LightBox

Senior Security Specialist

LightBox$135K — $145K *
Information Technology
Less than 5 years of experience
Job Overview by Ladders

Qualifications

  • 3-5 years in cybersecurity focusing on medium to critical incidents
  • Hands-on incident response skills, including containment and remediation
  • Experience collaborating with various teams for incident remediation
  • Proficiency with SIEM and EDR tools for large data analysis
  • Background in threat hunting and detection rule tuning
  • Knowledge of cyber threat intelligence practices
  • Willingness to work on-call and adjust hours as needed

Responsibilities

  • Lead the management of cybersecurity incidents for effective remediation
  • Conduct proactive threat hunting across systems to identify vulnerabilities
  • Improve detection rules to enhance threat visibility
  • Use threat intelligence to guide investigations and incident responses
  • Perform forensics to identify root causes of security breaches
  • Own investigations and drive resolutions with technical expertise
  • Refine processes and playbooks for improved incident handling
  • Mentor junior team members in cybersecurity best practices

Benefits

  • 100% health, dental, and vision coverage premiums paid
  • RRSP match (100% up to 4%)
  • 35 days paid time off, including 16 vacation days and 11 holidays
  • Opportunity to work abroad for 10 weeks
  • 18 weeks paid parental leave after 1 year
  • 5 days of paid volunteer work annually through Sage Foundation
  • $5,250 yearly tuition reimbursement after 6 months
  • Annual fitness reimbursement through Sage Wellness Rewards Program
  • Access to a library of on-demand career development and training programs
Full Job Description
Job Title
Senior Security Specialist

Job Description
As a Senior Security Specialist, you will join Sage's global Cyber Defence team and play a key role in protecting Sage's systems, data, and customers.

This is a hands-on senior technical role (Tier 3) focused on advanced incident response and complex security investigations, including incident investigation, containment, remediation, and post-incident analysis. You will respond to complex and escalated security incidents while strengthening Sage's detection and response capabilities.

You will own and lead investigations of critical security incidents (high-severity), perform forensic analysis, and proactively hunt for indicators of compromise across cloud and on-premises environments. You will also improve detection rules, develop response playbooks, and refine operational processes that strengthen Sage's cyber defence capabilities.

You will partner with Product Engineering, IT, Cloud Operations, Legal, and other cybersecurity teams to lead investigations and drive remediation across Sage's global environment.

Minimum Qualifications:
• 5 years of experience in cyber security responding to medium to critical security incidents
• Strong hands-on experience performing incident response activities including triage, investigation, containment, remediation, and post-incident analysis
• Proficiency using SIEM and EDR platforms to investigate security events and analyze large volumes of security telemetry
• Experience performing threat hunting and developing or tuning detection logic
• Knowledge of cyber threat intelligence practices, including analyzing attacker tactics and techniques and applying intelligence to improve detections and investigations
• Experience conducting incident investigations and forensic analysis to determine root cause and reconstruct attacker activity
• Experience investigating incidents in cloud environments (Azure, AWS, or GCP) including identity systems, logging, and cloud-native telemetry
• Experience working cross-functionally with engineering, IT, cloud operations, legal, and security teams to drive remediation
• Ability to work the required schedule and participate in the on-call rotation

Ideal/Bonus Qualifications
• Experience investigating application-layer attacks, abuse cases, or SaaS platform threats
• Advanced knowledge of cybersecurity and information security control best practices
• Certifications such as CISSP, SANS, or incident response, threat hunting, or forensics certifications

Work Schedule:
Monday-Friday, 8:00am - 4:00pm PST
Occasional adjusted hours (6:00am - 2:00pm PST) when covering UK colleagues during planned PTO
Participation in a shared on-call rotation (one weekend per month)

Location:
Hybrid; 3 days per week from our Vancouver office and 2 days from home

Key Responsibilities
Key Responsibilities
• Own and lead investigations of complex security incidents to ensure rapid containment, effective remediation, and secure recovery
• Perform proactive and hypothesis-driven threat hunting across endpoints, servers, cloud environments, and applications to identify malicious behaviour and emerging threats
• Develop and improve detection logic, alert tuning, and investigation workflows to enhance threat visibility and reduce false positives
• Apply threat intelligence to strengthen detection capabilities and prioritize investigations
• Conduct incident investigations and forensic analysis to determine root cause and reconstruct attacker activity
• Take ownership of complex investigations and drive remediation efforts through to resolution
• Improve incident response playbooks, procedures, and operational processes
• Lead cyber defence workstreams within larger security initiatives
• Mentor junior team members and support knowledge sharing across the team
• Investigate complex security alerts and confirmed incidents across SIEM, EDR, NDR, and cloud security platforms

Benefits? We have plenty...
• 100% paid premiums for health, dental, and vision coverage
• RRSP contribution match (100% up to 4%)
• 35 days paid time off (11 holidays, 16 vacation days, 3 personal days, 5 sick days)
• Work Away, an opportunity to work & play for 10 weeks in a country of your choice (from a Sage-approved list)
• 18 weeks of paid parental leave for birth, adoption, or surrogacy offered 1 year after your start date
• 5 days paid yearly to volunteer (through Sage Foundation)
• $5,250 tuition reimbursement per calendar year starting 6 months after your hire date
• Sage Wellness Rewards Program (annual fitness reimbursement)
• Library of on-demand career development options and ongoing training offerings

Compensation offered will be determined by factors such as location, level, job-related knowledge, education, and experience. Certain provinces in Canada require job postings to include a reasonable estimate of the salary range applicable to the role. For this role, in those locations, the target base salary range for new hires is C$135,000 to C$145,000. In addition to base salary, employees will participate in a bonus plan (20%) based on company and individual performance. Our talent acquisition team will provide specific opportunities on our bonus or incentive programs. The range listed is just one component of the Sage total compensation package.

#LI-CH1

Function
Global Information Security

Country
Canada

Office Location
Vancouver

Work Place type
Hybrid

Similar Jobs

More Jobs at LightBox

More Information Technology Jobs

Find similar Senior Security Specialist jobs: