Note: This role is based in Kelowna, BC and is 100 on-site during probation with the option to move to hybrid afterwards. It is not a remote role.
We’re all about the craft.
KF Aerospace is proud to deliver innovative aircraft services for corporate, commercial, and military customers worldwide. Launched in 1970 out of British Columbia’s beautiful city of Kelowna, KF has grown to specialize in a wide range of aviation services including maintenance and modifications, cargo operations, military pilot training and aircraft leasing. With facilities across Canada, KF is home to over 1,100 highly skilled individuals. Our passion for our craft fuels every project we touch.
JOB OVERVIEW
At KF Aerospace, we are seeking a Junior Cyber Security Analyst to help safeguard our IT systems, data, and users through defensive (Blue Team) cyber security operations and security monitoring activities.
Reporting to the Cyber Security Manager and working closely with senior security staff, this role supports day-to-day security operations, including monitoring security systems, detecting and analyzing potential threats, conducting initial incident investigations, and escalating incidents as required. Additional responsibilities include performing routine security reviews, assisting with internal audits and compliance activities, and maintaining accurate security documentation. This role is defensive in nature and does not include offensive security testing.
The position is full-time, based out of the head office in Kelowna. After successful completion of the probationary period, the successful candidate may be considered for hybrid working arrangements.
DUTIES AND RESPONSIBILITIES
- Monitor SIEM, Microsoft 365 security platforms, and endpoint detection and response (EDR) tools (e.g., Cortex XDR) for security alerts and anomalous activity; perform Level 1 alert triage and investigation; collect and preserve relevant logs and evidence; escalate incidents as required; and maintain incident records to support reporting and post-incident review activities.
- Perform Level 1 investigation of phishing and spam emails; mitigate or escalate confirmed threats as appropriate, and document actions taken and outcomes.
- Provide Level 1 support for security-related tickets and inquiries.
- Conduct initial security reviews for new applications, tools, and service requests; monitor security advisories and vulnerability disclosures; track and report relevant findings.
- Perform routine security reviews and assist with internal audits and compliance activities; follow up with system owners on remediation actions.
- Manage USB/media requests, approve temporary allowances, and monitor usage.
- Coordinate and execute phishing simulation campaigns and prepare summary reports on results.
- Support the administration of cyber security awareness training and track training-related KPIs.
- Assist in developing, maintaining and updating security playbooks and internal documentation.
- Perform other security-related duties as assigned.
REQUIREMENTS
Education (Required):
- A minimum of a two-year college diploma or university degree in Cyber Security;
- A minimum of a two-year college diploma or university degree in Computer Science, Information Technology, or a related field, plus additional cyber security education that includes hands-on security operations training, demonstrated by one of the following:
- Post-secondary or accredited cyber security training completed in addition to the diploma/degree (e.g., post-graduate certificate, micro-credential, or structured training program);
- Note: Certifications and/or courses totaling approximately six (6) months of combined (cumulative) study, with a focus on SOC or security operations fundamentals.
Certifications:
- Preferred: Microsoft SC-200, BTL1, GSEC, SEC450
- Nice to have: CompTIA Security+, (ISC)2 Certified in Cybersecurity (CC), CompTIA CySA+, Microsoft SC-900, AZ-500, Palo Alto Cortex XDR training, TryHackMe SOC Level 1 Path (or similar)
- Advanced Certifications (Optional / Not Required):
The following advanced certifications are not required for this role but are considered a strong asset for candidates who already hold them or are actively working toward them: CISSP, GIAC CED, GCIA, GCIH, Microsoft SC-100.
Experience:
- A minimum of one (1) year of professional experience in a cyber security role, with hands-on experience in security monitoring, incident response, or security operations within a SOC or SOC-like environment.
Technical Skills:
- Exposure to SIEM platforms for log monitoring, alert triage, incident detection, and response/mitigation support.
- Hands-on experience with endpoint protection and EDR solutions.
- Knowledge of common threat types, attack vectors, and vulnerability management practices.
- Hands-on experience with major operating systems (Windows, Android, iOS).
- Experience with Microsoft 365 security tools, such as Entra ID (Azure AD), Sentinel, Defender, Privileged Identity Management (PIM), and entitlement management.
- Strong knowledge of networking fundamentals (TCP/IP, DNS, routing).
Soft Skills:
- Strong analytical and problem-solving abilities with keen attention to detail.
- Excellent written communication skills, with the ability to clearly document findings in reports, tickets, and security documentation.
- Strong interpersonal skills with the ability to collaborate across teams and build positive relationships.
- Willingness to learn, collaborate, and grow in a fast-paced security environment.
Assets (Nice to Have):
- Familiarity with Kusto Query Language (KQL) for Microsoft Sentinel log analysis, detection tuning, and threat investigation.
- Knowledge of Azure and Palo Alto security solutions (e.g., Cortex XDR, Panorama, NGFW).
Travel:
- Occasional (<10) travel within Canada may be required.
Other:
• Ability to obtain and maintain secret – level II security clearance.
BENEFITS
- Health and Dental
- Short & Long-Term Disability, Life Insurance
- Health Spending Account & Personal (Wellness) Spending Account
- Paid vacation and Personal time off
- The opportunity to bank overtime
- Pension matching plan and voluntary RRSP
- Employee & Family Assistance Program (EFAP)
- A bonus program based on organizational performance
SALARY
The wage band is level 8, $67,500 – $84,500 annually, depending on the knowledge and experience. Note: The salary range maximum signifies full job knowledge.
HOW TO APPLY
Be a part of our craft. Apply for the Junior Cyber Security Analyst position at kfaero.ca/careers today!
PR