Job Description

Key Responsibilities

• Lead threat monitoring and detection across SIEM and endpoint-protection platforms.

• Conduct deep-dive investigations into complex security incidents.

• Manage containment and remediation processes; provide root-cause analysis.

• Develop and refine SOC playbooks, detection rules, and escalation procedures.

• Mentor junior analysts and ensure consistency in triage and reporting.

• Collaborate with client security and IT teams on threat-hunting and vulnerability-management initiatives.

• Prepare detailed incident-response documentation and client-facing reports.

• Participate in 24 7 SOC rotation or on-call schedule when required.

Required Experience and Skills

• 5 7 years of experience in cybersecurity operations, SOC, or MDR environments.

• Proven ability to analyze and respond to security incidents in enterprise or managed-service settings.

• Hands-on experience with SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar.

• Strong understanding of network and endpoint security controls, threat-intelligence processes, and malware-analysis methods.

• Experience applying security frameworks (NIST CSF, ISO 27001, CIS Controls).

• Excellent written and verbal communication skills - must be able to clearly summarize investigations for both technical and executive audiences.

• Must be authorized to work in Canada.

Preferred Background

• Experience supporting multiple client environments simultaneously (MSP or MSSP background).

• Certifications such as CISSP, CISM, GCIA, GCIH, CEH, or equivalent.

• Familiarity with cloud-security monitoring in AWS or Azure.

• Prior work with regulated or public-sector clients in Canada.

Work Setup

• Fully remote within Canada.

• 24 7 SOC environment with rotating shifts - candidates must be open to flexible scheduling.

• Secure home-office setup and reliable connectivity required.

Job Tags

Similar Jobs