Sr. Security Operations Engineer, Incident Response
New
Canada, Pacific Time Zone operational coverageFull-TimeSenior
Salary150,000 - 200,000 CAD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- Minimum 5 years
- Required Skills
- AWSPythonElasticSearchKubernetes
Requirements
- Minimum 5 years of experience in Security Operations, Detection & Response, or Incident Response roles within cloud-based environments
- Strong hands-on experience investigating and responding to security incidents in AWS and Kubernetes/EKS environments
- Proven ability to lead incident response efforts, including containment, remediation, and coordination across multiple teams
- Experience with security monitoring and detection tools such as Splunk, Elastic, SentinelOne, CrowdStrike, or similar SIEM/EDR platforms
- Solid understanding of cloud security principles, threat detection, and real-world attack scenarios
- Strong analytical and investigative skills with the ability to correlate data from multiple security sources
- Experience improving automation within security operations workflows using scripting languages such as Python
- Familiarity with Infrastructure-as-Code concepts and cloud-native operational practices is considered an asset
- Excellent communication and collaboration skills with the ability to explain complex security concepts clearly to diverse audiences
- Ability to work effectively in a remote-first environment while aligning with Pacific Time Zone operational coverage
Responsibilities
- Lead and manage security incidents end-to-end, including detection, triage, containment, remediation, and post-incident analysis
- Act as incident commander during critical events, coordinating technical teams and driving effective decision-making under pressure
- Conduct in-depth investigations across cloud, endpoint, and infrastructure environments to identify root causes and assess business impact
- Collaborate with observability and automation teams to improve detection quality, reduce alert fatigue, and develop automated incident response workflows
- Contribute to the development and enhancement of incident response playbooks, runbooks, and operational documentation
- Work closely with security, infrastructure, and engineering teams to identify vulnerabilities, improve resilience, and strengthen overall security operations
- Communicate clearly and effectively with both technical and non-technical stakeholders during active incidents and post-incident reviews
- Support continuous improvement initiatives focused on operational efficiency, automation, and cloud security best practices
View Full Description & ApplyYou'll be redirected to the employer's site
