Remotery

SOC Analyst, Canada

Posted May 14

This is a fully remote position, open to applicants in Canada.

📋 Description

• Continuously monitor and assess alerts and detections across SIEM, EDR/XDR, identity, email, network, and cloud telemetry for our managed clientele, applying severity classification and initial enrichment to every event you engage with.

• Conduct thorough investigations of suspicious activities from validation and pivoting to root-cause analysis, utilizing knowledge of attacker methodologies, the MITRE ATT&CK framework, and the cyber kill chain to arrive at confident, well-supported conclusions.

• Implement documented response playbooks to mitigate threats, including isolating hosts, disabling compromised accounts, blocking indicators, resetting credentials, and coordinating transitions with client and engineering teams.

• Collaborate with Detection Engineering to minimize noise and false positives, as well as to propose, test, and deploy new analytics, automations, and SOAR playbooks that enhance the SOC’s speed and accuracy.

• Maintain audit-grade documentation throughout each case, meticulously capturing notes, timelines, and customer-facing communications in the ticketing and case management system.

• Consistently achieve triage, investigation, and notification SLAs while upholding high accuracy, low false-positive rates, and strong client satisfaction across the portfolio.

• Promote continuous improvement of the SOC by incorporating lessons learned back into detections, playbooks, runbooks, and knowledge base articles in collaboration with SOC Leadership and Detection Engineering.

• Work during an assigned shift (Day, Swing, or Night) within a 24x7 rotation — including weekends and holidays as scheduled — and respond to on-call escalations when necessary.


⛳️ Requirements

• One or more years of experience in an IT security role or IT support role with substantial security responsibilities.

• Proficient understanding of fundamental security concepts: TCP/IP, common protocols, Windows and Linux basics, Active Directory / Entra ID, cloud (Azure / AWS / GCP) essentials, and prevalent attacker techniques.

• Familiarity with at least one SIEM and one EDR/XDR platform; comfortable writing or modifying basic queries (KQL, SPL, or similar).

• Proven ability to communicate effectively and collaborate within a diverse, high-performance team environment, along with a strong dedication to customer service.

• Candidates will be required to undergo a background examination.


🏝️ Benefits

• Health insurance

• Flexible work arrangements

• Paid time off

• Professional development

People also viewed

CACI International Inc3 days ago

Security Operations Center Specialist

US flagUnited States OnlyFull-timeSecurity Operations$90.3k – $189.6k/year
ApplyView job
MROJun 26

Senior Analyst, AI Operations & Security

US flagUnited States OnlyFull-timeSecurity Operations$92k – $124k/year
ApplyView job
MozillaJun 26

Senior Security Engineer, Add-ons Operations

CA flagCanada OnlyFull-timeSecurity Operations$104k – $139k/year
ApplyView job
Veeam SoftwareJun 25

Senior Cyber-Security Operations Analyst, Product AppSec

US flagTexas OnlyFull-timeSecurity Operations$121.4k – $225.3k/year
ApplyView job
XepelinJun 25

Cybersecurity Engineer – SecOps Sr

AR flagArgentina OnlyFull-timeSecurity Operations
ApplyView job
SamsaraJun 25

Senior Security Operations Engineer

US flagCalifornia, +9 more statesFull-timeSecurity Operations$132.6k – $171.6k/year
ApplyView job

Never miss a great job!

Get handpicked remote jobs straight to your inbox weekly.

Trusted by 7,400+ designers