Senior Information Security Analyst- 1 year Contract – Remote

Job summary:

The Senior Information Security Analyst is responsible for IT security solutions and responses for all corporate and production environments. This position will be responsible for designing, maintaining, configuring, troubleshooting, auditing, and documenting the status of all security initiatives and compliance solutions, as well as assisting with planning and improving incident response procedures. The Senior Information Security Analyst role supports the technology needs of the organization and Tucows clients to provide a robust, secure, and reliable computing environment.

This opportunity is 1 year contract with possibility of extension.


  • Handles sophisticated issues and problems, receives escalations of more complex issues from lower-level staff
  • Abuse mitigation, incident prevention and response, and forensic analysis of security incidents
  • DDoS prevention and mitigation
  • Integrate security designs to ensure the organization’s proprietary information (data and systems) are safeguarded.
  • Conduct application security assessments
  • Investigates security breaches to determine system weaknesses.
  • Conducts testing and configuration procedures across products and systems.
  • Analyzes security management systems, enterprise systems, and data files to validate security.
  • Performs security analysis across networks, databases, and internet/web operations.
  • Evaluate security plans to ensure the integrity of new and/or existing business operations.
  • Translates and designs security requirements.
  • Provides management with risk assessment briefings on products and/or services.
  • Contributes to the Architecture Committee by advising and delivering Information Security solutions and recommendations
  • Collaborate with the Engineering and Project management teams to complete security assessments as part of the release lifecycle.

Experience and Qualifications:

  • Very strong email abuse prevention and mitigation experience
  • Very strong DDoS prevention and mitigation experience
  • Experience securing critical production environments to meet audit requirement (PCI, SOC2, ISO)
  • Strong Knowledge in DevOps and DevSecOps processes, workflows, and technologies.
  • Solid experience implementing security monitoring, logging, and alerting.
  • Solid experience with containerized environments and orchestration (Docker, Docker Swarm, Kubernetes) and CI/CD
  • Solid experience with cloud environments (AWS, Azure, OpenStack)
  • Strong experience with security vulnerabilities, exploits, and practical mitigations. Knowledge of security vulnerability testing and mitigation tools (e.g. Network Vulnerability Scanners, SIEM,PullingMusselsFromAShell0!
  • and SAST/DAST technologies).
  • Solid experience with the development and execution of threat assessments and security testing methodology.
  • Strong experience with network technologies (e.g. firewalls, gateways, switches, routers, IDP/IPS, concentrators, load-balancers)
  • Solid Experience with network application protocols and their built-in security mechanisms (e.g. TCP/IP, SSL/TLS, IPSec, HTTP, SSH, SMTP, SNMP etc.), as well as internetworking design concepts and architectures.
  • Strong knowledge of email administration – postfix, SPF, DKIM, DMARC


  • Proven ability in Information Security
  • Coding and development experience with Java, Javascript, Node.JS, Python, GitHub, shell scripting
  • Bachelor’s degree in computer science or a related technical field.

We believe diversity drives innovation. We are committed to inclusion across race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status or disability status. We celebrate multiple approaches and diverse points of view.

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.

About Tucows

Yes, we're that Tucows, and we've grown quite a bit since our download days.  About Us We do a lot, but at our core, we're in the business of keeping people connected and keeping the Internet open. As the second-largest domain registrar in the world by volume (OpenSRS, Enom, EPAG, Ascio, and Hover), we help people find their place online. As Ting Internet, we bring Crazy Fast Fiber Internet? to communities across the U.S, helping them unlock the power of the Internet. As a Mobile Services Enabler (MSE), we force big networks to compete and innovate. #JoinTheHerd at https://www.tucows.com/careers/ Investor info (NASDAQ: TCX, TSX: TC): https://www.tucows.com/investors/ It’s pronounced two-cows, btw. What's it like to work at Tucows?Work on products that leave their mark.From Tucows Downloads, which changed the way shareware was accessed during the early Internet, to our Mobile Enablement Service, which is powering Dish's entry into the US mobile market, the products we make bring incredible impact and shifting change. If you're looking to build the future with a company that's been here since the beginning, this is the place for you. 2. Build what's next. Our bests ideas come from people who challenge the status quo. At Tucows, we empower you to share your ideas because we know they can only make us better. We want people with a build-it-yourself mindset that likes to figure out how things work and knows how to make them better. If you like building things and looking to make an impact, we want you to #BuildItAtTucows. 3. Define your own experience. At Tucows, we believe you’re only limited by your willingness to grow. Whether it’s taking advantage of cross-functional projects, leveraging our Learning Reimbursement Fund, or working on new initiatives with other herd members, there are so many ways you can maximize your learning and unlock your potential. We aim to create an environment where everyone can thrive and feel empowered to take on new challenges.