Centennial College recognizes and affirms Diversity, Equity and Inclusion and Indigenous ways of knowing as central to the vibrancy and uniqueness of its learning and working academic mission. We strongly encourage applications from members of Indigenous communities and all equity‑deserving groups including Women, Racialised, Persons with Disabilities, and LGBTQ+ communities.

We also recognize that Centennial is situated on the Treaty Lands of the Mississaugas of the Credit First Nation and pay tribute to their legacy as well as that of all First Peoples that have been and remain present here in Toronto. We recognize that First Peoples come from sovereign Nations and that part of understanding our responsibilities of residing on this territory are understanding the true history, circumstances and legacy of the Treaties signed here (such as the Toronto Purchase, Robinson‑Huron Treaty and Williams Treaties) and including pre‑contact Treaties and Agreements between sovereign Nations and that all peoples in this area are therefore Treaty people with obligations and responsibilities to all our relations.

Position Summary

Reporting to the Associate Director, Cybersecurity and Privacy Operations, the Cybersecurity Analyst is responsible for supporting the planning, implementation, operation, and continuous improvement of security measures that protect the College’s systems, networks, endpoints, and data.

The role is accountable for monitoring and analysing security events across the College’s technology environment, identifying threats and vulnerabilities, and supporting timely incident response and remediation activities. This includes the use of security platforms such as Security Information and Event Management (SIEM), endpoint protection, identity and access management (IAM), and threat detection systems.

Working closely with IT Infrastructure, application teams, and business stakeholders, the Cybersecurity Analyst helps ensure that security controls are effectively integrated into IT services and aligned with institutional cybersecurity policies, risk management practices, and privacy requirements. The role also contributes to vulnerability management, cyber risk reporting, security awareness, and the protection of sensitive and personal information in accordance with applicable legislation such as FIPPA.

Responsibilities

Cybersecurity Operations and Monitoring

• Monitor, analyse and respond to security events and alerts using SIEM, endpoint protection, and threat detection platforms
• Investigate potential security incidents, escalated through established incident response processes, and support containment, remediation and recovery activities
• Perform security monitoring and traffic analysis to identify anomalous or malicious activity across networks, systems and endpoints
• Produce regular security analytics and reporting, highlighting risks, threats, vulnerabilities and recommended remediation actions
• Support digital forensic activities, including the collection and preservation of evidence in accordance with established procedures
• Monitor and review user identities, privileges and access to ensure appropriate controls are in place
• Collaborate with vendors and service providers to identify and address cybersecurity risks, including those associated with cloud and third‑party services
• Support compliance with cybersecurity policies, standards, procedures and applicable privacy legislation (e.g., FIPPA)
• Deliver and support security awareness initiatives for employees and end users

Risk, Compliance and Security Enablement

• Support vulnerability management activities, including identification, assessment and remediation tracking of security vulnerabilities
• Contribute to cyber risk assessments, reporting and mitigation planning aligned with institutional risk management practices
• Assist in the development, review and continuous improvement of cybersecurity policies, standards and procedures
• Support security and compliance reviews of IT systems and services, both on‑premise and cloud‑based
• Collaborate with stakeholders to ensure appropriate protection of sensitive and personal information, including participation in privacy‑related activities such as data protection reviews and Privacy Impact Assessments (PIAs)
• Recommend and support implementation of security controls to strengthen the College’s overall security posture and resilience

Projects, Collaboration and Technical Support

• Support cybersecurity‑related projects through planning, coordination, implementation and progress reporting
• Collaborate with IT teams to integrate security controls into infrastructure, applications and services
• Provide guidance and subject matter expertise on cybersec