Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
About the role
- Senior SecOps Analyst overseeing end-to-end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
Responsibilities
- Lead the end-to-end vulnerability management process: scans, triage, adaptive prioritization (EPSS, SSVC, CISA KEV), assignment and remediation tracking
- Operate and optimize scanning platforms (Tenable, Microsoft Defender for Endpoint) and ensure full asset coverage (on-premises, cloud, containers)
- Manage surge patching processes for actively exploited critical vulnerabilities (CISA KEV, zero-days)
- Track and report key metrics: MTTR by severity, SLO compliance percentage, scan coverage, volume of exceptions
- Maintain the exceptions register and ensure automatic escalation on SLO breaches
- Produce dashboards and executive reports
- Maintain continuous monitoring of new vulnerabilities, active exploitation campaigns and CERT/CISA advisories
- Collaborate with cross-functional teams to coordinate remediation windows
- Contribute to the review and evolution of policy DIR12 (Vulnerability Management)
- Participate in the implementation of automation and remediation orchestration tools (SOAR)
Requirements
- Bachelor’s degree in Computer Science, Cybersecurity, Software Engineering or a related field
- Minimum of 5 years’ experience in security operations or vulnerability management
- Demonstrated experience with Tenable.io / Tenable.sc, Microsoft Defender or comparable vulnerability platforms
- Proficient with Windows Server and Linux operating systems
- Familiarity with cloud environments (Azure, AWS) and container technologies, as well as SIEM, EDR and SOAR solutions and their integration
- Proficient in Python and PowerShell
- Knowledge of NIST CSF, CIS Controls and ITIL frameworks
- Ability to produce metrics, KPIs and reports for different audiences
- Ability to manage urgent situations and work under pressure during critical vulnerabilities
- Fluency in French and English, both spoken and written
- Experience with modern prioritization frameworks (EPSS, SSVC, CISA KEV) (major asset)
- Experience in regulated environments (finance, insurance, healthcare) (asset)
- Relevant certifications such as CISSP, GEVA, CEH, CompTIA CySA+ or equivalent (asset)
Benefits
- Hybrid work model adapted to the role with scheduled office presence
- Vacation from the first year
- Opportunities for internal advancement
- Annual bonus
- Group insurance plan (dental, vision and travel insurance)
- Defined-benefit pension plan
- Employee well-being: $400 wellness account, employee and family assistance program, and telemedicine services
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Director, Security Operations & Infrastructure at Phreesia managing enterprise - wide security incident response. Leading operational excellence in security tooling and incident operations.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.
Cloud - oriented security resource responsible for implementing security controls in Microsoft 365 and Azure environments. Collaborating with IT, compliance and product teams for incident management and continuous improvement.
SecOps Business Development Solutions Consultant utilizing deep technical understanding of Fortinet’s security products. Driving client engagement through technical presentations and support for sales activities.
Director of Security Operations responsible for security operations and compliance at PPI. Leading teams and developing strategies to enhance security posture and manage incidents.