Threat Detection and Response Analyst

Tucows

10d•$114,300 - $1,312,400•Remote

About The Position

As a Threat Detection and Response Analyst, your primary focus will be to proactively identify, investigate, and mitigate advanced threats within Tucows’ environment. You will be part of the larger Information Security team, playing a key role in detecting and responding to sophisticated adversaries that evade traditional security controls across our complex environments. You will collaborate with cross-functional teams to strengthen our defenses, enhance detection capabilities, and ensure compliance with established security frameworks and policies. This role requires participation in our 24/7 on-call rotation for incident response. You’ll thrive in this role if you enjoy deep technical investigation, pattern recognition, and staying ahead of evolving cyber threats. This is a remote position for applicants based in Canada or USA.

Requirements

Deep understanding of adversary tradecraft, the MITRE ATT&CK framework, and modern threat landscapes.
Experience with SIEM, EDR, and cloud-native detection tools (e.g., CrowdStrike, Alienvault, AWS GuardDuty, Azure Defender, Elastic, etc.).
Strong analytical and investigative mindset with the ability to connect technical indicators to strategic insights.
Familiarity with scripting languages (Python, PowerShell, etc.) for automating hunts and data analysis.
Knowledge of network protocols, operating system internals, and log analysis.
Excellent written and verbal communication skills with the ability to translate complex findings into clear risk narratives.
Demonstrated ability to work both independently and collaboratively in a fast-moving environment.
Bachelor’s degree in Cybersecurity, Computer Science, or a related field (or equivalent experience).
5–8 years of experience in cybersecurity, including 3+ years focused on threat hunting, detection engineering, or incident response.

Nice To Haves

Relevant certifications are a plus (e.g., GCFA, GCTI, GNFA, OSCP, or equivalent).

Responsibilities

Perform cybersecurity threat detection, analysis, and mitigation as part of a global, around-the-clock security team.
Perform proactive threat hunting across Tucows’ systems, networks, and cloud environments to detect hidden or emerging adversarial activity.
Investigate potential security incidents using a wide range of tools, logs, and techniques across cloud and on-premise environments.
Collaborate with other Security Analysts and Security Engineering personnel to triage, contain, and remediate identified threats.
Develop and tune custom detection rules, scripts, and playbooks to improve threat visibility and response effectiveness.
Design, build, and maintain scalable detection logic across SIEM and EDR platforms.
Conduct proactive threat hunting to detect potential adversary activity within the environment.
Design, test, and improve security detections, playbooks, and automation workflows to enhance response capabilities and reduce detection gaps.
Review and triage alerts and logs, escalating significant incidents.
Monitor external service providers for suspicious activity or potential security events.
Perform continuous analysis of threat intelligence, tactics, techniques, and procedures (TTPs) to anticipate attacker behavior.
Utilize Cyber Threat Intelligence sources and workflows to augment detection and response.
Document and communicate findings with clear technical and business context, recommending long-term preventive actions.
Contribute to purple team exercises, attack simulations, and post-incident reviews to enhance defense-in-depth capabilities.
Mentor junior analysts and foster a culture of curiosity, learning, and shared security ownership.