Title: Information Security Analyst Location: CA-Remote ID2026-34652 Category Information Technology Position Type Full-Time Remote Yes Job Description: About Kinaxis Are you looking to join an innovative, market-leading company where you can truly elevate your career? At Kinaxis we are serious about culture, we are serious about technology, we are serious about customers, and we are serious about not taking ourselves too seriously. If you are looking to be part of an incredible growth story, then we might just be the place for you! In 1984, we started out as a team of three engineers. Today, we have grown to become a global organization with over 2000 employees around the world, 6 global office and a best-in-class HQ in Ottawa, Canada. As winners of several Top Employer awards globally, we are proud to work with our customers and employees towards solving some of the biggest challenges facing supply chains today. Kinaxis is a global leader in modern supply chain orchestration, powering complex global supply chains, and supporting the people who manage them. Our powerful, AI infused platform provides full transparency and visibility across end-to-end supply chains, enabling our customers to make faster, better decisions. We are trusted by renowned global brands to provide the agility and predictability needed to navigate today’s volatility and disruption. With more than 40,000 users in over 100 countries, we are expanding our team as we continue to innovate and revolutionize how we support our customers. Location Ottawa, Canada - Hybrid Other Canadian Locations - Remote About the team The Information Security Analyst (Eastern Time Zone) is a cybersecurity professional responsible for supporting day‑to‑day security monitoring, incident triage, investigation support, and operational tasks across Corporate IT environments and the Kinaxis Maestro SaaS platform. In this role, you will be part of Kinaxis’s global follow-the-sun incident response framework, and serve as the first responder for the Eastern time zone, providing continuous monitoring and response by performing initial analysis of security alerts, escalating confirmed or suspected incidents, and assisting with investigations under led by senior analysts. This position is designed to build foundational security operations capabilities through hands‑on experience, structured processes, and close collaboration with experienced team members. You will work closely with team members across IT, SaaS Operations, Product Development, and Business Systems teams while developing technical depth, analytical judgment, and confidence in real-world security operations. What you will do Security Monitoring & Incident Response • Monitor security alerts and events from SIEM, XDR/EDR, and other security tools. • Perform initial triage and analysis of alerts to determine severity, scope, and required escalation. • Escalate confirmed or suspicious activity to senior analysts in accordance with documented procedures. • Assist with containment, investigation, and recovery activities under supervision. • Accurately document findings, actions taken, and handoffs in incident tracking systems. • Support active incident response efforts by gathering evidence, collecting logs, and performing basic analysis. • Participate in incident reviews and post‑incident learning activities. • Participate in shift handovers to ensure continuity of monitoring and response across time zones Threat Detection & Analysis Support • Assist in reviewing and validating detection alerts aligned to known attacker techniques. • Learn and apply basic threat concepts, indicators of compromise (IOCs), and MITRE ATT&CK mappings. • Support threat hunting activities by executing predefined queries and analysis tasks. • Help identify gaps or false positives in existing detections and report findings to senior team members Security Tooling and Operations • Use and maintain familiarity with core security tools such as SIEM, EDR/XDR, and cloud security platforms. • Assist in updating operational playbooks, runbooks, and knowledge articles. • Support testing of new detections, tools, or automation under guidance. • Partner with IT and engineering teams to validate logging, monitoring, and alerting coverage. • Stay informed about common cyber threats, vulnerabilities, and security best practices. • Participate in training, tabletop exercises, and continuous improvement initiatives. • Demonstrate curiosity, accountability, and willingness to learn in a fast‑paced operational environment. What we are looking for Primary Skills and Qualifications • Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field or equivalent hands‑on experience, internships, or co‑op placements. • 3–5 years of experience in cybersecurity, IT operations, SOC, or related technical roles. • Basic understanding of cybersecurity concepts such as malware, phishing, authentication, and