Resume Score

Check how well your resume matches this job before you apply.

Sign in to check score

About the role

  • CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.

Responsibilities

  • Triage, investigate, and analyse security incidents — own alerts from initial triage through to resolution or escalation, working within XSIAM as the primary investigation and case management platform\n• Validate agentic investigation conclusions — review, challenge, and provide structured feedback on AI-driven investigation outputs; identify false positives, missed signals, or incorrect conclusions, and feed insights back to improve automated pipeline quality\n• Write and maintain playbooks — author, review, and iterate on detection and response playbooks; ensure playbooks reflect current threat landscape, tooling, and team processes; follow playbooks consistently during incident response\n• Implement and tune correlation rules — develop and refine XSIAM correlation rules to improve detection fidelity; reduce false positive rates through systematic tuning; document changes and rationale\n• Handle cloud security incidents — investigate incidents originating in or involving cloud infrastructure (AWS, GCP, or Azure); understand cloud-native attack paths, misconfigurations, and threat indicators\n• Participate in the on-call rota — share on-call responsibility with the wider team; respond to critical and high-severity incidents outside business hours in line with defined SLAs\n• Contribute to threat detection improvement — proactively identify detection gaps, propose new use cases, and collaborate with Security Engineering to implement them\n• Support threat intelligence operationalisation — apply threat intelligence to detection, investigation, and hunting activities; consume and act on intelligence from internal and external sources

Requirements

  • SIEM and investigation platform proficiency — hands-on experience working in a SIEM for alert triage, investigation, and case management; familiarity with query languages used for log analysis (XQL, KQL, SPL, or equivalent)\n• Incident response competency — demonstrable experience investigating and responding to security incidents across a range of alert types (endpoint, network, identity, cloud); ability to follow and apply structured response methodologies\n• Detection engineering foundations — experience writing or tuning detection rules, correlation logic, or detection-as-code; understanding of what makes a detection effective and how to reduce noise\n• Cloud security knowledge — practical understanding of cloud environments (AWS, GCP, or Azure) as they relate to security; experience investigating cloud security incidents or misconfigurations\n• Endpoint telemetry analysis — ability to interpret endpoint telemetry during investigations; familiarity with the types of signals and indicators surfaced by endpoint agents\n• Playbook literacy — experience following formal incident response playbooks; ideally, experience writing or reviewing them\n• Analytical judgement — ability to critically evaluate evidence, assess confidence in conclusions, and make sound decisions with incomplete information\n• Communication — clear written communication; able to document investigations, produce concise incident summaries, and brief stakeholders appropriately\n• Ownership and accountability — takes end-to-end ownership of assigned incidents and tasks; follows through without requiring frequent prompting; flags blockers proactively.

Benefits

  • Enjoy a monthly Skip spend allowance – treat yourself!\n• Generous PTO with a buy and sell program with up to 5 extra days!\n• Up to 20 weeks top up for parental leave.\n• Flexible medical & dental insurance for you and your family.\n• Access world-class training resources to power your success.\n• Exclusive offers from Workperks from hundreds of top brands.\n• RRSP contributions with diverse investment portfolios.\n• Access paid sick time to care for yourself or your family when life happens & access to our well-being support programs.\n• Enjoy the freedom to work from almost anywhere in the world for 4 weeks a year.\n• Fuel your personal and professional evolution through our dedicated mentorship, global mobility pathways, and a wellness-first culture rooted in true diversity and inclusion.

Job type

Full Time

Experience level

Mid levelSenior

Salary

CA$79,440 - CA$88,800 per year

Degree requirement

Bachelor's Degree

Tech skills

AWSAzureCloudGoogle Cloud Platform

Location requirements

HybridWinnipegCanada

Report this job

Found something wrong with the page? Please let us know by submitting a report below.