Position Summary:Reporting to the Director, Information Security, you are responsible for the day-to-day security operations of the organization, including monitoring, detection, incident response coordination, and continuous improvement of security controls. The role acts as a key liaison between our MSSP and internal stakeholders, ensuring effective threat detection, response, and operational alignment. This role also leads security awareness initiatives and contributes to proactive threat hunting and vulnerability management activities.
Major Duties & Responsibilities:- Monitor, triage, and coordinate the response to security alerts and incidents in collaboration with our MSSP; perform incident analysis, support containment and remediation, maintain incident documentation, and contribute to post-incident reviews and root cause analysis
- Develop, tune, and maintain detection use cases across security platforms aligned to MITRE ATT&CK; continuously improve detection coverage through threat intelligence, incident learnings, and proactive threat hunting
- Coordinate vulnerability identification, prioritization, and remediation with IT teams. Track remediation progress, report on risk exposure, and support patch validation
- Design and execute security awareness and training programs, manage phishing simulations and analyze results for reporting and improvement actions
- Support security assessments for new and existing vendors
- Support security reviews for new and existing systems, ensuring adherence to security requirements, secure design principles, and regulatory expectations
- Leverage SIEM, EDR/XDR, and SOAR capabilities to automate detection, response, and reporting activities, including development of hunting queries and custom detection logic
- Support monitoring and control activities related to identity and access management, including user access reviews and privileged access monitoring
- Contribute to data protection initiatives, including alignment with data classification and DLP controls
- Produce and maintain operational security metrics (e.g., MTTD, MTTR, vulnerability remediation timelines) and provide regular reporting to leadership
- Create configuration baseline and policies using industry best practices such as the Center for Information Security (CIS) benchmarks and configuration checklists
- Oversee the enforcement of security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating possible security exceptions; update and maintain documented security controls
- Stay up-to-day on information security trends and industry best practice approaches
Qualifications & Experience:Degrees, Diplomas & Certifications:- Bachelor's degree in Computer Science, Information Security, or a related field
- Relevant industry certifications are considered an asset, including:
- CompTIA Security+ or CySA+
- GIAC (e.g., GCIH, GCIA)
- Microsoft Certified: Azure Security Engineer Associate (or equivalent M365 security certifications)
- Certified Cloud Security Professional (CCSP) or similar cloud-focused certification
Years and Range of Experience Required to Perform the Job:- 3+ years of experience in Security Operations, SOC, or Incident Response roles
- Hands-on experience with SIEM, EDR/XDR, and cloud security platforms (e.g., Microsoft Defender, Sentinel)
- Experience working with MSSPs or external SOC providers
- Familiarity with threat detection, incident response processes, and MITRE ATT&CK framework
- Experience coordinating vulnerability management and remediation activities
- Familiar with commonly used Information Security frameworks such as CIS and NIST
- Knowledge of identity and access management concepts, including privileged access controls
- Strong analytical and problem-solving skills with the ability to investigate and respond to security events
- Experience with:
- KQL, PowerShell, or Python for detection and automation
- SOAR platforms or automation playbooks
- Familiarity with:
- Cloud security controls (Azure preferred)
- Regulatory expectations (e.g. PIPEDA, OSFI related guidelines)
