Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.
Responsibilities
Protecting the trust our customers place in Genesys Cloud requires constant vigilance, technical depth, and proactive defense
Safeguard a global SaaS platform by identifying advanced threats, strengthening identity controls, and driving resilient cloud security architecture
Conduct proactive threat hunting across AWS environments using SIEM, EDR, and cloud-native telemetry to identify and disrupt sophisticated threat activity
Investigate AWS GuardDuty findings and lead root cause analysis of security events, translating threat actor tactics, techniques, and procedures into actionable containment strategies
Develop and maintain threat intelligence feeds and indicators of compromise to strengthen detection capabilities and reduce dwell time
Execute quarterly vulnerability assessments and network segmentation scans, driving remediation to measurable risk reduction outcomes
Identify cloud misconfigurations and implement structured ticketing workflows to ensure timely and traceable remediation
Audit AWS IAM policies, service roles, and trust relationships to enforce least privilege and reduce identity-based attack surfaces
Utilize Identity Security Posture Management practices to detect over-privileged accounts, dormant identities, and authentication misconfigurations
Enhance detection tooling configurations across EDR and SIEM platforms to improve signal quality and operational efficiency
Monitor cloud security services for regression or control gaps and implement persistent validation mechanisms
Support incident containment, eradication, and recovery efforts using IAM-centric response methods such as credential rotation and session revocation
Collaborate with SecDev, PenTest, DevOps, and SRE teams to embed automation and strengthen secure-by-design practices
Requirements
Demonstrate mid-level experience securing AWS cloud environments within a SaaS or enterprise setting
Apply strong knowledge of Linux systems administration and foundational security principles including OWASP Top 10
Utilize EDR platforms such as CrowdStrike, SentinelOne, or Rapid7 and cloud SIEM technologies such as Splunk, Datadog, or Sumo Logic
Analyze threat actor behavior and perform structured root cause analysis to drive lasting remediation
Operate independently while managing security initiatives with minimal oversight
Communicate technical findings clearly to both technical and non-technical stakeholders
Work effectively within regulated environments and adhere to defined architectural and security standards
Benefits
Comprehensive extended group health coverage
Generous paid time off, including vacation and personal leave
Retirement savings program with employer RRSP matching up to a prescribed maximum amount
Family-friendly benefits, including parental leave top-up and adoption assistance
Growth and development opportunities through access to learning resources and internal mobility programs
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
Senior SecOps Analyst overseeing end - to - end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.