Senior Security Analyst (Permanent/Full-Time)

About The Position

Requirements

• Proven hands-on experience with SIEM, EDR, and other enterprise security monitoring platforms such as Microsoft Sentinel, Splunk, Defender XDR, or equivalent tools.
• Strong knowledge of SOC operations, including alert triage, incident analysis, containment support, case management, escalation, and post-incident review.
• Experience developing and tuning detections, analytics, correlation rules, and response workflows to improve visibility and reduce noise.
• Advanced analytical and investigative skills, with the ability to interpret logs, telemetry, and attacker behaviour across endpoint, identity, cloud, email, and network environments.
• Strong understanding of attack techniques, adversary behaviour, and security frameworks such as MITRE ATT&CK, NIST, or equivalent operational models.
• Demonstrated ability to balance technical depth with business acumen, communicate investigation findings clearly, and support risk-based decisions during security events.
• High attention to detail and a strong commitment to producing accurate, concise, and audit-ready investigation notes, reporting, and recommendations.
• Ability to work effectively across Infrastructure, Cloud, Data, Applications, and business functions to support security operations, incident response, and risk-based decision-making.
• Demonstrated ability to build trusted relationships, influence stakeholders, and coordinate cross-functional response activities during security incidents and operational escalations.
• Strong collaboration and mentoring capabilities, with a willingness to support team development and contribute to an open, inclusive, and high-performing security operations environment.
• Highly organized with the ability to manage competing priorities, coordinate follow-ups, and track investigations and security initiatives in a fast-paced environment.
• Excellent written and verbal communication skills, with the ability to tailor messaging for technical teams, leadership, and business stakeholders.
• Minimum of 7 years of progressive experience across information security functions such as security operations, incident response, threat detection, threat hunting, digital forensics, or security engineering.
• Hands-on experience investigating complex security incidents across endpoint, network, identity, email, and cloud environments.
• Experience leading or coordinating incident response activities, escalations, or cross-functional security investigations in a complex enterprise environment.

Nice To Haves

• Experience with modern SOC tooling, case management processes, and operational reporting is strongly preferred.
• Bachelor’s degree in Information Technology, Engineering, Computer Science, or a related discipline is preferred.
• Professional certifications in Information Security such as GCIH, GCIA, CISSP, Security+, SC-200, SC-900, or equivalent are preferred.
• Relevant cloud, incident response, threat hunting, or digital forensics certifications are considered an asset.

Responsibilities

• Monitor, triage, and investigate security alerts and events across SIEM, EDR, email security, identity, cloud, and network security platforms.
• Lead complex incident investigations, including scoping, containment coordination, root cause analysis, and post-incident follow-up activities.
• Perform advanced threat hunting and anomaly analysis to identify malicious activity, suspicious behaviour, and emerging attack patterns across enterprise environments.
• Develop, tune, and optimize detection logic, SIEM use cases, correlation rules, playbooks, and alerting processes to improve visibility and reduce false positives.
• Partner with infrastructure, cloud, networking, and application teams to support containment, eradication, and recovery activities during security incidents.
• Review and analyze endpoint, network, identity, and cloud telemetry to assess impact, determine attack paths, and support risk-based response decisions.
• Support incident response readiness through development and maintenance of investigation procedures, response playbooks, escalation paths, and documentation.
• Perform threat intelligence review and translate relevant indicators, tactics, techniques, and procedures into actionable detection and response improvements.
• Coordinate with internal stakeholders and external partners as required during investigations, including evidence gathering, case management, and reporting.
• Participate in 24x7 incident response support and provide senior-level operational guidance during major security events and escalations.
• Identify opportunities to improve SOC processes, detection coverage, automation, and analyst workflows to strengthen operational effectiveness.
• Collaborate with internal stakeholders and external service providers to strengthen security operations processes, detection coverage, and incident response effectiveness.