Current jobs related to Security Incident Response Analyst, Tier Ii - Toronto - Interac Corp.

  • Security Analyst Ii

    2 weeks ago

    Toronto, Canada Herjavec Group Full time

    Security Analyst II Canada **About the Company**: Cyderes is a global cybersecurity powerhouse offering comprehensive solutions around managed security, identity and access management, and professional services. Cyderes provides the people, process, and technology modern enterprises rely on to manage risk, maintain compliance, and respond to security...

  • Security Analyst, Tier 1 – Monitoring

    2 weeks ago

    Toronto, Ontario, Canada ISA Cybersecurity Full time $48,875 - $66,125

    About the Role:The function of the Security Analyst, Tier 1 – Monitoring & Triage is to be at the forefront of incident response, utilizing the latest in network security technology while providing Computer Network Defense and Information Assurance (IA) support to ISA's client base and internal network. This role involves a demanding schedule with a...

  • Cybersecurity Analyst Tier 2

    1 week ago

    Toronto, Canada ISA Cybersecurity Full time

    **About the Role**: The Cybersecurity Analyst - Tier 2 is responsible for gathering details needed to assess the scope of a cyber-attack and respond to severe attacks or those with high business impact. The Tier 2 role will clearly understand the customer’s environment (i.e. current security controls) and provide consultation on security controls required...

  • Manager, Security Incident Response

    2 weeks ago

    Toronto, Canada TechAlliance of Southwestern Ontario, London Economic Development Corporation Full time

    We are seeking an experienced Security Incident Response Manager to lead and manage our security incident response function. This role is critical to protecting our business, data, and clients by ensuring rapid, effective, and efficient responses to cybersecurity incidents and threats. The ideal candidate will have deep expertise in the incident response...

  • Manager, Security Incident Response

    3 days ago

    Toronto, Canada TechAlliance of Southwestern Ontario, London Economic Development Corporation Full time

    We are seeking an experienced Security Incident Response Manager to lead and manage our security incident response function. This role is critical to protecting our business, data, and clients by ensuring rapid, effective, and efficient responses to cybersecurity incidents and threats. The ideal candidate will have deep expertise in the incident response...

  • Manager, Security Incident Response

    4 days ago

    Toronto, Canada TechAlliance of Southwestern Ontario, London Economic Development Corporation Full time

    We are seeking an experienced Security Incident Response Manager to lead and manage our security incident response function. This role is critical to protecting our business, data, and clients by ensuring rapid, effective, and efficient responses to cybersecurity incidents and threats. The ideal candidate will have deep expertise in the incident response...

  • Senior Security Analyst, Incident Response

    3 weeks ago

    Toronto, Canada SAP SE Full time

    A global software company is seeking a Senior Security Analyst to focus on Security Incident Response in Toronto. This hybrid role requires a strong technological background, 5 years of experience in security incident response, and the ability to analyze complex security events. Ideal candidates must possess excellent analytical skills and communication...

  • Senior Security Analyst, Incident Response

    3 weeks ago

    Toronto, Canada SAP SE Full time

    A global software company is seeking a Senior Security Analyst to focus on Security Incident Response in Toronto. This hybrid role requires a strong technological background, 5 years of experience in security incident response, and the ability to analyze complex security events. Ideal candidates must possess excellent analytical skills and communication...

  • Information Security Manager

    2 weeks ago

    Toronto, Canada Celestica Inc. Full time

    SummaryInformation Security Manager(Incident Response)Detailed DescriptionPerforms tasks such as, but not limited to, the following:Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and...

  • Information Security Manager

    5 days ago

    Toronto, Canada Celestica Inc. Full time

    SummaryInformation Security Manager(Incident Response)Detailed DescriptionPerforms tasks such as, but not limited to, the following:Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and...

Security Incident Response Analyst, Tier Ii

2 weeks ago

Toronto, Canada Interac Corp. Full time

**Security Incident Response Analyst, Tier II**

At Interac, we design and deliver products and solutions that give Canadians control over their money so they can get more out of life. But that’s not all. Whether we’re leading real-time money movement, driving innovative commerce solutions like open payments for transit systems, or making advancements in new areas like verification and open banking, we are playing a key role in shaping the future of the digital economy in Canada.

