Director overseeing integrated security operations, focusing on SOC management and cyber defense strategies for a fintech company in Canada.
About the role
- Security Operations Analyst at KUBRA ensuring data protection and responding to security incidents. Join a dynamic team focused on continuous improvement in cybersecurity.
Responsibilities
- Security Infrastructure Management: Maintain and optimize the security infrastructure (Firewalls, IDS/IPS, AV, SIEM, FIM, servers, etc.) with a specific focus on maintaining Exabeam SIEM and CrowdStrike (managing EDR, FIM, and DLP modules).
- Cloud Security Operations: Execute AWS cloud security operations, monitoring specific services (e.g., GuardDuty, Security Hub, CloudTrail) to secure cloud workloads and respond to cloud-native threats.
- Incident Response: Monitor systems, software, and skills to stay ahead of emerging threats: Lead or participate in security investigations and Assist during Incident Response and Recovery activities.
- Data Pipeline Management: Manage and optimize security data pipelines using Cribl to ensure efficient log routing, parsing, and data reduction before ingestion.
- Infrastructure as Code (IaC): Utilize IaC principles (specifically Terraform) to deploy, maintain, and audit security configurations and infrastructure.
- Network Security: Perform firewall operational tasks as approved.
- Governance & Risk: Maintain and enforce KUBRA’s IT management control framework that defines the institution’s overall approach to IT risk and control.
- Incident Management: Participate in on-call rotation to respond, investigate and resolve Security Incidents.
- Alert Coordination: Track and action alerts to ensure proper response is taken by coordinating the work efforts of internal teams and actions required of external service providers.
- SIEM Optimization: Apply understanding of environment and operational issues to work with external or internal parties for implementation or optimization of specific Exabeam SIEM use cases to help improve detection and response.
- Threat Intelligence: Maintain the vulnerability security digest, monitor threat feeds, and provide regular threat intelligence updates.
- Access Reviews: Conduct access control reviews on a case-by-case basis to systems and work with internal and external resources to update user control lists and provide reports.
- Audit & Compliance: Assist in remediation tasks related to audits/penetration tests.
- Training & Testing: Participate in internal and external table-top exercises related to cybersecurity.
- Documentation: Assist in development of process and procedure documents for Security Operations.
- Policy Guidance: Evaluate and provide guidance to exemption requests as per corporate policy and standards, to advise of risk involved.
Requirements
- A minimum of 2 years of experience operating and working in a functional SOC environment.
- A minimum of 2 years of experience in a Security Operations role.
- 2+ years of experience in Incident Management and related processes.
- Exabeam: Proven experience operating Exabeam SIEM is required.
- CrowdStrike: Hands-on experience with CrowdStrike EDR, FIM (File Integrity Monitoring), and DLP (Data Loss Prevention) is required.
- AWS Security: Strong operational knowledge of AWS Cloud Security operations is required.
- Cribl: Experience with Cribl for log shaping and routing is highly desirable.
- Terraform: Knowledge of Terraform or other Infrastructure as Code (IaC) tools is considered a strong asset.
- Prior experience with IAM and SOAR platforms.
- Knowledge of PCI, SOC, SOX and other standards.
- Incident Handler certification (e.g., E|CIH, GCIH, IHRP, CSIH, CIHE) is required.
- Other relevant certifications that are considered an asset include MCSE, CCNA, CCNP, GCIH, GCIA, GCFE, GREM, GCFA, GSEC etc.
- Degree or equivalent Experience in Information Security.
Benefits
- Thrive in an award-winning culture that champions growth, embraces diversity, and fosters inclusion for all. See our awards →
- Enjoy generous benefit coverage with low premiums, plus a Healthcare Spending Account and Wellness Spending Account
- Invest in your future with RRSP matching
- Take time to recharge with paid vacation and sick days, and enjoy a paid day off for your birthday
- Make a difference with two paid volunteer days to support causes you care about
- Keep learning with free access to LinkedIn Learning and our education reimbursement program for continued development
- Feel appreciated through our employee recognition programs
- Support your mental health with a free premium Headspace membership
- Stay refreshed with unlimited access to fully stocked beverage stations
- Save more with exclusive Perkopolis retail discounts
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Report this job
Found something wrong with the page? Please let us know by submitting a report below.
Security Operations Center Specialist responsible for managing cybersecurity incidents at an international iGaming company. Engaging in threat analyses, security assessments, and incident response operations.
Junior Cyber Defender (SOC Analyst) work on detection and response at Ontinue, an AI - powered security company. Collaborating with teams on investigations and internal process improvements in Canada.
Senior Security Operations Engineer managing security for cloud - native environments at an AI research company. Focus on automation, compliance, and operationalizing security tools across platforms.
Security Operations Manager managing cloud security and identity governance at Cohere. Leading a high - performing security team and executing on strategic business goals.
Senior SOC Analyst at Absolute Security responsible for threat monitoring, hunting, and incident response. Utilizing CrowdStrike Falcon and Microsoft Sentinel to secure enterprise assets against advanced threats.
Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.
Corporate Security Operations Lead managing security operations for Carbon60 in a hybrid environment. Involves monitoring, incident response, and security controls across cloud and internal systems.
Product Security Incident Response Manager at Autodesk responsible for external security assessments, penetration testing, and team leadership. Balancing technical work with mentorship to improve security posture.
Senior Security Operations Specialist protecting Relay's digital banking platform from security threats. Implementing advanced threat detection and incident response protocols for optimal business security.