Job Title : SOC MDR L2 Analyst
Location : Downtown Toronto (onsite 3 days per week)
Term : 10-month (extendable)
Description
Our client is an industry leading firm that serves clients on a variety of specialized projects that help them to work smarter, grow faster and compete better.
Why join their contract workforce?
- Interesting work : Deliver work that matters to you. We provide the opportunity to get involved in highly technical, complex and interesting projects where you can leverage your specific skillset and expertise to add value.
- Enrich your skills : Access to best-in-class technology, market intelligence and resources to advance your unique technical skills and expertise. Work alongside diverse, passionate and highly skilled professionals working together to drive innovation.
- Flexible opportunities : Find projects that match when and where you want to work.
The opportunity :
We are looking for a dynamic, experienced Cyber security professional to join our growing Cyber Security Services team as a SOC Level 2 Senior Analyst. Our client’s leading cyber security practice provides a comprehensive suite of cyber security services, from cyber governance, strategy, defense and response, through to complete end-to-end cyber security transformation services. This is a 10 month contract with possibility of extension, presence at our Toronto downtown office is required 3 days a week (not specific days). Lastly, availability to work shifts starting between 2pm-10pm EST is required occasionally to cover incident response outside of regular business hours, the team will provide notice in advance.
What you will do :
Serve as the primary point of contact during high-severity incidents, ensuring swift containment and resolution in collaboration with the CSIRT team, if necessary.Assess escalated issues from L2 SOC analysts to determine increased risk to the business.Review log data against security technology rules, proposing enhancements to threat detection.Collaborate with SIEM Engineers to fine-tune security events and improve alert detection rates.Develop and maintain incident response playbooks, identifying areas for improvement and suggesting task automation.Work closely with CTI teams to enhance our threat detection, suggesting threat use cases development based on Tactics, Techniques, Procedures (TTPs).Analyze critical events and security tickets to evaluate the effectiveness of incident management processes and suggest improvement plans.Stay updated on security threats, countermeasures, security tools, and advancements in Cloud Security and SaaS technologies.Track incidents against frameworks such as SANS and MITRE ATT&CK.Provide technical and thought leadership within the SOC, guiding and teaching other analysts.Your qualifications :
Over 7 years of highly technical experience in a SOC environment.Relevant certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+, or CompTIA CySA+, GIAC.Hands-on experience with Microsoft Sentinel or other SIEM and SOAR technologies.Proficient in Microsoft Defender Endpoint, CSPM / CWP, or similar technologies, with a focus on vulnerability assessment and recommendation.Experience in malware analysis and reverse engineering.Business development expertise, including research, analysis, and proposal writing.Evaluation of control frameworks, risk assessment, and opportunities for enhancement.Enterprise asset lifecycle management knowledge, including patch management, vulnerability management, security architecture, and endpoint management.Expertise in cloud transformation, architecture, and security operations.Leadership experience in managing complex projects.Strong communication skills, effectively presenting strategies, solutions, and insights to stakeholders.Leadership role experience, providing mentorship and knowledge sharing to the team and junior / intermediate analysts.