Position Summary:
Under the guidance of the Manager, Cybersecurity Operations, the Senior Cybersecurity Specialist is responsible for the day-to-day operation, management, and continuous improvement of the organization’s cybersecurity tools and processes. This role is a key member of the Security Operations team, actively monitoring, triaging, and responding to security alerts and incidents. The analyst plays a hands-on role in managing security infrastructure, threat intelligence integration, and ensuring the operational effectiveness of security controls.
Key Accountabilities:
Security Monitoring & Incident Response
- Monitor, analyze, and triage security alerts from SIEM, EDR, firewall, and other security platforms.
- Perform Tier 2/3 incident response, including threat containment, eradication, and recovery.
- Conduct root cause analysis and post-incident reviews to inform improvements.
- Contribute to the maintenance of incident response plans, playbooks, and response runbooks.
Cybersecurity Tool Management & Optimization
- Administer and tune cybersecurity tools (e.g., SIEM, EDR, vulnerability scanners, DLP, email security, etc.).
- Create and refine detection rules, alerting thresholds, and automated workflows.
- Ensure tools are integrated effectively and function as intended across environments.
- Collaborate with vendors and MSSPs (if applicable) to troubleshoot or enhance tool performance.
Vulnerability & Threat Management
- Perform vulnerability scans, analyze results, and coordinate remediation with infrastructure/application teams.
- Support threat hunting activities and help identify stealthy or low-signal threats.
- Stay informed about emerging threats, vulnerabilities, and attacker tactics (e.g., via MITRE ATT&CK, threat intel feeds).
- Assist in developing metrics and dashboards to track security posture and risk exposure.
Documentation, Reporting & Collaboration
- Maintain clear and accurate documentation including incident reports, tool configurations, and operational procedures.
- Provide technical reporting and summaries for audits, leadership, and compliance.
- Collaborate with IT, compliance, and business units to ensure security practices align with operational needs.
- Mentor junior analysts and contribute to operational maturity initiatives within the security team.
Educational and Functional Requirements:
- Minimum 5 years of hands-on experience in cybersecurity operations, incident response, or related IT security roles.
- Post-secondary education in Information Technology, Cybersecurity, Computer Science, or a suitable combination of education and experience.
- Industry-recognized certifications such as CISSP, CISM, GCIH, GCIA, CompTIA CySA+, or equivalent are highly preferred.
- Proven expertise in deploying and managing cybersecurity tools and infrastructure, including SIEM, EDR, firewalls, and vulnerability scanners.
- Experience with operational cybersecurity tasks, including threat detection, log analysis, system hardening, patch management, and network security controls.
- Strong understanding of threat landscapes, attack techniques (e.g., MITRE ATT&CK), and common security frameworks such as NIST, ISO 27001, or CIS Controls.
- Excellent communication and collaboration skills, with a demonstrated ability to respond effectively to both technical and non-technical stakeholders.
- Experience supporting audits and regulatory compliance processes is considered an asset.
Minimum Salary (CAD $) 71,500 - Midpoint Salary (CAD $)96,500.00 - Maximum Salary (CAD $) 121,500.00
