protocols, routing/switching, and perimeter defense strategies.

• Experience with enterprise security technologies such as SIEM, EDR/XDR, IDS/IPS, NAC, and firewalls.

• Familiarity with cybersecurity frameworks such as NIST 800-53, NIST CSF, or ISO 27001.

• Preferred certifications include CISSP, CISM, CEH, CCNA Security, or CompTIA Security+.

• Strong problem-solving, documentation, and communication skills.

• Proven ability to manage multiple security priorities in a fast-paced, evolving environment.

Other Details

This is a full-time role based out of Canada.

We appreciate your interest, and promise to review all applications, but we will only be contacting those who best fit the requirements.

We welcome and encourage applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. If you require accommodation, please notify your Talent Acquisition Partner. Please note, the chosen applicant will be required to successfully complete background and reference checks.