about 10 hours ago
Toronto, Canada
Mid Level / Senior
H1B Sponsor
Responsibilities
- Investigate security alerts across SIEM, EDR, and cloud security platforms.
- Develop, test, and tune detection rules to improve signal quality.
- Correlate data from multiple telemetry sources to identify attack patterns.
- Monitor emerging threats and update detection logic accordingly.
- Contribute to automation efforts by building or refining SOAR playbooks.
- Document incidents and contribute to post-incident reviews.
Requirements
- 2–4 years of experience in security operations, detection engineering, or incident response.
- Experience analyzing logs and tuning alerts within SIEMs and EDR platforms.
- Experience writing detections using query languages like SQL or KQL.
- Familiarity with threat hunting and investigation techniques.
- Ability to analyze security telemetry and recommend improvements.
- Clear written and verbal communication skills.
Tech Stack
AWSKubernetesSQL
Categories
Security