As a Senior Analyst, Security Operations, you will serve as the subject matter expert responsible for the effectiveness, coverage, and continuous improvement of Moneris' security monitoring and detection capabilities. This role sits at the intersection of Security Operations, Detection Engineering, and Security Platform Management. You will lead the evolution of key security controls across SIEM, EDR, WAF, SASE, and File Integrity Monitoring technologies, ensuring high-fidelity detection and visibility across the enterprise. Working closely with Security Engineering, Cloud, Infrastructure, and Compliance teams, you will drive platform enhancements, detection maturity, and monitoring effectiveness while supporting complex incident investigations. This is a highly technical role focused on improving security outcomes through tooling, telemetry, automation, and threat-informed detection engineering. Location: You will be based in our Toronto office, balancing in-office collaboration with remote flexibility. Reporting Relationship: You will report to the Senior Manager, Security Operations Posting Type: New Position Salary Range: The expected base salary range for this role is $113,000 - $149,000 Total compensation may also include variable or discretionary incentive components, including but not limited to bonuses and commissions. Individual job offers are determined by various factors, including experience, education, skills, certifications, and other business needs. Your Moneris Career – What you’ll do • Serve as the primary SME for SIEM, EDR, WAF, SASE, and File Integrity Monitoring platforms. • Own detection engineering activities, including log onboarding, use case development, tuning, and alert optimization. • Develop and maintain threat-informed detection use cases aligned to the MITRE ATT&CK framework. • Lead onboarding and integration of new systems, applications, and telemetry sources into monitoring platforms. • Develop and tune cloud-focused detections across Azure and GCP environments. • Analyze and optimize WAF rules, SASE policies, endpoint detections, and FIM controls. • Measure detection effectiveness through coverage, fidelity, false-positive reduction, and MTTD metrics. • Produce reporting on platform health, monitoring coverage, and detection maturity. • Support PCI DSS monitoring requirements, audit readiness, and evidence generation. • Lead security tooling initiatives and monitoring enhancement projects. Incident Response & Threat Hunting • Provide technical escalation support during complex security incidents. • Support investigations using endpoint, network, cloud, and application telemetry. • Lead proactive threat hunting activities across enterprise environments. • Identify detection gaps and implement improvements following investigations. • Contribute to post-incident reviews and continuous improvement initiatives. Your Moneris Career – What you bring Required Qualifications • 5–8 years of experience in Security Operations, Security Engineering, Detection Engineering, or a related cybersecurity discipline. • Hands-on experience with SIEM platforms such as Microsoft Sentinel, including log onboarding, rule development, and alert tuning. • Experience administering and supporting EDR platforms such as Microsoft Defender or CrowdStrike. • Strong understanding of the MITRE ATT&CK framework and threat-informed detection methodologies. • Hands-on experience managing and tuning Web Application Firewalls (WAF). • Experience working with SASE platforms and modern network security controls. • Experience supporting File Integrity Monitoring solutions and related detection workflows. • Experience building and tuning detections across multiple security technologies. • Strong understanding of endpoint, network, application, and cloud attack techniques. • Experience correlating and investigating logs across multiple telemetry sources. • Familiarity with Infrastructure as Code concepts and reviewing security control deployments. • Strong analytical, troubleshooting, and problem-solving skills. Preferred Qualifications • Experience using Terraform or similar Infrastructure as Code tools. • Experience supporting PCI DSS compliance requirements. • Experience securing Azure and GCP cloud environments. • Experience working with MSSPs and managed security monitoring models. • Industry certifications such as CISSP, GCIH, GCIA, GCED, SC-200, or equivalent. We understand that systemic barriers may contribute to imposter syndrome for some candidates. We encourage you to apply even if you do not meet every qualification listed.  #LI-Hybrid #TECH-IND