Enable job alerts via email!

SOC Analyst

Cynet Systems

Vaughan

On-site

CAD 70,000 - 90,000

Full time

Today

Be an early applicant

Job summary

A cybersecurity company in York Region is seeking a skilled SOC Analyst. The ideal candidate will have 2+ years of experience in security operations, specializing in incident detection and response. Key responsibilities include monitoring security events, validating threats, and communicating findings effectively. Relevant certifications are an asset, and familiarity with SIEM technologies is essential. This position offers opportunities for growth in a dynamic environment.

Qualifications

2+ years of experience in a SOC environment.
Hands-on experience with Microsoft Sentinel or similar SIEM technologies.
Exposure to Microsoft Defender Endpoint or similar technologies.
Good understanding of SANS and MITRE frameworks.

Responsibilities

Conduct real-time monitoring of security events.
Validate potential threats and perform security event triage.
Monitor logs and identify significant incidents.
Communicate findings and escalate concerns when necessary.

Skills

Incident detection and response

Malware analysis

Strong communication skills

Cloud security knowledge

Experience with SIEM technologies

Education

Relevant industry certifications (CISSP, CISM, etc.)

Tools

Microsoft Sentinel

Endpoint detection and response (EDR)

Web Application Firewalls

Job Description : Responsibilities

Conduct real-time, continuous 'eyes-on-glass' monitoring of security events, responses, and reporting.
Acknowledge tickets in ITSM according to defined service level agreements.
Perform security event triage and validate potential threats following standard processes and procedures.
Analyze, contextualize, and monitor security alerts from various advanced security platforms.
Utilize internal and external data sources to research and enrich event information, determining if an event warrants classification as an "incident."
Validate IOCs, investigate intrusion attempts, and conduct in-depth analysis and correlation of host-based logs, network traffic, and other data sources.
Conduct continuous monitoring of event logs, evaluating, analyzing, and correlating triggers based on established Threat Use Cases.
Diagnose events using identification playbooks to discern false positives or duplicates.
Execute daily tasks including ticket review, investigate security events effectively, communicate findings, and escalation concerns to senior staff and / or SOC Manager as needed, per the established playbooks and SOPs (Standard Operating Procedures).
Identify and prioritize incidents based on organizational impact or threat severity.

Qualifications

2+ years of experience in a SOC environment in the areas of : incident detection and response, remediation, malware analysis, or Incident Response / forensics
Hands-on experience with Microsoft Sentinel or other SIEM and EDR / XDR technologies, creating and running queries, and performing analytics, examination of logs and console events.
Exposure to Microsoft Defender Endpoint, CSPM / CWP, or similar technologies
Experience in Web Application Firewalls and API security
Knowledge or experience in cloud security (Azure)
Good understanding of SANS and MITRE Telecommunication&CK Frameworks.
Any industry relevant(s) certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+ or CompTIA CySA+, GIAC is an asset.
Strong understanding of business processes and ability to manage change / adhere to change management processes.
Great communication skills

Nice to Have

Knowledge or experience in cloud security (GCP or AWS)
Experience in malware analysis and reverse engineering

Get your free, confidential resume review.

or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.