As StarTech.com continues to grow, we're investing in the future of our cybersecurity program with the addition of a newly created Security Analyst role. This is an opportunity to become a foundational member of our IT team and help shape how security evolves across a global technology organization. As our dedicated Security Analyst, you'll be responsible for protecting our systems, networks, infrastructure, and data by identifying, assessing, and mitigating security risks while helping establish the security practices that will support our continued growth.
Working closely with Infrastructure, Operations, Development, and business stakeholders, you'll investigate security incidents, manage vulnerabilities, strengthen security controls, and support compliance initiatives. You'll analyze threats across applications, systems, networks, cloud environments, and enterprise platforms while contributing to the secure configuration, hardening, and ongoing protection of the technologies that power our business. This role is ideal for someone who enjoys solving complex problems and understands that effective security starts with a strong foundation in infrastructure.
What makes this opportunity unique is the ability to influence both strategy and execution. As the organization's security-focused resource, you'll help establish security baselines, identify gaps, drive remediation efforts, and foster a security-conscious culture across the company. You'll join a collaborative team that values ownership, innovation, and practical problem-solving, where your expertise will have a direct and visible impact on strengthening StarTech.com's overall security posture.
What You’ll Do
- Vulnerability Assessment & Threat Management: Conduct regular vulnerability scans, penetration testing across applications and infrastructure; prioritize findings by risk severity and track remediation to closure and work with the IT infrastructure & operations team to remediate the findings.
- Security Monitoring & Incident Response: Monitor security alerts and events using SIEM tooling; lead investigation and response to security incidents; document findings and implement measures to prevent recurrence.
- Compliance & Risk Management: Maintain and advance the organization's compliance posture against applicable frameworks (e.g., SOC 2, ISO 27001, NIST); conduct risk assessments and support internal and external audits.
- Security Architecture Alignment: Partner with the IT teams to ensure security requirements and controls are embedded into architectural decisions, integration patterns, and modernization initiatives from the outset.
- Security Awareness & Policy: Develop and maintain security policies, standards, and guidelines; deliver security awareness training and regular phishing campaigns. Act as a subject matter expert for engineering and business teams.
Skills & Knowledge
Technical Skills:
- Vulnerability scanning and penetration testing tools
- SIEM platforms and log analysis (Microsoft Sentinel or equivalent)
- Cloud security controls across Azure, AWS or GCP
- Network security fundamentals: firewalls, IDS/IPS, VPNs, segmentation
- Identity and access management (IAM), MFA, and privileged access controls
- Secure coding awareness and ability to review code or configurations for common vulnerabilities
Knowledge:
- Security frameworks and standards: NIST CSF, ISO 27001, SOC 2, CIS Controls
- Threat intelligence concepts and attack lifecycle
- Data privacy regulations relevant to the organization (e.g., PIPEDA, GDPR)
- Risk assessment methodologies and security risk quantification
- Solid understanding of underlying infrastructure systems (servers, hypervisors, network components, and cloud platforms) and their associated security considerations
Non-Technical Skills:
- Strong problem-solving and analytical thinking
- Clear written and verbal communication
- Self-directed with the ability to manage multiple priorities in a fast-moving environment
- High degree of professional discretion in handling sensitive and confidential information
What You Bring
- Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related discipline required.
- 5+ years of experience in an information security, cybersecurity, or related IT role.
- CompTIA Security+, CISSP or CISM
- Familiarity with SOC 2, ISO 27001, NIST, CMMC Cybersecurity Framework required.
- Hands-on experience with vulnerability management, SIEM platforms, and incident response.
- Experience working within complex or legacy technical environments is a strong asset.
- Strong experience working within enterprise IT environments, including infrastructure technologies such as virtualization platforms, network systems (firewalls, wired/wireless networking), and Microsoft-based services (e.g., Active Directory, Azure).
Travel / On-Call Support
- Limited travel may be required.
- As business needs arise, potential travel to distribution centers in Canada, U.S.A, or the U.K.
- Availability to provide occasional after-hours support or assistance with incident response may be required when operational needs arise.
Why Join StarTech.com?
- Competitive salary and bonus potential
- Comprehensive benefits package
- Collaborative and innovative work environment
- Opportunities to grow your skills in analytics, BI, and AI
What to expect from the Hiring Process:
We respect your time and value transparency. Here’s a general idea of what to expect:
- Intro call with Talent Acquisition (30-minutes)
- Interview with Hiring team – Manager, Infrastructure & IT + Director, IT (60-minutes)
- Final interview with VP, Data Analytics & IT (30-minutes)
- Offer & onboarding
This role offers a competitive salary range of CAD $95,000 to $110,000 and eligibility to participate in our bonus program. At StarTech.com, we value fairness and regularly benchmark pay to stay competitive, recognizing each person’s unique contributions.
As part of the StarTech.com “One Team,” you’ll also enjoy:
- Comprehensive health benefits
- Tuition reimbursement program
- Retirement savings plans
- Wellness Program
- Additional perks and rewards
About us
We are in the business of human-centered experiences starting with yours. We believe delivering on our promise of "hard-to-find, made easy" begins with an employee experience founded in opportunity, teamwork, empowerment, and curious minds always asking what if. Not only does our commitment to the exceptional deepen relationships with our partners and customers, it also ignites connection within our team.
StarTech.com is a global leader in tech connectivity solutions, manufacturing a wide range of accessories designed to meet the demanding performance standards of IT professionals and businesses. Since 1985, the company has expanded into 28 markets across five continents, with products trusted by more than 90% of Fortune 500 companies. StarTech.com has been recognized as one of Canada’s Best Managed Companies by Deloitte for 15 consecutive years and is ranked in the top 5% of companies worldwide for sustainability by EcoVadis.
StarTech.com is an Equal Opportunity Employer. In accordance with the Accessibility for Ontarians with Disabilities Act, 2005 and the Ontario Human Rights Code, StarTech.com will provide accommodations throughout the recruitment, selection and/or assessment process to applicants with disabilities. If selected to participate in the recruitment, selection and/or assessment process, please inform Human Resources of the nature of any accommodation(s) that you may require in respect of any materials or processes used to ensure your equal participation.
StarTech.com uses AI tools only for administrative support, such as transcribing interview notes and organizing candidate details into standardized prescreening and interview templates. These tools do not screen, rank, or assess candidates. All hiring decisions are made by our Talent Acquisition team and Hiring Managers. Candidate information is collected and used solely for recruitment purposes in compliance with applicable privacy laws.