Incident Response Specialist

About The Position

Requirements

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or a related field.
• Proven experience in a cybersecurity role, preferably within a SOC/SIEM/SOAR environment.
• Experience in using Microsoft Sentinel & Defender / CrowdStrike EDR / Wizz Cloud Security.
• Strong knowledge of security frameworks, threat modelling, and incident response methodologies.

Nice To Haves

• Security certification is an advantage.
• Demonstrate knowledge of change management principles.
• Relevant certifications (e.g., Certified Information Systems Security Professional CISSP, Certified Ethical Hacker CEH or CompTIA Security+, etc.)
• Excellent analytical and problem-solving skills.
• Strong communication skills and the ability to work collaboratively in a small team environment where we share capacity and effort.
• International/global experience is an advantage.
• Experience with SIEM/Cloud security tools and automation technologies.
• Familiarity with anti-malware solutions and endpoint detection strategies.
• Proficiency in scripting languages for automation (e.g., Python, PowerShell) is an advantage.
• Experience in digital forensics (log analysis and technical root cause assessment).
• Awareness of infrastructure and network security features like firewall rules, event IDs, logging/detection, and managing assets in manufacturing / OT environments.

Responsibilities

• Lead and coordinate end-to-end incident response activities using an industry-recognized framework (e.g., NIST, SANS), from detection through containment, eradication, and recovery.
• Act as the primary escalation point for complex or high-severity security incidents.
• Ensure consistent and effective response across multiple tools, platforms, and environments (cloud, on-prem, endpoints, OT where applicable).
• Conduct detailed technical investigations, including log analysis, endpoint forensics, and network analysis to determine root cause and scope of incidents.
• Preserve and manage forensic evidence in line with legal and regulatory requirements.
• Produce clear and structured post-incident reports, including root cause analysis and recommendations.
• Operate across a wide range of security tooling (SIEM, EDR, SOAR, cloud security platforms) without reliance on a single vendor ecosystem.
• Correlate data from multiple sources to build a comprehensive view of incidents.
• Develop, maintain, and optimize incident response playbooks and runbooks.
• Identify gaps in detection and response capabilities and work with engineering and SOC teams to improve coverage.
• Work closely with SOC analysts, threat hunters, and threat intelligence teams to enhance detection and response outcomes.
• Provide clear and timely communication to stakeholders, including senior leadership, during incident situations.
• Support and lead incident response simulations, tabletop exercises, and purple team activities.
• Contribute to building organizational readiness and resilience against cyber threats.

Benefits

• Medical, Dental and Vision Insurance
• Generous Paid Time Off options, including Vacation, Sick time and national holidays
• Registered Retirement Savings Plan Program (RRSP)
• Company paid life insurance
• Annual Corporate Bonus and Quarterly Sales Incentive for eligible positions
• Long Term Incentive Plan for eligible positions
• Wellness programs