3 Security Incident jobs in Canada
Security Incident Response Specialist - SOC
Posted 1 day ago
Job Viewed
Job Description
Job Description
Be the first line of defense
As a Security Incident Response specialist in our SOC team, you'll play a pivotal role in ensuring the security of our systems and data. Your primary responsibility will be to identify, investigate, and resolve security incidents. You'll coordinate incident response efforts, working with the right experts, evaluating severity, and continuously learning from past incidents to improve our defenses.
Here's what makes this opportunity exciting:The Coveo Platform is trusted by global enterprises to deliver personalized search and AI-powered recommendations at scale. As part of the SOC team, you will protect not only the platform but the entire organization by proactively identifying, investigating, and resolving security incidents.
If you're passionate about defending critical systems and having a significant impact, this is your chance to drive security forward!
Here's what you'll be responsible for:- Analyzing security events to determine if they indicate potential security incidents or breaches. You'll investigate suspicious activities, anomalies, and indicators of compromise (IOCs) to identify threats.
- Leading incident response efforts to contain, mitigate and resolve security incidents. This involves isolating compromised systems, making sure security patches are applied, or implementing other remediation measures.
- Proactively searching for advanced threats or persistent attackers in our environments by leveraging threat intelligence and conducting in-depth investigations to neutralize threats.
- Documenting security incidents, investigation findings, and remediation actions taken for compliance and reporting purposes. You'll prepare incident reports and provide recommendations to improve the organization's security posture.
- 2-3 years of experience in security incident response, with a solid understanding of security defense solutions like EDR, SIEM, CNAPP, and a commitment to staying updated on emerging technologies.
- Problem-solving mindset with the ability to think critically under pressure.
- Strong investigative skills and a drive to protect the company from malicious actors and mistakes.
- Bachelor's degree or certificate in development, computer science, or a related field, along with programming knowledge.
- Familiarity with the Microsoft security suite and hands-on experience with AWS.
- Excellent communication and collaboration skills, with the ability to bring together teams of experts and coordinate their efforts effectively.
Do you think you can bring this role to life?
You don't need to check every single box; passion goes a long way and we appreciate that skillsets are transferable.
Send us your application, we want to get to know you! Join the Coveolife !
We encourage all qualified candidates to apply regardless of, for example, age, gender, disability, gaps in CV, national or ethnic background. We know that applying for a new role is a lot of work and we really appreciate your time.
#li-hybrid #li-remote
Senior Security Specialist - Incident Response
Posted 1 day ago
Job Viewed
Job Description
Job Description
GlassHouse Systems (GHS) is an enterprise systems, and managed services solutions provider that develops, designs and deploys solutions for leading enterprises in Canada and the US. For almost 32 years, GHS has delivered an enterprise level of service and support to clients. Recognized with industry-leading awards each year, GHS translates this differentiation into positive client experiences.
This role requires an experienced security professional with technical expertise in incident handling, malware investigation and containment, and IR process improvement. In this role, you will be developing and updating IR playbook and runbooks, conducting IR investigations, and participating in IRDF and security governance projects.
Responsibilities:
· Create and update incident response playbooks and runbooks
· Develop and update incident response methodologies, procedures, and processes
· Develop, review, and maintain security policies and standards in alignment with industry best practices and regulatory frameworks
· Enhance existing IR practice and review of internal processes and activities to assist in identifying potential opportunities for improvement
· Lead and conduct incidents investigation, containment, and remediation
· Engage with clients and guide them on a broad range of technology throughout the incident lifecycle
· Perform root cause analysis for cyber incidents and breaches
· Conduct malware analysis and sandboxing
· Collaborate in forensics investigations
· Provide expert-level briefings to internal and external stakeholders during and after incidents
· Train team members to use and apply IR playbooks and runbooks
· Lead the planning, execution, and delivery of cybersecurity initiatives and projects
· Contribute to penetration test projects
· Manage and optimize security technologies such as SIEM, EDR, and SOAR
· Conduct proactive threat hunting activities using EDR/SIEM data
· Evaluate new threat vectors and support detection engineering teams to improve defenses
· Collaborate in maintaining and managing internal threat intel platforms to aggregate, enrich, and distribute threat intelligence data to internal teams and clients
· Contribute to cyber risk assessments and security awareness programs
· Contribute to phishing campaign simulations and monitoring their effectiveness
Personal attributes:
· Strong verbal communication skills and excellent technical writing skills
· Strong team player and enjoys working in a fast-paced team atmosphere
· Ability to manage multiple priorities, commitments and projects
· Ability to communicate complex ideas verbally and through documentation
· Must be able to grasp highly technical concepts quickly, develop content, and independently document features for target audiences
Disclaimer:
What you'll get:
Competitive salary
Health benefits (medical, vision, dental)
Life insurance
Pension plan
Professional development
Amazing company culture
Free parking
Gym on-site
Join a team of professionals led by a diverse set of leaders from across the industry.
GlassHouse Systems commitment:
We believe that a diverse team is the key to innovation and growth. We are an equal opportunity employer that values diversity at our company and encourages all candidates to apply. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
GlassHouse Systems will accommodate individuals with disabilities through each stage of the recruitment process. Please advise us of any needs when your interview is booked and we will do our best to meet your needs.
Please note that all candidates have to be legally eligible to work in Canada.
Any offer of employment will be conditional upon a criminal record check.
GlassHouse Systems thanks all candidates for their interest, however only those selected to continue in the process will be contacted.
Requirements:
· This position requires employees to work from the GHS Toronto office a minimum of three days per week
· 5+ years of experience in cybersecurity, focusing on incident investigation and response
· Proven experience in conducting incident investigation and response, including analysis, containment, and remediation
· Bachelor’s or higher degree in computer science, information technology, information security, computer forensics, or a related field
· Expertise in analyzing Windows, Linux, and macOS logs and incidents
· Familiar with at least one SIEM and one EDR solution (e.g., QRadar, Splunk, SecOps, CrowdStrike, Defender, etc.)
· Knowledge of common technologies and protocols, like SIEM, IAM, Unix scripting, TCP/IP, LDAP, HTTP, DNS, Radius, SSO, Active Directory, cloud computing, etc.
· Excellent (technical) verbal and written communication skills.
· Experience in analyzing security advisories, threat intelligence feeds and providing guidance on risk mitigation strategies
· Familiar with security frameworks like MITRE ATT&CK and ability to identify and analyze TTPs
· Experience with Malware analysis
· Ability to participate in after hours on-call shifts
· High ethical and professional standards
Nice to have :
· Expert knowledge of forensics tools such as Encase, Axiom, Autospy, OSForenscis, FTK imager or similar
· Relevant Certifications such as GIAC (GCIA, GPEN, GWAPT, GCIH, GSEC, GCFA), CISSP, CCSP, CEH, CHFI
· Experience in penetration test
· Experience with vulnerability management technologies, processes and procedures
· Experience in cyber risk assessment/management
· Familiarity with compliance frameworks (PCI-DSS, HIPAA, etc.)
Be The First To Know
About the latest Security incident Jobs in Canada !