Lead Cyber Security Engineer
6 days ago
The Lead Cyber Security Engineer – Cyber Defense is responsible for designing, fixing and maintaining tools and processes to ensure fast and flawless cyber security threat detection, investigation and response along with keeping systems related to cyber operations up-to-date and effective. Their primary responsibilities will be integrating new vendors/tools with SIEM, troubleshooting SIEM-related technology stack, onboarding new log sources, leading projects for new initiatives, architecting new and existing designs, keeping SIEM-related content and configurations up-to-date and working with security engineering team to make sure that detection capabilities are tuned and enabled. They will also automate processes related to security operations to increase effectiveness of detection and response. Main Activities:
- Perform the day-to-day engineering responsibilities related to threat detection and response including threat intelligence, security event correlation (SIEM), security monitoring, security analytics (UEBA), threat hunting, security investigations and security incident response
- Continuously monitor health alerts and events of various systems related to SIEM and Cyber Defense Centre tools/vendors
- Lead the engineering for cyber security, including but not limited to SIEM for updates, configurations, maintenance and troubleshooting
- Investigate and fix broken processes, automations, connectors, automations either individually or collaborating with other teams to mitigate the impact to the security operations
- Provide post-troubleshoot and post-maintenance reports and lessons learned to improve cyber engineering efforts
- Maintain documentation of operational procedures and similar references, including cyber engineering, log onboarding, troubleshooting, architectural designs etc.
- Collaborate with external partners, vendors, government agencies, and private organizations to stay ahead of emerging updates, migrations, changes and configurations to keep the systems effective and up to date
- Provide input to the strategic designs and architectures regarding cyber defense operations, plans and roadmaps for all engineering functions.
- Provide technical expertise and technology investment recommendations for new technologies and systems.
- Lead and contribute to the planning and execution of projects to build and/or improve threat detection and response capabilities.
- Design and implement automation needs required by cyber defense operations
- Design and implement dashboards, reports, monitoring needed in Sentinel workbooks
- Monitor and respond to onboarding requests from internal teams required by compliance/risk purposes
- Provide support and evidence for requirements for internal/external audit requests
- On call, off-hours and/or shift work will be required.
- Stay current on the cyber security threat landscape, including the latest attacker tactics, techniques and procedures, and the controls that may serve as effective countermeasures.
- Practice continual improvement for cyber defense practices, and participate in activities to identify improvements, including internal measurement practices, security practice reviews and internal/external audits.
- Training/degree/diploma/certificate in Computer Science, Cyber Security/Engineering or related field
- A minimum six (6) years in an information/cyber security engineering role
- SANS SEC511 or SEC530, Microsoft AZ-500 or AZ-305, ISC2 SSCP or similar certification is preferred
- Extensive experience in Azure logic app design and configurations
- Extensive experience in Microsoft Sentinel KQL
- Extensive technical expertise in Azure services and portals such as Defender for Cloud, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps and Defender for IoT, Sentinel, Log Analytic Workspace, Azure monitoring, Data Collection Rules, Azure Entra ID, Azure policies, Enterprise apps and registrations
- Ability to code in python
- Ability to work in a fast-paced environment with minimal guidance and supervision.
- Experience in at least two of the following disciplines in terms of security engineering: threat intelligence, security event correlation (SIEM), security monitoring, threat hunting, security analytics (UEBA), security investigations and security incident response.
- Ability to adapt to constantly changing technical, regulatory, and compliance environments.
- The incumbent is expected to interact with all employees including executives and thus good verbal and written skills are important.
- Experience working in a banking or financial services environment is an asset
- Strong technical background in encryption technologies, network communication protocols (SMTP, DNS, HTTP/s and IP), and Azure services (Sentinel, diagnostics, storage accounts and identities)
- Ability to think out of the box for solutions to technical problems
- Experienced in NIST CSF, Mitre and Cyber Kill Chain
- Ability to work independently without the need for direction from supervisors or other managers in the projects and technical configurations
- Ability to manage, deploy and configure Linux systems and trouble shoot issues on Linux systems
-
Cyber Security
1 week ago
Toronto, Ontario, Canada TECONICA SOFTWARES Full time $80,000 - $120,000 per yearJob Description – Cyber Security SIEM Solutions Data ExpertObjective:The Cyber Security SIEM Solutions Data Expert interfaces between internal platform architects and the Cyber Intelligence Response Centre. The role involves interpreting raw data into actionable security insights and improving detection of anomalies and incident response.Key...
