Job Title: SOC MDR L2 Analyst
Location: Downtown Toronto (onsite 3 days per week)
Term: 10-month (extendable)
Description
Our client is an industry leading firm that serves clients on a variety of specialized projects that help them to work smarter, grow faster and compete better.
Why join their contract workforce?
– Interesting work: Deliver work that matters to you. We provide the opportunity to get involved in highly technical, complex and interesting projects where you can leverage your specific skillset and expertise to add value.
– Enrich your skills: Access to best-in-class technology, market intelligence and resources to advance your unique technical skills and expertise. Work alongside diverse, passionate and highly skilled professionals working together to drive innovation.
– Flexible opportunities: Find projects that match when and where you want to work.
The opportunity:
We are looking for a dynamic, experienced Cyber security professional to join our growing Cyber Security Services team as a SOC Level 2 Senior Analyst. Our client’s leading cyber security practice provides a comprehensive suite of cyber security services, from cyber governance, strategy, defense and response, through to complete end-to-end cyber security transformation services. This is a 10 month contract with possibility of extension, presence at our Toronto downtown office is required 3 days a week (not specific days). Lastly, availability to work shifts starting between 2pm-10pm EST is required occasionally to cover incident response outside of regular business hours, the team will provide notice in advance.
What you will do:
- Serve as the primary point of contact during high-severity incidents, ensuring swift containment and resolution in collaboration with the CSIRT team, if necessary.
- Assess escalated issues from L2 SOC analysts to determine increased risk to the business.
- Review log data against security technology rules, proposing enhancements to threat detection.
- Collaborate with SIEM Engineers to fine-tune security events and improve alert detection rates.
- Develop and maintain incident response playbooks, identifying areas for improvement and suggesting task automation.
- Work closely with CTI teams to enhance our threat detection, suggesting threat use cases development based on Tactics, Techniques, Procedures (TTPs).
- Analyze critical events and security tickets to evaluate the effectiveness of incident management processes and suggest improvement plans.
- Stay updated on security threats, countermeasures, security tools, and advancements in Cloud Security and SaaS technologies.
- Track incidents against frameworks such as SANS and MITRE ATT&CK.
- Provide technical and thought leadership within the SOC, guiding and teaching other analysts.
Your qualifications:
- Over 7 years of highly technical experience in a SOC environment.
- Relevant certifications such as CISSP, CISM, SANS, CISA, CompTIA Security+, or CompTIA CySA+, GIAC.
- Hands-on experience with Microsoft Sentinel or other SIEM and SOAR technologies.
- Proficient in Microsoft Defender Endpoint, CSPM/CWP, or similar technologies, with a focus on vulnerability assessment and recommendation.
- Experience in malware analysis and reverse engineering.
- Business development expertise, including research, analysis, and proposal writing.
- Evaluation of control frameworks, risk assessment, and opportunities for enhancement.
- Enterprise asset lifecycle management knowledge, including patch management, vulnerability management, security architecture, and endpoint management.
- Expertise in cloud transformation, architecture, and security operations.
- Leadership experience in managing complex projects.
- Strong communication skills, effectively presenting strategies, solutions, and insights to stakeholders.
- Leadership role experience, providing mentorship and knowledge sharing to the team and junior/intermediate analysts.
The pay range that the employer reasonably expects to pay for this position is between and
Our voluntary benefits offering includes medical, dental, vision and retirement benefits.
Applications will be accepted on an ongoing basis.
Tundra Technical Solutions would like to thank you for the interest you have demonstrated in this opportunity. However, only candidates with the required skills will be contacted.
Tundra Technical Solutions is an Equal Opportunity/Affirmative Action Employer. We welcome and encourage diversity in our workplace.
Not interested in this position, but know somebody who might be? Check out our Referral Reward Program, referrals are a big secret behind our success. As always, we’re on the lookout for great people. And we know that you know great people!
Tundra Technical Solutions is among North America’s leading providers of Information Technology and Engineering staffing and consulting services. Our success and our clients’ success are built on a foundation of service excellence. Rather than continually trying to sell to new clients and companies and simply filling databases with candidates, we focus on developing stronger relationships and deeper knowledge of our existing clients’ challenges and opportunities.
Open ears. Open minds. Open futures