Security Operations Centre (SOC) Analyst

CyberaCalgary, AB
Hybrid

About The Position

Cybera is a not-for-profit agency dedicated to improving the lives of Albertans through digital technologies, serving education, enterprise, research, and government sectors. They have established a regional Security Operations Centre (rSOC) to monitor, detect, and respond to cybersecurity threats targeting Alberta’s post-secondary institutions. As a SOC Analyst, you will have a hands-on opportunity to apply your security knowledge and experience across various cybersecurity domains and incident response stages. Success in this role depends on your ability to effectively identify and investigate incidents, manage escalations, and collaborate with members throughout the incident lifecycle until resolution. This role encourages challenging the status quo, creative thinking, and adopting a growth mindset to develop innovative solutions. Continuous learning and exposure to leading security technologies will be supported by the rSOC team to build advanced defenses against cyber threats.

Requirements

  • Minimum one year in a SOC environment.
  • Experience documenting cybersecurity processes and procedures, and utilizing playbooks to investigate and respond to incidents.
  • Understanding of cybersecurity threats and risks to the academic sector.
  • Ability to identify, analyze, document, and report relevant threats and incidents.
  • Experience in identifying and investigating security incidents.
  • Practical understanding of cybersecurity concepts, such as incident response practices, vulnerability management, and IT Service Management concepts.
  • Demonstrated ability to gain trust and credibility from internal and external stakeholders.
  • Experience with SIEM and UEBA technologies.
  • Experience with SOAR technologies and utilizing playbooks
  • Experience with EDR technologies such as Microsoft Defender ATP, CrowdStrike, or SentinelOne.
  • A thorough understanding of the MITRE ATT&CK framework and Cyber kill-chain.
  • Experience with investigating brute-force attacks, phishing email, malware, and network log analysis.
  • Ability to document and explain technical details clearly and concisely to both technical and non-technical audiences.
  • Practical networking experience with an understanding of TCP/IP and other network protocols.
  • Experience with using threat intelligence feeds; excellent troubleshooting and analytical thinking skills.
  • Strong documentation and communication skills.

Nice To Haves

  • (ISC)2, CompTIA, GIAC, or other relevant cybersecurity certifications are desirable.

Responsibilities

  • Conduct proactive monitoring, investigation, and escalation of security incidents.
  • Recognize potential, successful, and unsuccessful intrusion attempts and compromises through correlation analysis of relevant event details and summary information.
  • Investigate malicious URLs, domains and IPs using open source and sector intelligence.
  • Provide mitigation guidance and support in response to identified threats, drawing upon common industry practices and vendor recommendations.
  • Continuously build and evolve high confidence and high fidelity detection rules for anomalous or suspicious events, in collaboration with other rSOC team members.
  • Actively contribute to the continuing development of the rSOC practices, processes, procedures, standards and methodologies, and actively contribute to the knowledge base.
  • Utilize playbooks, guidelines and various techniques for investigating incidents using rSOC technologies.
  • Report log coverage gaps, parsing issues and high-volume detection of false positives, with other rSOC team members.
  • Participate in ongoing monthly meetings with members to present service performance metrics, discuss notable events, and other operational matters.
  • Act as the first point of contact for security incidents and service requests into the rSOC, in line with set SLAs.
  • Apply cybersecurity and privacy principles to organizational requirements.

Benefits

  • Health & Vision benefits from day 1.
  • Long & Short term disability benefits from day 1.
  • Flexible Health Spending Account (after successful probation).
  • Annual professional development funds.
  • Regular Lunch & Learns covering department updates to EDI topics.
  • RRSP program (after successful probation).
  • Healthy snacks in the office – and sometimes unhealthy snacks.
  • 10 days per year to use for sick time or mental health breaks.
  • The opportunity to invest in yourself and your career.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service