Principal Cybersecurity Specialist

Principal Cybersecurity Specialist – Security Operations Centre Questrade Financial Group (QFG) offers securities, foreign‑currency investment, mortgages, real‑estate services, and more. We use cutting‑edge technologies to create innovative products that give customers simple, affordable ways to take control of their money. At QFG, you will help bring the future of fintech to life in a collaborative, forward‑thinking environment that values AI and creativity. Benefits Health & wellbeing resources and programs Paid vacation, personal, and sick days Competitive compensation and benefits packages Career growth and development opportunities Opportunities to contribute to community causes Inclusive and collaborative workplace culture Responsibilities Administer cybersecurity tools used by the Joint Security Operations Centre, including EDR, vulnerability scanning, and attack surface management. Oversee system upgrades, expand capabilities, monitor system health, troubleshoot issues, and manage user access. Conduct alert investigation, incident response, threat hunting, and cyber threat intelligence research. Work with internal customers and vendor support teams to align tool usage with corporate policies and business needs. Provide metrics on system management and ticket resolution. Collaborate with Cybersecurity and IT teams to prioritize new initiatives and improve processes. Document new tools and processes. Develop and maintain SIEM, EDR, firewall, and other security tool playbooks. Participate in on‑call rotations and shift schedules, including off‑business hours. Research, analyze, and correlate threat data from internal and external sources. Lead security incident investigations, prepare reports, and coordinate with internal teams and third‑party providers. Onboard and monitor cloud environments (Azure, AWS, GCP) into SIEM. Review and tune security controls, identify misconfigurations, and recommend improvements. Respond to tool support tickets and provide proactive security investigations. Maintain technical proficiency and stay current with industry best practices, frameworks, and security technologies. Report team metrics to the CISO leadership and IT & Cyber GRC teams. Report all applicable compliance obligations. Qualifications 6+ years of experience in cybersecurity operations, threat intelligence, incident response, and threat hunting within a SOC or complex incident‑management environment. Strong knowledge of the NIST Cybersecurity Framework and MITRE ATT&CK. Experience building SOC processes, playbooks, SIEM correlation rules, and incident reports. Knowledge of security products and monitoring tools such as firewalls, IDS/IPS, phishing/email security, content filtering, DDoS, WAF, and more. Experience with security incident investigation and working with vendor teams. Ability to analyze data sets and prepare metrics and reports (e.g., Excel, Power BI). Experience in cloud security logging and monitoring. Experience using Atlassian products, especially JIRA and Confluence. Strong technical and learning agility, adapting to evolving threats and technologies. In-depth understanding of IT security and risk infrastructure. Preferred Qualifications Certifications such as CEH, CSA, CHFI, or ECIH. Programming skills in Python, JavaScript, or similar languages. Hands‑on expertise with EDR, vulnerability scanning, cloud‑based scanning, data loss prevention, attack surface management, network scanning, incident response, SIEM, and access management tools. Experience with AI/ML technologies for threat detection, response, and prevention. Workflow automation experience with tools such as Cursor or n8n. At Questrade Financial Group of Companies, we are committed to fostering a diverse, inclusive, and accessible work environment. All qualified applicants will receive equal opportunity and consideration for employment. Sounds like you? Click below to apply #J-18808-Ljbffr