Security Analyst
GTA | Ontario, Canada | WFH | CAN-ON
Canopy Growth Corporation
The Company
At Canopy Growth, our mission is clear: improve lives, end cannabis prohibition, and strengthen communities. We believe that cannabis can be a force for good. We’re building a consumer-centric organization that is focused on sharing the transformational potential of cannabis with the world. We will achieve this through an innovative and disruptive portfolio of cannabis and hemp-derived products.
Canopy Growth is the world's leading cannabis and hemp company. We recognize that employees are at the core of our success, and we take pride in a corporate culture that emphasizes inclusiveness, collaboration, and diversity.
Our employees come from a wide range of backgrounds, each bringing their own unique skills and talents to the table, working together to continue our incredible momentum of growth. If you are interested in building global challenger brands, scaling a business, and working in a values-driven environment, we want to hear from you!
The Opportunity
Canopy Growth is seeking a highly motivated and technically proficient Security Analyst to join our Cyber Security & IT Engineering team. This is a unique opportunity for an individual passionate about cyber defense, and eager to engage with both strategic security design and operational threat response.
As a key member of our cybersecurity team, you will work hands-on with security tools and platforms, monitor threats, and lead response activities to ensure our environment remains secure. You will play a critical role in hardening our network and endpoint infrastructure, coordinating threat containment, and enforcing secure operational practices.
If you're driven by curiosity, thrive under pressure, and want to make an impact, this role offers the chance to contribute to Canopy Growth’s global security posture at scale.
Responsibilities
Security Operations & Monitoring
Monitor, investigate, and respond to security events across SIEM, IDS/IPS, firewalls, and other telemetry sources.
Act as an escalation point for security incidents; analyze root cause, determine risk, and drive remediation.
Participate in security incident response planning and execution, including containment, recovery, and post-incident reporting.
Security Engineering & Tools
Design, deploy, and manage endpoint, network, and cloud security technologies (e.g., firewalls, VPNs, NAC, EDR/XDR, vulnerability scanners).
Ensure effective deployment and tuning of security technologies to eliminate noise while ensuring detection accuracy.
Collaborate with infrastructure and application teams to enforce secure configuration baselines.
Threat & Vulnerability Management
Conduct vulnerability scanning, penetration testing, and coordinate remediation efforts with responsible teams.
Analyze threat intelligence feeds and reports; determine organizational relevance and initiate protective actions.
Governance, Risk & Compliance
Support audit readiness efforts by gathering security evidence and addressing findings promptly.
Maintain and enhance security documentation, including policies, procedures, runbooks, and standards.
Track and report on security KPIs and posture metrics to technical and executive stakeholders.
Continuous Improvement & Leadership
Research and recommend enhancements to existing security practices and controls.
Contribute to knowledge sharing and mentoring of junior security staff.
Stay current with cybersecurity trends, tools, threat actors, and best practices.
Other duties as assigned.
Experience
Bachelor’s degree in Computer Science, Information Security, Engineering, or a related field (or equivalent practical experience).
3+ years of hands-on experience in cybersecurity operations or network security roles.
Strong working knowledge of Linux operating systems and common open-source security tools.
Proficiency in network protocols, routing/switching, and perimeter defense strategies.
Experience with enterprise security technologies such as SIEM, EDR/XDR, IDS/IPS, NAC, and firewalls.
Familiarity with cybersecurity frameworks such as NIST 800-53, NIST CSF, or ISO 27001.
Preferred certifications include CISSP, CISM, CEH, CCNA Security, or CompTIA Security+.
Strong problem-solving, documentation, and communication skills.
Proven ability to manage multiple security priorities in a fast-paced, evolving environment.
Other Details
This is a full-time role based out of Canada.
We appreciate your interest, and promise to review all applications, but we will only be contacting those who best fit the requirements.
We welcome and encourage applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. If you require accommodation, please notify your Talent Acquisition Partner. Please note, the chosen applicant will be required to successfully complete background and reference checks.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CEH CISM CISSP Cloud Compliance CompTIA Computer Science Cyber defense EDR Firewalls Governance IDS Incident response IPS ISO 27001 KPIs Linux Monitoring Network security NIST NIST 800-53 Pentesting SIEM Threat intelligence VPN Vulnerability management XDR
Perks/benefits: Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.