network security. • Strong analytical and problem‑solving skills, with attention to detail. • Clear written and verbal communication skills. • Ability to follow procedures, accept feedback, and work effectively as part of a global team. • Comfortable working in a shift‑based or follow‑the‑sun operational model • Certifications: Desired o CompTIA Security+ , CompTIA CySA+ o Microsoft Security Fundamentals o Cloud fundamentals (Azure, AWS, or GCP) Preferred o CISSP, CCSP, GIAC (GCIH, GCIA, GCED, GCFA) or equivalent Role Specific Skills and Experience • Exposure to SIEM or security monitoring tools (e.g., Microsoft Sentinel, Splunk, or similar). • Basic understanding of incident response processes and alert triage. • Familiarity with common attack techniques and indicators. • Experience following established playbooks and runbooks during security events. • Introductory knowledge of cloud platforms and SaaS environments. • Awareness of security technologies such as firewalls, EDR, IAM, and logging systems. • Knowledge of industry frameworks such as NIST CSF, ISO 27001, or SOC 2. • Knowledge of attacker TTPs, threat modeling, IOCs/IOAs, and MITRE ATT&CK. • Understanding of security technologies including firewalls, IDS/IPS, IAM, encryption, and authentication mechanisms. #Intermediate, #LI-EM1 Work With Impact: Our platform directly helps companies power the world’s supply chains. We see the results of what we do out in the world every day, when we see store shelves stocked, when medications are available for our loved ones, and so much more. Work with Fortune 500 Brands: Companies across industries trust us to help them take control of their integrated business planning and digital supply chain. Some of our customers include Lockheed Martin, Unilever, P&G, ExxonMobil, Cisco and more. Social Responsibility at Kinaxis: Our Diversity, Equity, and Inclusion Committee weighs in on hiring practices, talent assessment training materials, and mandatory training on unconscious bias and inclusion fundamentals. Sustainability is key to what we do and we’re committed to a long-term net-zero operations strategy. We are involved in our communities and support causes where we can make the most impact. People matter at Kinaxis and here are some of the perks and benefits we offer, which may vary by location and employee: - Flexible vacation and Kinaxis Days (company-wide days off) - Flexible work options - Physical and mental well-being programs - Regularly scheduled virtual fitness classes - Mentorship programs, training, and career development - Recognition programs and referral rewards - Hackathons

The Opportunity: We are seeking an experienced and highly motivated Information Security Analyst to join our security team. This role will be critical in protecting our digital assets, detecting and responding to security incidents, and ensuring the continuous improvement of our security posture. You will work proactively to identify security risks, develop, and implement security frameworks, and ensure the integrity and confidentiality of our IT systems and data. The successful candidate will be responsible for all KPIs related to cyber security. You will be expected to coordinate implementation of all information security related processes in conjunction with others at Rainforest Alliance. You will also be handling and coordinating task/activities by firms/individuals contracted to provide information security services, working to ensure peers, senior and junior colleagues deliver necessary environment improvements effectively and expediently. The ideal candidate will have a strong technical background and confirmed hands-on experience in securing Microsoft cloud environments (Azure, Entra ID, Microsoft 365, Purview, Defender Suite), implementing endpoint hardening strategies, and using advanced security tools. Key Responsibilities: Security Operations & Incident Response: - Participate in security incident response activities, including investigation, containment, eradication, recovery, and post-incident analysis. - Monitor security alerts from various sources (SIEM, EDR, cloud logs) and respond to security incidents in a timely manner. - Develop and maintain security documentation, including procedures, runbooks, and incident response plans. - Conduct vulnerability assessments and assist in penetration testing remediation efforts. Security Awareness & Training: - Contribute to the development and delivery of security awareness training for employees, acting as a domain authority for security best practices. Collaboration: - Work closely with all IT teams, Enterprise Architecture, PMO and other stakeholders to ensure security is integrated into all aspects of our infrastructure and applications at the design and requirements stage. - Through reporting, monitoring and alerting, find opportunities for automation and improvement of RA security posture, including exception