Sr. Cyber Security Engineer in CANADA

A dynamic IT Services Firm, with clients in 21 states, managing about 65K endpoints, is seeking an experienced Sr. Cyber Security Engineer that would function as the team’s Subject Matter Expert on Incidence Response and Management. You would spearhead the team’s response to security incidents and be a point of escalation to assist junior analysts in responding to cyber security threats. This role requires a strong technical background in cybersecurity and the ability to collaborate effectively with cross-functional teams.

There is lots of room for growth within the company as the company expands their security offerings to their clients. Work with a fun tech savvy team, plus excellent compensation. This is a fully remote opportunity.

Responsibilities:

• Lead incident response efforts to promptly identify, contain, and mitigate security incidents, minimizing impact and ensuring timely communication to stakeholders.
• Manage the security incident response procedures. Develop and maintain incident response plans, run tabletop exercises, and continuously improve response processes.
• Conduct regular risk assessments to identify vulnerabilities and potential threats within client environments.
• Ensure compliance with industry regulations (e.g., GDPR, HIPAA) and client-specific security requirements.
• Implement and manage security monitoring tools to detect and respond to security events and anomalies.
• Regularly review logs and alerts, investigating potential security breaches.
• Implement NIST cybersecurity framework
• Manage the SOC2 requirements and implementation
• Perform third party and vendor security assessment
• Manage endpoint protection system
• Manage security awareness and phishing simulation across the organization
• Perform the self control assessment and security internal audits
• Assist the Director of Security with building a cybersecurity team to achieve the above responsibilities.
• Assist the Director of Security to develop, review and improve the cybersecurity policies and procedures

Skills:

• 5 years + experience as a cybersecurity analyst or engineer.
• 1-3+ years of experience being a point of escalation
• Experience writing policies & procedures, playbooks and response plans.
• Certifications (at least one of the following): Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Certified Information Security Manager (CISM), GIAC Certified Incident Handler (GCIH) – Preferred, Certified Information Systems Auditor (CISA), CompTIA Security+
• Experience with security incident response, vulnerability management, and security monitoring tools.
• Ability to investigate and respond to security incidents, perform forensic analysis, and implement incident response procedures.
• Understanding of network protocols, firewalls, intrusion detection/prevention systems (IDS/IPS), and network security architecture.
• Knowledge of threat landscapes, emerging security trends, and the ability to analyze and respond to security incidents.
• Proficiency in conducting risk assessments, identifying vulnerabilities, and recommending mitigation strategies.
• Familiarity with industry-standard frameworks such as NIST Cybersecurity Framework, ISO 27001, and PCI DSS.
• Experience with security tools such as SIEM (Security Information and Event Management), endpoint protection, data loss prevention (DLP), and intrusion detection systems (IDS).