Security Analyst

Security Analyst

Points is looking for a Security Analyst to join our IT Operations team for a permanent position.

We’re an industry-leading organization that is continuously reshaping how consumers interact with their loyalty programs. We work with the world’s largest airline, hotel, financial, and retail rewards programs, to tackle complex challenges and come up with innovative e-commerce solutions. If you’d like to be a part of it, we’d love to hear from you.


We’re a technology company working in the loyalty e-commerce industry. Our solutions enhance the management and monetization of loyalty currencies for more than 50 of the world’s largest loyalty brands, from frequent flyer miles and hotel points to retailer and credit card rewards. Supported by our unparalleled loyalty industry experience and technological expertise, we bring state-of-the-art loyalty commerce platforms and products to individuals and businesses in today’s loyalty marketplace.

Our casual, collaborative office is where our strong workplace culture begins. Our people are what make us great, so we empower them with the freedom to think big and the resources to make things happen. We communicate directly, lead by example, and make sure our team members know how much they are appreciated. Passion for life and work is important to us, and we want to see it in you, too!


The Security Analyst is responsible for effectively managing services and processes related to identity and access management, security event and incident management, vulnerability management, and data loss prevention. The position provides technical support on information security matters on an enterprise-wide basis, and is responsible for ensuing information security standards and practices are in compliance with information security policies and guidelines.

Reporting directly to the Director of IT Operations, the Security Analyst is responsible for:

  • Collaborate with product management and engineering teams throughout the SDLC to ensure that risks to information and system security are adequately represented and addressed
  • Monitor sources of threat intelligence for emerging threats, relating them to any organizational exposure
  • Monitor internal systems for deviations from expected baselines as well as indicators of compromise
  • Identify opportunities to automate and streamline security monitoring and other controls, working with technical resources to implement solutions
  • Working with IT leadership team to identify and maintain security policies, procedures and best practices
  • Identifying and implementing process improvements that will improve quality and efficiency of the processes, and other cores activities as required
  • Assessing global threats, technology shifts and develop plans accordingly
  • Providing comprehensive guidance and leadership during periods of breaches or elevated states
  • Establishing relationships with security vendors, keeping abreast of technology changes and identifying emerging opportunities
  • Assuming the role of Champion for security awareness within the organization through communication, education and the development of resources on policies, standards and guidelines
  • Maintaining strong working relationship with Finance, Architecture, Development teams, and IT Operations & Support teams
  • Reporting & Analytics; Developing security status reports that are repeatable, sustainable and scalable


  • Post-Secondary Education with 3 plus previous experience within a security related field
  • Sound understanding of Information Security risks and controls
  • Experience designing and driving implementation of security controls in a SaaS / web application delivery model
  • Results-oriented and able to motivate others, with a demonstrated ability to create clarity and action from ambiguity and to challenge assumptions.
  • Specific information security training and certification preferred (CISA, CISM or CISSP)
  • Familiarity with cloud services administration, enterprise logging / monitoring platforms and mixed Windows / Linux environments preferred
  • Experience with vulnerability management and remediation tools preferred
  • Knowledge of customer technology challenges within the retail and/or e-commerce industries preferred
  • Ability to quickly adapt to new technologies
  • Organizational skills to manage multiple tasks and priorities simultaneously
  • Strategic thinking with problem solving and analysis skills
  • Willingness to continuously build up knowledge in the field of IT security and IT Infrastructure
  • Ability to communicate effectively at all levels of the organization
  • Analytical skills to identify gaps and deficiencies and develop solutions
  • Strong reporting skills
  • Ability to prioritize, balance conflicting tasks and manage internal and external stakeholders

Benefits & Perks @ Points:

Building a great company culture is as vital to us as building a great business. In 2016, we were named one of the Best Workplaces (Medium) in Canada and one of the Best Workplaces for Women. We were also named one of Canada’s Top Small and Medium Employers (2016) and one of Greater Toronto’s Top Employers (2017).

  • Central downtown location in the Financial District
  • Connected to the PATH network of shops/restaurants
  • Flexible work hours and casual dress every day
  • Marvelous Snack Cart Fridays: free refreshments and snacks!
  • Free coffee, tea, juice, pop, and snacks
  • Monthly subsidized lunch program
  • Green commuter and fitness subsidies
  • Secure bike storage with showers and towel service
  • Company-sponsored activities: bowling, movies, sports, paintball, and more!

Interested applicants may submit their resume to

Points is an equal opportunity employer and is committed to providing an accessible recruitment process. Upon request we will provide accommodation for applicants with disabilities.

Interested applicants may submit their resume to