Senior Security Operations Specialist protecting Relay's digital banking platform from security threats. Implementing advanced threat detection and incident response protocols for optimal business security.
Responsibilities
Monitor, triage, and investigate high-severity security alerts across cloud infrastructure, identity, SaaS, endpoints, and production systems
Validate threats versus noise and determine severity and impact
Execute containment actions and coordinate response across teams
Act as Incident Commander or deputy during security incidents
Build and maintain investigation runbooks and response playbooks
Work horizontally across Risk, AppSec, Engineering, Product, and business teams to ensure security findings lead to meaningful improvements in systems, practices, and outcomes.
Contribute to SOAR automation and alert enrichment
Produce high-quality incident documentation and post-incident remediation
Design and implement advanced threat detection logic using SIEM/XDR telemetry.
Perform threat hunting engagements to proactively detect stealthy adversaries.
Ensure security compliance and regulatory alignment: Partner with Compliance, Security, and Risk teams to implement and enforce security controls, standards, and policies across systems and services.
Requirements
5+ years in security operations, incident response, or related cybersecurity roles.
Strong cloud security and identity security experience (AWS preferred).
Comfortable making structured, high-impact decisions during active incidents.
Deep knowledge of common attack techniques, adversary TTPs (MITRE ATT&CK, etc.), and fraud/ATO patterns.
Strong written and verbal communication skills — able to explain complex technical issues to both technical and business audiences.
Ownership mindset with a bias toward action and continuous improvement.
Skilled in building detection logic and workflows for cloud-native environments and security tooling.
Experience with SOAR platforms and building/optimizing automated response playbooks.
Ability to communicate complex security issues clearly to both technical and business stakeholders.
Benefits
Compensation follows impact
Ongoing conversation with recruiters about compensation
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
Senior SecOps Analyst overseeing end - to - end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.