Information Security Analyst - Information Technology - 3+ Years (Hybrid)

With offices in London, Toronto, Strathroy and Kitchener, Lerners LLP provides a full range of legal services throughout Ontario. Lerners maintains an attractive work environment with excellent support services and state-of-the-art technology. Lerners' employees enjoy a fast-paced work environment and a supportive, collegial culture. Our positions are best suited to individuals who take pride in their work and understand the importance of exceptional client service.

We are seeking an experienced Information Technology (IT) professional with a strong interest in cybersecurity to join our team as an Information Security Analyst. The ideal candidate will have at least three years of IT experience and a desire to grow in the field of Information Security. Working under the guidance and mentorship of the Information Security Architect, this position offers an opportunity to gain hands-on experience in threat detection, incident response, vulnerability management, and more. The role may require some after-hours work to address critical security alerts and incidents.

Primary Responsibilities:

• Security Inquiries & Alerts
  • Triage incoming Information Security inquiries and reports via the Help Desk.
  • Triage security alerts from various information security platforms.
  • Respond to after-hours security alerts as needed.
  • Escalate unresolved inquiries, reports, or alerts to the Information Security Architect, providing all relevant details.
• Security Control Testing
  • Conduct daily security control testing to verify effectiveness and functionality.
  • Perform basic troubleshooting for identified issues, escalating if necessary.
  • Review security-related administrative holds for false positives.
• Documentation & Policy
  • Assist in creating and updating documentation for security platforms and processes.
  • Participate (in a shadowing/learning capacity) in new security applications, initiatives, and policy testing.
  • Recommend documentation or policy changes to the Information Security Architect.
• Change Management
  • Plan, gain approval, and implement low to medium risk changes during and after business hours.
  • Participate in meetings and projects related to changes that impact firm-wide security, under the guidance of the Information Security Architect.
• Incident Response & Vulnerability Management
  • Participate in all Incident Response activities (shadowing and assisting the Information Security Architect).
  • Contribute to the Vulnerability Management program, including minor remediation tasks and follow-ups.
  • Perform proactive threat hunting using firm-provided security tools; escalate any findings to the Information Security Architect.
• Meetings & Collaboration
  • Join vendor and training sessions related to security tools and best practices.
  • Assist in cross-department or inter-firm discovery and implementation meetings where security changes are required, in a supporting/shadow capacity.
  • Support internal audits and platform reviews (e.g., disabled/stale user/computer accounts, DNS entries, etc.).
• Training & Awareness
  • Support the creation and monitoring of firm-wide Quarterly Security Awareness Training.
  • Participate in the creation and monitoring of firm-wide phishing tests.
  • Stay current on emerging security threats by reading industry blogs, attending webinars, and other learning opportunities.
• Additional Responsibilities
  • Provide general support and perform additional tasks as assigned by the Information Security Architect.

Qualifications:

• Minimum of 3 years of professional experience in Information Technology.
• A bachelor's degree in Computer Science, Information Systems, or a related field (preferred but not required).
• Must obtain an entry-level industry-recognized Information Security certification (e.g., Certified in Cyber - ISC2, Security+ - CompTIA) within 6 months of starting.
• Familiarity with basic networking concepts, operating systems, and security best practices.
• Experience with incident tracking/ticketing systems, endpoint protection, or other security tools (preferred).
• Basic understanding of threat intelligence and vulnerability management processes.
• Excellent communication skills, with the ability to document and escalate issues clearly.
• Strong analytical and troubleshooting abilities.
• Proven ability to work collaboratively in a team environment as well as independently.
• Willingness to learn, adapt quickly, and take on new challenges.
• Availability for some after-hours work for critical security incidents and system changes.

How to Apply:

Interested candidates should submit an application including an updated resume and cover letter to our career portal. Due to the volume of applications, only candidates selected for an interview will receive a response.

Benefits of Working at Lerners:

Working at Lerners is both challenging and rewarding.

Our skilled Learning and Development team provides training and continued support to all firm members. Lerners is proud to offer a competitive salary and benefits package.

Salary:

Commensurate with skill level and years of experience

Benefits:

• Health, Extended Health, Dental and Vision care
• LTD insurance
• Life insurance
• Parking/Transit reimbursement
• RRSP matching program
• Paid Volunteer Time
• Referral Bonus
• Employee Assistance Program