The Security Incident Response Analyst, Tier II will be responsible to provide expert-level analysis, incident response, and strategic guidance within the Security Incident Management Team. This position plays a key role in monitoring, investigating, and responding to security events and incidents that may impact the confidentiality, integrity, or availability of our systems and services.

for overseeing the development, implementation, and management of comprehensive Insider Threat strategies and programs. This individual will play a critical role in identifying, assessing, mitigating, and responding to risks posed by trusted insiders—employees, contractors, or partners—who might intentionally or unintentionally cause harm to the organization.

**You'll be responsible for**:

- ** Incident Detection & Analysis**
- Monitor and investigate alerts from SIEM, EDR, and other security platforms.
- Perform triage of events and escalate based on severity and impact.
- ** Incident Response & Coordination**
- Respond to and contain security incidents under the guidance of senior analysts or incident leads.
- Support evidence gathering and documentation during incident investigations.
- Coordinate with internal IT, business units, and senior cybersecurity staff during incidents.
- ** Threat Analysis & Hunting (Supporting Role)**
- Assist with basic threat hunting activities, using known indicators and behavioral patterns.
- Leverage threat intelligence to contextualize incidents and alerts.
- ** Forensics & Recovery Support**
- Preserve logs and artifacts for deeper analysis or legal needs, following chain-of-custody procedures.
- ** Detection Tuning & Tooling**
- Recommend and implement improvements to alert logic, detection rules, and response playbooks.
- Contribute to the development of automated responses and investigation workflows.
- ** Collaboration & Continuous Improvement**
- Document and report on incidents, lessons learned, and remediation follow-ups.
- Participate in tabletop exercises and post-incident reviews.
- Collaborate with Tier I analysts and mentor junior staff as appropriate.
- Contributing to and supporting the implementation of access control mechanisms to enforce privilege and ensure that access to sensitive data is restricted to authorized individuals.
- Sundry Security Incident Management related duties as assigned.

**You bring**:

- ** Experience**
- 3-5 years of cybersecurity experience, with at least 1-2 years in security operations or incident response.
- Experience using tools such as Splunk, CrowdStrike, SentinelOne, or QRadar.
- Understanding of attack vectors (e.g., phishing, malware, lateral movement) and frameworks such as MITRE ATT&CK, **Cyber Kill Chain**,**NIST 800-61**,**and threat intelligence lifecycle.
- Familiarity with cloud environments (Azure, AWS) is an asset.
- Experience working in or supporting a SOC environment.
- ** Education & Certifications**
- Degree or diploma in Computer Science, Cybersecurity, or related field—or equivalent practical experience.
- One or more of the following certifications (or actively pursuing):

- Security+, Network+, or similar foundational certifications
- ** Skills & Competencies**
- Strong analytical and troubleshooting skills.
- Effective communicator, able to write clear reports and escalate issues effectively.
- Familiarity with NIST 800-61, Cyber Kill Chain, or similar response frameworks.
- Exposure to scripting (e.g., PowerShell, Python) for investigation and automation is a plus.
- Practical **threat hunting** experience using SIEM, EDR, NDR, and threat intelligence platforms.
- Familiarity with **regulatory environments** relevant to Canadian financial institutions (e.g., OSFI, PIPEDA, PCI DSS, SOC 2).
- Experience in insider threat frameworks (CERT, NITTF) and security best practices.
- Experience / knowledge in Offensive Tactics such as network reconnaissance, software and service exploitation, backdoors, malware usage, and data exfiltration techniques.
- Experience / knowledge in Defensive Tactics, including more detailed knowledge of network communication, extensive knowledge of IDS operation and mechanics, IDS signatures, and statistical detection.
- Experience / knowledge in Malware Analysis, must be able to perform a higher level of malware analysis, both dynamic and static
- Experience / exposure in Host-Based Forensics, including hard drive and file system forensics, memory forensics, and incident timeline creation. Knowledge on how to pre