Security Analyst at Fullscript

About Fullscript

We’re an industry-leading health technology company on a mission to help people get better. We started in 2011 with one simple idea. Make it easier for practitioners to access the products they trust so they can deliver better care.

That simple idea grew into a platform that powers every part of care. Today, more than 125,000 practitioners use Fullscript for clinical insights, lab interpretations, patient analytics, education, and access to high-quality supplements. Over 10 million patients rely on Fullscript to stay connected to their care plans and follow through on treatment.

We build tools that make care smarter and more human. Tools that save time, simplify decisions, and help practitioners stay closely connected to the people they care for. When everything they need is in one place, they can focus on what matters most: helping people get better.

This is your invitation.

Bring your ideas, your grit, and your care for people.

Join us and shape the future of care.

Fullscript is currently looking for a skilled Security Analyst to join our growing Security Operations Centre (SOC) team and help expand its capabilities. The Security team is responsible for product security, governance, risk, compliance, as well as security operations and incident response. Our SOC team is crucial to our security posture and you’ll be instrumental in strengthening our security posture, tackling a variety of security challenges, and solving complex problems that make a real impact.

What you'll do

• Proactive Threat Monitoring: Support real-time security monitoring and response using SIEM and other security tools
• Incident Triage & Escalation: Analyze security events, identify potential threats, and escalate incidents based on predefined criteria
• Vulnerability Management: Monitor, track, and follow up on outstanding vulnerabilities, working with internal teams to ensure timely remediation and risk mitigation
• Threat Investigation: Assist in identifying and analyzing indicators of compromise (IoCs) to detect potential attacks
• Security Documentation: Help maintain and refine security documentation, including standard operating procedures (SOPs) and playbooks
• Data-Driven Insights: Collaborate with the security team and partner teams as needed to develop meaningful dashboards and visualizations that enhance threat awareness and improve security posture
• Incident Response Support: Contribute to investigations by collecting evidence, documenting findings, and assisting in remediation efforts
• Continuous Learning: Stay up to date on emerging cybersecurity threats, attack techniques, and best practices
  
  
  

What You Bring To The Table

• Querying & Log Analysis: Strong proficiency in SQL for data manipulation, along with expertise in SIEM-specific search languages and DSLs (such as OpenSearch, Lucene, or DataPrime) to conduct deep-dive investigations and custom threat hunting
• Network Security Expertise: Experience securing network infrastructure, including firewalls, IDS/IPS, VPNs, network segmentation, and Zero Trust Network Access (ZTNA) to enhance access control and reduce the attack surface
• Scripting & Automation Skills: Proficiency in scripting languages such as Python, Bash, or PowerShell to automate security tasks and enhance monitoring
• Incident Response & Forensics: Exposure to digital forensics, malware analysis, or threat hunting methodologies
• Foundational Security Knowledge: Understanding of common attack techniques, defense strategies, and cybersecurity risk management frameworks
• Technical Familiarity: Experience and familiarity with SIEM architecture, EDR solutions, and general security tool administration
• Analytical & Problem-Solving Skills: A sharp analytical mindset with the ability to identify patterns, investigate anomalies, and think critically about security challenges
• Passion for Cybersecurity: A strong enthusiasm for cybersecurity, with a continuous desire to learn and stay ahead of evolving threats
• Adaptability & Resilience: Ability to thrive in a fast-paced, dynamic environment while effectively responding to emerging threats
• Effective Communication: Strong verbal and written communication skills, with the ability to convey technical findings clearly to both technical and non-technical audiences
• Collaboration & Growth Mindset: Willingness to ask questions, collaborate with team members, and actively seek mentorship to enhance skills
• Influence & Decision-Making: Strong situational analysis skills with the ability to assess security risks, make informed decisions, and influence outcomes
  
  
  

Bonus if you have

• DevSecOps & Cloud Security Knowledge: Familiarity with integrating security into CI/CD pipelines, securing cloud environments, and automating security processes within development workflows
• Cloud Security & Infrastructure: Hands-on experience with cloud security monitoring tools and best practices in AWS, Azure, or GCP
• Compliance & Regulatory Understanding: Knowledge of security frameworks and compliance standards such as NIST, CIS, ISO 27001, HITRUST, or regulatory requirements (e.g. HIPAA, PCI-DSS)
  
  
  

What We Can Offer You

• Generous PTO and competitive pay
• Fullscript’s RRSP match program for financial health
• Flexible benefits package and workplace wellness program
• Training budget and company-wide learning initiatives
• Discount on Fullscript catalog of products
• Ability to work Wherever You Work Well*
  
  
  

Our Wherever You Work Well philosophy means Fullscript teammates get to pick their own office — whether that’s in-office, at home, or a bit of both

Compensation range

The salary range for this role is between $100,000 and $120,000 CAD. Fullscript shares salary ranges to support transparency and help candidates make informed decisions. The range shown reflects base salary only and does not include stock options, wellness stipends, or other benefits that are part of Fullscript’s total rewards package.

Final compensation depends on experience, skills, and location. We review pay regularly to stay aligned with market data and internal equity. Benefits and total rewards may vary by region.

Why Fullscript

Great work happens when people feel supported, trusted, and inspired. At Fullscript, we stay curious and keep finding smarter ways to make care better. We grow together, take on new challenges, and focus on impact. We put people first, work as a team, and leave egos at the door.

What To Know Before You Apply

We’re grateful for the interest in joining Fullscript. To make sure your application reaches our hiring team, please apply directly through our careers page. We’re not able to respond to individual messages about open roles on email or social channels.

Fullscript is an equal opportunity employer committed to creating an inclusive workplace. Accommodations are available upon request at [email protected].

All offers are contingent on successful background checks conducted in compliance with federal, state, and provincial laws.

We use AI tools to support parts of the hiring process, including screening and reviewing responses. Final hiring decisions are always made by people and follow all applicable privacy and employment laws in Canada and the U.S.

Learn More

www.fullscript.com

@fullscriptHQ on instagram

Let’s make healthcare whole

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.