SOC Analyst L2 & L3 needed in Mississauga, ON for hybrid contract role. Must have SIEM, SOAR, and EDR experience.
Responsibilities
Ability to work with very large and complex network. Self-motivated individual and creative thinker who will take ownership of tasks and projects, able to work with the team, and manages tasks effectively and has a proven track record of consistent and organized outputs. The ideal candidate will demonstrate an eagerness to understand complex problems and requirements, an aptitude for translating these problems into workable designs and solutions, and will possess a keen eye for detail. Responsibilities include reviewing SIEM escalated incidents, qualifying true positives, providing monthly trend and security analysis summary reports, performing advanced triages, liaising between cross-functional teams, and advocating protection and mitigation strategies.
Requirements
4+ years for L2 and 8+ years for L3. Knowledge/experience on any SIEM tool (preferably SPLUNK) and SOAR tools (preferably TINES). Exposure to Mitre framework. Hands-on experience in EDR platforms (CROWDSTRIKE) and threat analysis, threat hunting/incident response. Experience in analyzing security incidents and responding methodically. Knowledge in Network security/System Security/Endpoint Security. Experience in event monitoring, analysis, and escalations. Provide inputs for content management. Experience on monthly, weekly, and daily reporting. Willing to work on 24/7 operations. Strong knowledge of Windows, Linux, and MAC operating systems. Strong understanding of cyber security threats and recent trends. Experience in creating rules in SIEM. Understanding of AI usage in cyber security. Good verbal/written communication skills. Client-facing technical analysis report and presentation skills.
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.
Manager of Security Operations at Match Group overseeing detection engineering, security operations, and incident response. Leading a high - performing team to maximize threat response capabilities.
Senior SecOps Analyst overseeing end - to - end vulnerability management processes. Collaborating with teams to enhance security measures in a hybrid workplace.
SOC Analyst supporting 24/7 operational capabilities in cybersecurity at Starling. Collaborating with global teams to protect customers and assets through incident response and investigations.