handling of threat alerts, patches, system and software vulnerabilities. Reporting: - Creation of weekly and monthly reporting packs, demonstrating rolling position on vulnerabilities, threats, progress against plan on key security initiatives. Risk Management: - Conduct risk assessments and participate in security design reviews to ensure appropriate mitigations are in place for new services and system changes (shifting security left). Azure Security: - Administer and configure Azure security services (e.g., Azure Security Centre/Defender for Cloud, Defender for Endpoint, Azure Network Security Groups, Azure Key Vault, Azure Firewall etc). - Monitor Azure environments for security threats, vulnerabilities, and misconfigurations. - Implement and make sure security best practices within Azure IaaS and PaaS deployments, audit Azure resources for compliance. Entra ID (Azure AD) Security: - Lead and secure Entra ID (Azure Active Directory) including Conditional Access Policies, Multi-Factor Authentication (MFA), Identity Governance, and Privileged Identity Management (PIM). - Monitor Entra ID for suspicious activity and unauthorised access attempts. - Implement Zero Trust principles, ensuring least privilege access, secure authentication flows, and continuous risk-based conditional access. Microsoft 365 Administration & Security: - Secure Microsoft 365 services (Exchange Online, SharePoint Online, OneDrive, Teams, etc.), looking after user access, data governance, and threat protection within the Microsoft 365 ecosystem. - Configure and optimise Microsoft 365 security features (e.g., Defender for Office 365, Data Loss Prevention (DLP), Microsoft Purview + compliance policies). Endpoint Hardening: - Develop, implement, and maintain security baselines and hardening standards for endpoints (Windows, macOS, Linux). - Configure and handle Microsoft Entra Domain Services based Group Policies (GPOs) and equivalent Mobile Device Management (MDM) solutions for security settings. - Ensure secure configuration and patch management across all endpoints. - Report on exceptions to relevant Team Managers and ensure mitigation is undertaken, through regular engagement. XDR: - Administer, configure, and optimise RA’s XDR service, currently Crowdstrike Falcon but planned for migration to Microsoft Defender XDR. - Monitor alerts and dashboards for endpoint security incidents and threats, perform threat hunting and incident response activities using CrowdStrike data. - Develop and refine custom detections and response playbooks within CrowdStrike. Vulnerability Scanning: - Identify and prioritise remediation of CVE-aligned vulnerabilities - Provide reporting to IT leadership on progress against remediation targets - Notify IT teams of emerging high/critical vulnerabilities and coordinate remediation planning - Devise reporting dashboards for senior IT leadership Required Qualifications: - Minimum of 3 years of hands-on experience in an information security role. - Proven working experience and deep understanding of Azure security services and best practices. - Extensive hands-on experience with Entra ID (Azure Active Directory) and Microsoft 365 security administration. - Demonstrable experience with endpoint hardening methodologies and implementation. - Hands-on administration and operational experience with CrowdStrike Falcon platform. - Experience with security incident response and threat hunting. - Solid understanding of networking concepts. - Familiarity with security frameworks (e.g., Cyber Essentials, NIST, ISO 27001). - Excellent analytical, problem-solving, and communication skills. - Ability to work independently and as part of a team in a fast-paced environment. Preferred Qualifications: - Relevant security certifications (e.g., AZ-500 Microsoft Certified: Azure Security Engineer Associate, SC-200 Microsoft Certified: Security Operations Analyst Associate, CompTIA Security+, CISSP, GIAC certifications). - Experience with scripting languages (e.g., PowerShell, Python) for automation and security tasks. - Knowledge of cloud security posture management (CSPM) tools. - Demonstrable experience with other EDR/XDR solutions. - Understanding of regulatory and technical compliance requirements (e.g., GDPR, HIPAA, PCI DSS, CIS, NIST, ISO27001). Deadline: 01 May 2026 Salary: Commensurate with experience Notes: Only candidates legally authorized to work in either Costa Rica, Colombia, Peru, Guatemala, Mexico or Brazil will be considered. If you have any questions about the job vacancy, please contact the HR department: recruitment@ra.org The Rainforest Alliance encourages diversity and inclusion across the global organization. With this commitment to diversity, we are proud to be an equal opportunity employer and do not discriminate on the basis of gender, race, color, ethnicity, religion, sexual orientation, gender identity, ages, disability and any other protected group.

