Staff Security Analyst

at  Lightspeed

Hi there! Thanks for stopping by
Are you actively looking for a new opportunity? Or just checking the market? Well… you might just be in the right place to join our team.
The Staff Analyst, Security is a critical member of Lightspeed’s Security Operations Team. They actively monitor, analyze, and respond to security incidents, conduct in-depth analysis of security events, aid in the development and maintenance of standard operating procedures for incident detection and response, and collaborate with cross-functional teams to resolve incidents, while proactively identifying and mitigating emerging threats.

What you’ll be responsible for

• Monitor and triage security alerts from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Conduct in-depth analysis of security events to identify potential threats and vulnerabilities.
• Develop and implement best practices for detection engineering.
• Aid in the development and maintenance of standard operating procedures for incident detection and response.
• Collaborate with cross-functional teams to resolve security incidents promptly.
• Proactively identify and mitigate emerging threats.
• Oversee the transition from SIEM to SOAR (Security Orchestration, Automation, and Response).
• Maintain and update security tools and technologies.
• Provide timely reports on security activities.
• Communicate effectively with both technical and non-technical stakeholders
• Partner / mentor fellow security team members.
• Advocate for security best practices and proactive threat mitigation throughout the organization.
• Participate in incident response planning and lead remediation efforts in case of security breaches.

What you’ll be bringing to the team

• Significant experience with incident response procedures, including containment, eradication, and recovery.
• Significant experience using SIEM tools for log analysis and threat detection.
• Significant experience with additional security tools, such as EDR, CSPM, and DLP.
• Significant experience in detection engineering.
• Experience transitioning from SIEM to SOAR.
• Experience working with large-scale cloud environments (AWS, GCP, etc).
• Thorough understanding of threat intelligence sources and how to apply them in security operations.
• Demonstrated ability to lead cross-functional initiatives.
• Relevant certifications, such as CompTIA Security+ or CISSP, are a plus.

What’s in it for you?

• Join a fast-paced, high-growth company.
• Surround yourself with strong talent and enjoy continuous professional growth.
• Develop in a modern and proven technology stack.
• Great benefits and perks, including equity and flexible/hybrid remote work options, in a diverse and inclusive environment.
• Development of very high traffic products, used at the global scale.
• Opportunities to learn and expand your skill set

• Become a valued part of the diverse and inclusive Lightspeed family.

  … and enjoy a range of benefits that’ll keep you happy, healthy and (not) hungry:

• Lightspeed equity scheme (we are all owners)

• Flexible paid time off policy
• Health Insurance
• Health and wellness benefit of $500 per year
• Paid leave and assistance for new parents
• Mental health online platform and counseling & coaching services
• Volunteer day

To all recruitment agencies: Lightspeed does not accept unsolicited agency resumes. If we have not directly engaged your company in writing to supply candidates for a specific vacancy, Lightspeed will not be responsible for any fees related to unsolicited resumes.
Lightspeed is a proud equal opportunity employer and we are committed to creating an inclusive and barrier-free workplace. Lightspeed welcomes and encourages applications from people with disabilities. Accommodations are available on request for candidates taking part in all aspects of the selection process.
Where to from here?
Obviously, this has to be mutually beneficial: we want you to step into a role you love, and we want to offer you a place you’re proud to come to every day. .
Lightspeed is building communities through commerce, and we need people from all backgrounds and lived experiences to do that. We were founded in 2005, in Montreal’s gay village and our original members were all part of the LGBTQ+ community. The ethos of our business has been about inclusion from the very beginning, and we strive to provide a workplace where everyone belongs.
Who we are:
Powering the businesses that are the backbone of the global economy, Lightspeed’s one-stop commerce platform helps merchants innovate to simplify, scale, and provide exceptional customer experiences. Our cloud commerce solution transforms and unifies online and physical operations, multichannel sales, expansion to new locations, global payments, financial solutions, and connection to supplier networks.
Founded in Montréal, Canada in 2005, Lightspeed is dual-listed on the New York Stock Exchange (NYSE: LSPD) and Toronto Stock Exchange (TSX: LSPD). With teams across North America, Europe, and Asia Pacific, the company serves retail, hospitality, and golf businesses in over 100 countries.
Lightspeed handles your information in accordance with our Applicant Privacy Statement.

• Monitor and triage security alerts from various sources, including SIEM, IDS/IPS, firewalls, and endpoint protection systems.
• Conduct in-depth analysis of security events to identify potential threats and vulnerabilities.
• Develop and implement best practices for detection engineering.
• Aid in the development and maintenance of standard operating procedures for incident detection and response.
• Collaborate with cross-functional teams to resolve security incidents promptly.
• Proactively identify and mitigate emerging threats.
• Oversee the transition from SIEM to SOAR (Security Orchestration, Automation, and Response).
• Maintain and update security tools and technologies.
• Provide timely reports on security activities.
• Communicate effectively with both technical and non-technical stakeholders
• Partner / mentor fellow security team members.
• Advocate for security best practices and proactive threat mitigation throughout the organization.
• Participate in incident response planning and lead remediation efforts in case of security breaches