-
Cyber Security Analyst
2 weeks ago
Toronto, Ontario, Canada EQ Bank | Equitable Bank Full time $90,000 - $120,000 per yearJoin a Challenger Being a traditional bank just isn't our thing, so we challenge ourselves to get creative in providing innovative banking solutions for Canadians How do we get there? With a talented team of inquisitive and agile challengers that break through the status quo. So, if you're passionate about redefining the future of banking—while having...
-
OT Cyber Security Advisor
2 weeks ago
Toronto, Ontario, Canada Hitachi Rail Full time $120,000 - $180,000 per yearAbout UsA career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there's something for everyone to get stuck...
-
Senior Cyber Security Engineer
6 days ago
Toronto, Ontario, Canada TD Full time $91,200 - $136,800 per yearWork Location:Toronto, Ontario, CanadaHours:37.5Line of Business:Technology SolutionsPay Details:$91,200 - $136,800 CADThis role is temporarily eligible for a pay premium above the posted salary range that is reassessed annually. You are encouraged to have an open dialogue with your recruiter who can provide more specific pay details for this role.TD is...
-
OT Cyber Security Advisor
2 weeks ago
Toronto, Ontario, Canada Hitachi Full time $120,000 - $180,000 per yearAbout UsA career at Hitachi Rail will help create a legacy. With operations in every corner of the world, our work goes to the cutting-edge of digital transformation and technology. From the multi-cultural strength of our global organisation to the sustainable and innovative ways we work to bring people together, there's something for everyone to get stuck...
-
Security Engineer
2 days ago
Toronto, Ontario, Canada Linxus Group Full time $80,000 - $120,000 per yearJob Opportunity: Security Engineer (Remote)We are currently seeking an experienced Cyber Security Engineer for a remote full-time position in Ontario, Canada. Our client, a leading SaaS company operating out of Toronto, specializes in providing innovative cloud-based solutions to businesses worldwide. Operating remotely across Ontario, the successful...
-
Cyber Security Risk Analyst
6 days ago
Toronto, Ontario, Canada S&P Global Full time $120,000 - $180,000 per yearAbout the Role:Grade Level (for internal use): 10S&P Dow Jones IndicesThe Role: Cyber Security EngineerThe Team:Are you passionate about cyber security? Do you enjoy solving complex problems and collaborating with diverse teams? The Cyber Security Risk Analyst will support and help coordinate activities across the department to drive process improvement. The...
-
Cyber Security Analyst
6 days ago
Toronto, Ontario, Canada RANA SOFT CONSULTING Full time US$80,000 - US$100,000 per yearCompany DescriptionWe suggest you enter details here.Role DescriptionThis is a full-time, on-site role based in Toronto, ON, for a Cyber Security Analyst. The primary responsibilities include monitoring and responding to security incidents, analyzing threats and vulnerabilities, performing malware analysis, implementing application security measures, and...
-
Manager, Cyber Security and Risk Management
2 weeks ago
Toronto, Ontario, Canada Toronto District School Board Full time $120,000 - $180,000 per yearNo.: SCH II NEPOSTED: October 7, 2025DEADLINE: 4:30 p.m. October 28, 2025Manager, Cyber Security and Risk Management1 – Permanent PositionsInformation Technology ServicesSchedule II, Level 10(Non-Union, 12 Month)$131,013 - $157,199The Toronto District School Board adheres to equitable hiring, employment and promotion practices.Reporting to the Senior...
-
Senior Cyber Security Engineer
2 weeks ago
Toronto, Ontario, Canada TD Full time $91,200 - $136,800 per yearLieu De TravailToronto, Ontario, CanadaHoraire37.5Secteur D'activitéSolutions technologiquesDétails De La Rémunération$91,200 - $136,800 CADCe poste est temporairement admissible à une prime supérieure à l'échelle salariale publiée, qui est réévaluée chaque année. Nous vous encourageons à avoir une conversation franche avec votre recruteur qui...
