Senior Infrastructure Security Analyst

COMPANY STATEMENT:

Founded in Toronto in 1962, Guardian Capital Group Limited (Guardian) is a global financial services company, which provides investment management services to institutional, retail and private high and ultra-high-net-worth clients through its subsidiaries. Guardian is headquartered in Canada and operates in Canada, the United Kingdom, the United States and the Caribbean. Guardian is a wholly owned subsidiary of Desjardins Global Asset Management Inc., which is part of the Desjardins Group. To learn more about Guardian, visit
www.guardiancapital.com
.

**JOB STATEMENT
:**

The
Senior Infrastructure Security Analyst
is responsible for advancing Guardian Capital’s enterprise security posture across on‑premises, cloud, SaaS, and hybrid environments. This role leads the design, implementation, and continuous improvement of security controls, standards, and capabilities that protect corporate systems, data, and clients against evolving cyber threats.

The successful candidate is a
hands‑on security practitioner
with strong technical skills, capable of contributing to risk assessments, security projects, incident response, and compliance activities. The candidate will also be able to help develop strong policies and evaluate postures of existing systems to provide security improvement recommendations.

**ESSENTIAL FUNCTIONS
:**

Security Operations

• Implement, configure and maintain security controls across infrastructure platforms, including:
• On‑prem and cloud infrastructure
• Identity and access management (IAM)
• Endpoint and server protection
• Data protection and loss prevention
• Assist with penetration testing coordination and follow‑up remediation activities.
• Evaluate emerging security technologies and drive adoption where appropriate.
• Identify opportunities to improve security controls and operational effectiveness within existing platforms
• Ownership and improvement of security policies, standards, and guidelines across infrastructure, cloud, identity, and endpoint domains.
• Report on key security metrics, trends, and risk indicators for technical and executive audiences.
• Participate in infrastructure and enterprise IT projects to ensure security is integrated from design through delivery.

Risk Management & Compliance

- Lead or contribute to
risk assessments
, control design reviews, and remediation plans for infrastructure platforms and business applications.
- Assess and manage security risks using a
risk‑based, threat‑informed approach
.
- Support regulatory, client, and third‑party security questionnaires and audits.
- Maintain working alignment with industry frameworks and standards (e.g., ISO 27001, SOC 2, PCI, NIST).

Threat Detection & Incident Response

• Provide incident management investigation, response and root cause analysis.
• Oversee vulnerability management, penetration testing coordination, and remediation tracking.
• Partner with infrastructure and operations teams to improve monitoring, alerting, and response capabilities.
• Work with infrastructure and support teams to remediate incidents and reduce recurrence.

Project & Change Support

• Contribute to infrastructure and IT projects by:
• Reviewing security requirements
• Evaluating Vendor security controls
• Implementing required security controls
• Documenting security configurations and controls
• Support cloud, SaaS, and infrastructure initiatives by ensuring security controls align with internal standards.

**QUALIFICATIONS
:**

Education:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.

Experience:

• Information Security Certification/Accreditation is an asset.
• 7+ years of relevant experience.
• Advanced knowledge of organization, technology controls, security and risk issues.
• Technical background and the ability to understand/implement technical requirements.
• Experience with intrusion prevention, malware mitigation, firewall, VPN, encryption, data loss prevention, protocol and traffic analysis.
• Proven understanding of IT security processes, procedures and tools.
• Ability to work well independently while maintaining alignment with overall corporate direction.
• Requires occasional overtime on weeknights and weekends
• Requires carrying a corporate mobile device and providing emergency 24 x 7 support
• Some travel to regional branch offices may be required

Soft Skills:

• Excellent communication skills, with the ability to work effectively with business teams and articulate technical concepts to non-technical and executive stakeholders.
• Strong problem-solving skills with a strategic mindset and the ability to manage both technical and business priorities.

**COMPENSATION
:**

• The base salary range is expected to be between $95,000 - $110,000, with eligibility for a discretionary bonus.