TEST - Security engineer – SOC (VIE Toronto, Canada – 2 years)

• Full-time

Sopra Steria, a major Tech player in Europe with 56,000 employees in nearly 30 countries, is recognized for its consulting, digital services and software development. It helps its clients drive their digital transformation and obtain tangible and sustainable benefits. The Group provides end-to-end solutions to make large companies and organizations more competitive by combining in-depth knowledge of a wide range of business sectors and innovative technologies with a fully collaborative approach. Sopra Steria places people at the heart of everything it does and is committed to putting digital to work for its clients in order to build a positive future for all. In 2023, the Group generated revenues of €5.8 billion.
The world is how we shape it.

We are looking for an experienced SOC Detection & Response Specialist to help build and enhance our Security Operations Center (SOC) offering. You will be responsible for developing detection rules, investigation and response workflows, security use cases, and playbooks to improve our detection and response capabilities.

Key Responsibilities:
- Develop, test, and fine-tune detection rules for SIEM and security monitoring platforms (Microsoft Sentinel, Palo Alto).
- Create and document security use cases to detect cyber threats based on MITRE ATT&CK techniques.
- Design and implement incident investigation and response processes to ensure efficient threat management.
- Build automation playbooks using SOAR tools to improve incident response efficiency.
- Collaborate with SOC analysts to refine alert tuning and reduce false positives.
- Perform threat modeling and intelligence-driven detection to proactively identify threats.
- Work with customers and internal teams to define SOC workflows and escalation procedures.
- Evaluate log sources and data ingestion strategies to enhance security visibility.
- Stay up to date with the latest threats, vulnerabilities, and attack techniques to improve SOC detection capabilities.
- Provide guidance on log source onboarding, parsing, and correlation for improved detection coverage.
- Threat intelligence analysis is a plus.

Required Skills & Experience:
- 3+ years of hands-on experience in a SOC, Threat Detection, or Incident Response role.
- Expertise in SIEM platforms (e.g., Microsoft Sentinel, Splunk, QRadar, Elastic Security).
- Experience writing custom detection rules using KQL, SPL, Sigma, or other query languages.
- Strong knowledge of cyber threat detection, attack techniques (MITRE ATT&CK), and security event analysis.
- Experience with SOAR platforms (e.g., Microsoft Sentinel Playbooks, Palo Alto XSOAR, Splunk SOAR) for automation.
- Familiarity with log sources (firewalls, EDR, IAM, cloud logs, etc.) and how to build detections based on them.
- Knowledge of incident response frameworks (NIST, SANS, etc.) and how to structure response processes.
- Scripting skills (Python, PowerShell, Bash) for automating security tasks (a plus).
- Certifications such as Microsoft Security, PaloAlto XSIAM, or equivalent certifications are a plus.

Requirement:
- Bachelor's degree in Information Technology or a related field (or equivalent experience)
- Excellent interpersonal, communication, and listening skills
- English required

- Comprehensive group benefits plan: life insurance, long-term disability, healthcare, dental, vision, and a health spending account to promote health and wellness (Sopra Steria covers 100% of premiums)
- Paid statutory holidays, sick days, personal days, as well as 3 weeks of vacation
- Monthly transportation allowance
- Hybrid work environment
- Company equipment to help you work efficiently
- A friendly, collaborative, and inclusive culture
Sopra Steria has been certified as a Great Place to Work.

We offer phenomenal career progression opportunities and benefits which you can flex to meet your needs. Excellent training and development opportunities, and the encouragement to develop your skills in a supportive and friendly environment.