Senior Internal SOC Analyst leading security triage and investigations for Darktrace, utilizing AI - driven cybersecurity technology. Collaborating on incident response and mentorship within a hybrid work environment.
About the role
- Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.
Responsibilities
- Protecting the trust our customers place in Genesys Cloud requires constant vigilance, technical depth, and proactive defense
- Safeguard a global SaaS platform by identifying advanced threats, strengthening identity controls, and driving resilient cloud security architecture
- Conduct proactive threat hunting across AWS environments using SIEM, EDR, and cloud-native telemetry to identify and disrupt sophisticated threat activity
- Investigate AWS GuardDuty findings and lead root cause analysis of security events, translating threat actor tactics, techniques, and procedures into actionable containment strategies
- Develop and maintain threat intelligence feeds and indicators of compromise to strengthen detection capabilities and reduce dwell time
- Execute quarterly vulnerability assessments and network segmentation scans, driving remediation to measurable risk reduction outcomes
- Identify cloud misconfigurations and implement structured ticketing workflows to ensure timely and traceable remediation
- Audit AWS IAM policies, service roles, and trust relationships to enforce least privilege and reduce identity-based attack surfaces
- Utilize Identity Security Posture Management practices to detect over-privileged accounts, dormant identities, and authentication misconfigurations
- Enhance detection tooling configurations across EDR and SIEM platforms to improve signal quality and operational efficiency
- Monitor cloud security services for regression or control gaps and implement persistent validation mechanisms
- Support incident containment, eradication, and recovery efforts using IAM-centric response methods such as credential rotation and session revocation
- Collaborate with SecDev, PenTest, DevOps, and SRE teams to embed automation and strengthen secure-by-design practices
Requirements
- Demonstrate mid-level experience securing AWS cloud environments within a SaaS or enterprise setting
- Apply strong knowledge of Linux systems administration and foundational security principles including OWASP Top 10
- Utilize EDR platforms such as CrowdStrike, SentinelOne, or Rapid7 and cloud SIEM technologies such as Splunk, Datadog, or Sumo Logic
- Analyze threat actor behavior and perform structured root cause analysis to drive lasting remediation
- Operate independently while managing security initiatives with minimal oversight
- Communicate technical findings clearly to both technical and non-technical stakeholders
- Work effectively within regulated environments and adhere to defined architectural and security standards
Benefits
- Comprehensive extended group health coverage
- Generous paid time off, including vacation and personal leave
- Retirement savings program with employer RRSP matching up to a prescribed maximum amount
- Family-friendly benefits, including parental leave top-up and adoption assistance
- Growth and development opportunities through access to learning resources and internal mobility programs
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Security Operations Intern responsible for security monitoring at Paddy Power Betfair. Involves data loss prevention investigations and content filtering analysis with a commitment to improving security posture.
SOC Analyst L2 responsible for managing and analyzing security incidents in digital transformation. Contributing directly to the protection of companies and infrastructures.
SOC Analyst L3 managing and analyzing security events and incidents for Var Group. Responsible for incident management and proactive threat analysis.
Senior Manager leading global IT security operations to protect company data and assets at Keenova. Overseeing incident response, monitoring, and cybersecurity capabilities with strategic oversight.
Security Operations Center leader at Woven by Toyota, managing triage and response to security alerts in Japan. Collaborating with global SOCs to ensure 24/7 operations.
GSOC Analyst responsible for security operations at Paramount Studios. Developing workflows, incident response, and risk monitoring in a dynamic team environment.
Senior Cybersecurity Analyst enhancing detection and response capabilities at Insulet, focusing on threat detection and incident response.
Supervisor for Global Security Operations Center at Enbridge. Leading a dedicated 24/7 team to monitor and protect global facilities and assets.
Security Operations Analyst at Orion Health focusing on monitoring and maintaining security tools while collaborating with teams. Engaging with real - world threats and enhancing operational security processes.