Cybersecurity Incident Responder Location: Markham, ON (Hybrid Work Environment) 3 days per week in office Contract - 6 months, starting July 2025 Were looking for a skilled and proactive cybersecurity professional to join our Cybersecurity Operations team. This role is ideal for someone with hands-on experience managing high-severity (Tier 3) security incidents and a strong background in using advanced incident response tools. The position also involves supporting investigations into internal fraud and financial crimes that involve digital elements. Participation in a rotating on-call schedule is required to ensure rapid response around the clock. Key Responsibilities Lead the response to complex cybersecurity incidents and deliver clear, concise reports to leadership and stakeholders. Evaluate and respond to escalated alerts from external security service providers, determining the scope, impact, and appropriate containment and recovery actions. Optimize and maintain incident response platforms such as EDR, SIEM, and SOAR by refining configurations and improving detection capabilities. Perform deep-dive technical investigations to uncover root causes, attack vectors, and adversary tactics and techniques. Remain vigilant during shifts and on-call periods to ensure timely and effective incident handling. Collaborate with internal departments such as Privacy, Risk, and Financial Crime to support broader investigations involving cyber threats. Adapt quickly to evolving threats and a fast-paced operational environment. What You Bring Minimum of 2 years of direct experience in cybersecurity incident response, ideally within a large enterprise or financial services setting. Strong technical foundation in network security, threat analysis, and vulnerability management. Proven ability to assess and triage security alerts, determine business impact, and implement effective containment and remediation strategies. Hands-on experience with EDR, SIEM, and SOAR tools, including tuning and rule development. Expertise in conducting forensic investigations and identifying threat actor behaviors. Excellent communication and collaboration skills, with the ability to manage multiple incidents simultaneously. Industry-recognized certifications such as CISCP, OSCP, CIH, CHFI, or equivalent (completed or in progress). Additional experience in threat hunting, threat intelligence, or digital forensics is a strong asset. Education & Certifications A degree in Computer Science, Computer Engineering, or a related discipline is preferred. Cybersecurity certifications focused on incident response are highly desirable. Familiarity with the insurance or financial services industry is a plus.
Job Title
Cyber Security Analyst