Security Operations Lead designing Microsoft Sentinel and managing security operations at PwC. Collaborating with teams to enhance client security through advanced technology.
About the role
- Security Operations Analyst at KUBRA ensuring data protection and responding to security incidents. Join a dynamic team focused on continuous improvement in cybersecurity.
Responsibilities
- Security Infrastructure Management: Maintain and optimize the security infrastructure (Firewalls, IDS/IPS, AV, SIEM, FIM, servers, etc.) with a specific focus on maintaining Exabeam SIEM and CrowdStrike (managing EDR, FIM, and DLP modules).
- Cloud Security Operations: Execute AWS cloud security operations, monitoring specific services (e.g., GuardDuty, Security Hub, CloudTrail) to secure cloud workloads and respond to cloud-native threats.
- Incident Response: Monitor systems, software, and skills to stay ahead of emerging threats: Lead or participate in security investigations and Assist during Incident Response and Recovery activities.
- Data Pipeline Management: Manage and optimize security data pipelines using Cribl to ensure efficient log routing, parsing, and data reduction before ingestion.
- Infrastructure as Code (IaC): Utilize IaC principles (specifically Terraform) to deploy, maintain, and audit security configurations and infrastructure.
- Network Security: Perform firewall operational tasks as approved.
- Governance & Risk: Maintain and enforce KUBRA’s IT management control framework that defines the institution’s overall approach to IT risk and control.
- Incident Management: Participate in on-call rotation to respond, investigate and resolve Security Incidents.
- Alert Coordination: Track and action alerts to ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
- SIEM Optimization: Apply understanding of environment and operational issues to work with external or internal parties for implementation or optimization of specific Exabeam SIEM use cases to help improve detection and response.
- Threat Intelligence: Maintain the vulnerability security digest, monitor threat feeds, and provide regular threat intelligence updates.
- Access Reviews: Conduct access control reviews on a case-by-case basis to systems and work with internal and external resources to update user control lists and provide reports.
- Audit & Compliance: Assist in remediation tasks related to audits/penetration tests.
- Training & Testing: Participate in internal and external table-top exercises related to cybersecurity.
- Documentation: Assist in development of process and procedure documents for Security Operations.
- Policy Guidance: Evaluate and provide guidance to exemption requests as per corporate policy and standards, to advise of risk involved.
Requirements
- A minimum of 2 years of experience operating and working in a functional SOC environment.
- A minimum of 2 years of experience in a Security Operations role.
- 2+ years of experience in Incident Management and related processes.
- Exabeam: Proven experience operating Exabeam SIEM is required.
- CrowdStrike: Hands-on experience with CrowdStrike EDR, FIM (File Integrity Monitoring), and DLP (Data Loss Prevention) is required.
- AWS Security: Strong operational knowledge of AWS Cloud Security operations is required.
- Cribl: Experience with Cribl for log shaping and routing is highly desirable.
- Terraform: Knowledge of Terraform or other Infrastructure as Code (IaC) tools is considered a strong asset.
- Prior experience with IAM and SOAR platforms.
- Knowledge of PCI, SOC, SOX and other standards.
- Incident Handler certification (e.g., E|CIH, GCIH, IHRP, CSIH, CIHE) is required.
- Other relevant certifications that are considered an asset include MCSE, CCNA, CCNP, GCIH, GCIA, GCFE, GREM, GCFA, GSEC etc.
- Degree or equivalent Experience in Information Security.
Benefits
- Thrive in an award-winning culture that champions growth, embraces diversity, and fosters inclusion for all. See our awards →
- Enjoy generous benefit coverage with low premiums, plus a Healthcare Spending Account and Wellness Spending Account
- Invest in your future with RRSP matching
- Take time to recharge with paid vacation and sick days, and enjoy a paid day off for your birthday
- Make a difference with two paid volunteer days to support causes you care about
- Keep learning with free access to LinkedIn Learning and our education reimbursement program for continued development
- Feel appreciated through our employee recognition programs
- Support your mental health with a free premium Headspace membership
- Stay refreshed with unlimited access to fully stocked beverage stations
- Save more with exclusive Perkopolis retail discounts
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
SOC Analyst monitoring detections for clients, executing response playbooks, and improving threat detection capabilities. Join Arctiq to protect organizations in today's digital landscape.
Lead SOC Analyst at IFS responsible for protecting global SaaS platform and internal systems. Collaborating across security teams to enhance security operations, detection, and response capabilities.
LP
ServiceNow Developer – SecOps
LinkedIn Recruiter Post
ServiceNow Developer - SecOps needed in Calgary, AB (Hybrid) with 7 - 10 years of security ops experience.
Senior Security Operations Engineer driving security incident response efforts for Affirm's systems and customers. Collaborating with teams to improve security posture and build automated playbooks.
Cybersecurity Analyst providing first - level incident response and client support at CDW. Monitoring security incidents, providing client communications, and engaging in professional development activities.
Business Development Manager responsible for sales engagements with Field Sales teams. Driving SecOps product revenue objectives and solving complex security challenges.
Security Operations Analyst part of Diligent’s Security team ensuring safety and compliance for personnel and assets. Monitoring security alerts and managing incident responses effectively.
Trust & Safety Senior Associate in InfoSec Ops at Instacart ensuring data safety through collaboration and operational management responsibilities. Focus on vendor data practices, audit readiness, and project leadership.
Security Operations Specialist providing second - level technical client support for cyber incidents and system issues at CDW. Requires a degree and security experience in a client - focused environment.