Current Employees: If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position, please review this tip sheet. The University of Miami Health System (“UHealth”) IT Department has an exciting opportunity for a full-time Epic Analyst, Security. The Epic Analyst, Security assists Associate Epic Analysts on the team and collaborates with key stakeholders, end-users, and application team members to optimize the application’s configuration, function, and access. The Epic Analyst, Security facilitates day-to-day application support and resolving application issues and provides day-to-day application support and resolving application issues. Core Responsibilities: - Serves as a support contact for application end‐users. Identifies issues and works to resolve them. - Designs, develops, implements, and maintains the application. - Supports all phases of testing and document workflow design. - Performs the analysis of information technology in clinical work processes and validates the impacts to the workflow. - Provides day-to-day application support, evaluates and resolves service tickets, implements requested application changes, and retrieves requested data promptly. - Collaborates with trainers on application changes and new features to develop documentation and training strategies. - Assists with analyzing the impact of information technology in clinical work processes. - Participates in on-call rotations and support. - Attends and participates in applicable committees. - Maintains regular communication with team members and participates in weekly project team meetings. - Reviews the status of projects and issues on an ongoing basis with leadership. - Travel to the job site during go-lives, conferences, rounding, and/or senior leadership meetings. - Becomes knowledgeable about UHealth’s policies, procedures, and business operations. - Adheres to University and unit-level policies and procedures and safeguards University assets. Department Specific Functions: As an Epic Analyst – Security, you will report to the Senior Manager and will be responsible for: - Providing oversight and leadership to Associate Epic Analysts on the team - Configuring and maintaining security functions, access, and user records within various Epic applications - Monitoring, responding, and reporting to security alerts, incidents, and breaches - Conducting internal audits and risk assessments to identify potential vulnerabilities - Work with application and compliance teams to design system‐level access - Create and maintain procedures to activate, deactivate, and update user records - Assign application security levels and roles and establish ownership of each particular security class - Coordinate security‐related activities across physical (buildings, grounds), infrastructure (network, servers, operating system), and application (Epic or non‐Epic) teams - Identify trends and patterns in design of security, recommend and administer security improvements, and maintain security measures to protect patient data - Perform periodic risk reviews and internal audits to identify potential vulnerabilities - Monitor, report, and respond to any security alerts, incidents, and breaches - Stay up-to-date with the latest security trends and technologies - Participate in on-call rotations and support - Travel to the job site during go-lives, conferences, rounding, and/or senior leadership meetings. - Maintain regular communication with team members and participate weekly project team meetings - Review the status of projects and issues on an ongoing basis with leadership - Become knowledgeable about UHealth’s policies, procedures, and business operations This list of duties and responsibilities is not intended to be all-inclusive and may be expanded to include other duties or responsibilities as necessary. MINUMUM QUALIFICATIONS: - Bachelor’s degree in relevant field - Epic Certification - Minimum 3 years of relevant experience, preferably in application security or network security - Understanding of Epic’s security infrastructure preferred - Understanding of concepts of confidentiality and data security preferred - Ability to communicate effectively in both oral and written form. - Ability to maintain effective interpersonal relationships. - Ability to recognize, analyze, and solve a variety of problems. - Ability to lead, motivate, develop and train others. - Proficiency in computer software (i.e. Microsoft Office). - Commitment to the University’s core values. Any appropriate combination of relevant education, experience and/or certifications may be considered. The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more. UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for. The University of Miami is an Equal Opportunity Employer. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Job Status: Full time Employee Type: Staff

FBS – Farmer Business Services is part of Farmers operations with the purpose of building a global approach to identifying, recruiting, hiring, and retaining top talent. By combining international reach with US expertise, we build diverse and high-performing teams that are equipped to thrive in today’s competitive marketplace. We believe that the foundation of every successful business lies in having the right people with the right skills. That is where we come in—helping Farmers build a winning team that delivers consistent and sustainable results. Since we don’t have a local legal entity, we’ve partnered with Capgemini, which acts as the Employer of Record. Capgemini is responsible for managing local payroll and benefits. What to expect on your journey with us: - A solid and innovative company with a strong market presence - A dynamic, diverse, and multicultural work environment - Leaders with deep market knowledge and strategic vision - Continuous learning and development