Cybersecurity Analyst - Security Monitoring & Cloud Security

Petal is a leading Canadian healthcare orchestration and billing company that revolutionizes healthcare systems to make them agile, efficient, and resilient by enabling the forecasting and shaping of world-class healthcare through Healthcare BI, advanced analytics, and informed insights.

Our commitment to fostering an exceptional workplace culture has earned us notable recognitions, including being listed as a Great Place to Work in both the technology and healthcare sectors. Join us in our mission to empower healthcare innovators and improve healthcare differently.

What you can expect when joining the team

As a Cybersecurity Analyst, you can expect to join our security operations team, where you will play a critical role in protecting an organization that handles highly sensitive and regulated medical data. Working alongside security analysts and engineers, you will monitor security events, secure cloud environments, manage vulnerabilities, and support incident investigations.

Reporting to the Director of Security and collaborating with DevOps, IT, GRC, Product Management, and SOC teams, you will have the autonomy to design detection rules, optimize security tooling, and drive improvements across our security posture. Here is some of the technology you'll get to work with daily: Azure, Microsoft Sentinel, Wiz CNAPP, Cloudflare WAF, Sumo Logic, GitLab CI/CD Security Scanning Your expertise and vigilance will play a pivotal role in ensuring Petal's systems remain secure, compliant, and resilient against evolving threats.

Your daily life

In your day to day, you will be led to:

• Monitor and analyze security events across Microsoft Sentinel, Sumo Logic, Azure Event Hub, and related log sources, investigating anomalies, identifying threat patterns, and escalating incidents as needed.

• Design and optimize detection capabilities by implementing and fine-tuning detection rules, correlation logic, dashboards, and automated response playbooks to improve threat visibility and response effectiveness.

• Administer and optimize the Wiz cloud security posture management platform, including threat monitoring, misconfiguration identification, compliance enforcement, investigation workflow optimization, and project structuring.

• Conduct continuous cloud security assessments in Azure environments, working with platform teams to address misconfigurations, vulnerabilities, and security gaps while ensuring proper resource labeling and governance.

• Configure and tune Cloudflare Web Application Firewall rules and policies to protect against web-based attacks while minimizing false positives and coordinating with development teams on application impacts.

• Manage the complete vulnerability lifecycle including running scans across endpoints, infrastructure, applications, and cloud resources, performing triage and risk ranking, coordinating pentests, and tracking remediation KPIs.

• Oversee Git CI/CD security scanning including SAST, dependency scanning, container scanning, and secret detection, reviewing pipeline configurations and collaborating with developers on mitigation strategies.

• Provide security guidance for web and application environments, monitoring Petal's websites for vulnerabilities, evaluating themes and plugins, and conducting security analysis of new software, libraries, and SaaS products.

• Manage and secure Azure Event Hub configurations to ensure reliable telemetry ingestion for SIEM and monitoring tools, collaborating with cloud teams on log routing and retention.

• Lead threat investigations and forensic analysis by managing sandbox environments, analyzing suspicious files and behaviors, and supporting investigations into malware, phishing, or suspicious activity.

• Support threat modeling initiatives for new applications, features, and cloud deployments, partnering with DevOps, platform, and engineering teams to improve design-stage security.

• Actively participate in incident response including triage, root-cause analysis, containment, and remediation, documenting findings and contributing to continuous improvement initiatives.

• Generate security dashboards and reports for leadership, highlighting risk trends, compliance posture, remediation progress, and providing actionable insights to stakeholders.

• Collaborate cross-functionally with DevOps, IT, GRC, Product Management, and SOC teams to ensure security is integrated throughout the software development lifecycle and organizational operations.