The Position :
We are looking for an SOC Analyst II to join BrokerLink in one of our offices in Alberta, Ontario, or Atlantic region on a Permanent FT Basis .
The SOC Analyst II is a key member of the Security Operations Center (SOC), tasked with advanced security event analysis, incident response, and escalation management. Acting as the escalation point for SOC Analyst I, they collaborate to investigate, contain, and remediate security threats. The SOC Analyst II also plays a significant role in security automation, SIEM rule development, and the continuous improvement of incident response processes, thereby enhancing the organization’s overall security posture. Additionally, they assist security advisors, manage vulnerabilities, ensure regulatory compliance, and strengthen security controls.
As part of our employee promise, here are some of the many perks of working with us :
- Flexible health and dental insurance benefits package
- Personal Spending amount to invest in your healthy lifestyle
- RRSP - Registered Retirement Savings Plan with Company matching
- ESPP - Employee Share Purchase Plan (TSX : IFC) program with matching aspect
- Dress for your day’, dress according to your daily schedule
- Competitive compensation package with bonus aspect
- Employee discount program, including Apple, Bell, Rogers and more!
- Paid Time Off in the form of : Personal days, Volunteer days, Exam / Study Time, Jury Duty and starting at 3 weeks of vacation per year!
- Working for an employer who is regularly recognized as one of Canada’s best employers such as Kincentric 2024
What the Role Entails :
Act as an escalation point for SOC Analyst I, providing guidance and expertise in analyzing security alerts. Take on a leadership role as the primary owner of incidents, coordinating response efforts, making critical decisions, and ensuring effective communication among all stakeholders throughout the incident lifecycle.Investigate and resolve security tickets from end users, ensuring timely and effective remediation of security-related issues.Monitor and respond to SIEM alerts, performing advanced triage, analysis, and investigation of security incidents to identify patterns and potential threats.Develop, refine, and implement SIEM detection rules, alerts, and reports to enhance threat identification.Utilize security automation and orchestration (SOAR) tools to streamline incident response and remediation processes.Support forensic investigations by analyzing logs, endpoint telemetry, and network traffic to determine root causes and recommend corrective actions.Develop and conduct security awareness training for end users, developers, and IT teams to strengthen the organization's security culture.Conduct threat hunting exercises to proactively detect unknown threats within the environment.Track emerging threats, vulnerabilities, and attack techniques to improve defensive capabilities.Generate and present security reports and incident summaries to technical and leadership teams.Collaborate closely with security advisors on projects and initiatives, providing insights and a security operations perspective to ensure effective implementation and alignment with operational security needs.Ensure security operations align with industry frameworks and regulatory requirements.Develop and maintain security playbooks to standardize threat detection and response activities, ensuring consistent incident handling.The Successful candidate will have :
Post-secondary education in Computer Science, Information Technology, Cybersecurity, or a related field.3-5 years of experience in security operations, incident response, and threat analysis.Strong background in security incident management, with the ability to lead investigations and coordinate response efforts to mitigate risks and ensure timely resolution of incidents.Critical and analytical thinking skills to identify and resolve complex security incidents and issues.Extensive experience with security tools such as SIEM platforms, endpoint detection and response (EDR) tools, vulnerability management tools, network monitoring tools, threat intelligence platforms, and incident response platforms.Excellent verbal and written communication skills to report security findings, collaborate with other teams, and provide actionable recommendations.Proficient in creating and reviewing documentation for policies, standards, guidelines, and procedures.Experience in security automation (SOAR) is a strong asset.Experience with cloud security monitoring for major cloud platforms is an asset.Industry certifications such as GCIH, GSEC, CySA+, or equivalent are an asset.