Conduct in-depth investigations of endpoint protection alerts and events using tools such as SentinelOne, CrowdStrike, and Microsoft Defender.
Participate in an on-call rotation to support incident response outside of standard business hours, as required.
Fully investigate and document security breaches, providing clear and comprehensive incident reports to stakeholders.
Provide ongoing status updates to leadership throughout the incident life cycle to ensure appropriate resources are engaged.
Create, tune, and optimize rules and playbooks to reduce false positives and alert fatigue.
Provide clearly documented procedures that support timely ticket resolution and adherence to SLAs.
Assist in developing and refining SOC processes and procedures to improve investigation quality, response time, and operational efficiency.
Maintain a full understanding of Tier 1 responsibilities to support effective knowledge sharing and playbook development.
Develop and maintain monthly and quarterly security reports in accordance with client requirements.
Provide analysis, insights, and recommendations in areas of concern identified through investigations and reporting.
Enhance client security awareness through platforms such as KnowBe4 and Proofpoint.
Plan and execute simulated phishing, vishing, and smishing campaigns to help clients identify high-risk users and improve training effectiveness.
Provide clients with monthly security awareness reports and post-campaign summaries detailing user performance, phish-prone percentages, and risk scores.
Assist clients with security product implementation, onboarding, and support, ensuring tools are configured to enhance visibility and detection.
Ensure leadership and stakeholders are kept informed of potential risks and impacts introduced by new incidents.

Requirements

2+ Years of information security related experience, in areas such as: security operations, incident analysis, incident handling, and security awareness.
Experience with malware analysis, and the main point of contact for responding to security incidents relevant to major breaches.
Experience following security domains: EDR, device control, rogue detection, desktop firewall, application vulnerability management.
Collaborate with peers, service leads, vendor support in introducing, testing, and integrating security products.
Act as Tier 2 escalation for investigations & analysis.
Strong knowledge of Security Awareness program design, development, implementation, and support.
Strong understanding of information security concepts (Confidentiality, Integrity, Availability)
Excellent communication and interpersonal skills
Excellent analytical thinking and problem-solving skills.
Understand of Learning Management System (LMS) (if solution is hosted in-house)
Recommended industry certification (CISSP, CISA, CISM, CE|H, GIAC SANS Security Awareness Professional)
Recommended vendor certification (Proofpoint, SentinelOne, Crowdstrike)
Post-Secondary Education in Cyber Security, Computer Science & Computer Engineering

Benefits

Flexible sick and personal days for all employees
Generous health plan with enhanced mental health resources and programs
Professional development opportunities and education reimbursement up to $2,000 annually for all employees
Maternity and parental leave top-up
Employee referral bonus of $2,000
Competitive salaries complemented with RRSP matching and bonus programs
Distance remote working policy
LinkedIn Learning access for all team members

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

incident analysisincident handlingmalware analysisEDRdevice controlrogue detectiondesktop firewallapplication vulnerability managementsecurity awareness program designsecurity product implementation

Soft Skills

communication skillsinterpersonal skillsanalytical thinkingproblem-solving skills

Certifications

CISSPCISACISMCE|HGIAC SANS Security Awareness Professional