hero

Canada's Talent Marketplace

Find your next role at Canada's fastest-growing tech companies
Create talent profile Search corporate roles
companies
Jobs
Search 
jobs
Explore 
companies
Join talent network
Talent
My job alerts

JSOC - Senior Cybersecurity Specialist - Incident Response

Flexiti Financial

Flexiti Financial

Canada · North York, Toronto, ON, Canada
CAD 95,920-119,899 / year
Posted on Apr 1, 2026

What’s in it for you as an employee of QFG?

  • Health & wellbeing resources and programs

  • Paid vacation, personal, and sick days for work-life balance

  • Competitive compensation and benefits packages

  • Work-life balance in a hybrid environment with at least 3 days in office

  • Career growth and development opportunities

  • Opportunities to contribute to community causes

  • Work with diverse team members in an inclusive and collaborative environment

We’re looking for our next Senior SOC Specialist. Could It Be You?

Your contribution delivering sustainable and measurable results in the following areas will be very important:

Identifying and responding to cyber threats - safeguarding our company's infrastructure and data. You will be primarily involved in supporting the alert development cycle, triaging and investigating alerts, managing the full incident response lifecycle (investigation, containment, eradication, and recovery) and collecting and tracking metrics for reporting. You will be working alongside internal customers and our vendor support teams to ensure we are utilizing our security tools in accordance with corporate policies and growing business needs. You will work closely with Cybersecurity and IT teams to align priorities and execute plans for new initiatives, as well as contribute to process improvements and build documentation for new tools.

Need more details? Keep reading…

You will:

  • Mentor and provide technical guidance to junior SOC analysts.

  • Monitor, analyze and report possible cybersecurity attacks.

  • Investigate and perform analysis of threat indicators.

  • Gather Indicators of compromise and any relevant data to use with threat hunting activities.

  • Leverage security tools (Elastic, CrowdStrike and more) for analysis to identify malicious activities.

  • Analyze identified malicious activity to determine Tactics, Techniques and Procedures.

  • Conduct research, analysis and correlate gathered data from various resources to determine the impact of the incident.

  • Execute containment and eradication actions following established playbooks.

  • Participate in on-call and hands-on scheduled shift rotations, including outside of business hours.

  • Coordinate Security Incident Response and investigation with other internal teams and 3rd party providers.

  • Document incident timelines, evidence, and actions taken for post-incident review.

  • Perform post-incident reviews and produce lessons-learned reports.

  • Maintain and improve incident response playbooks and runbooks.

  • Participate in tabletop exercises and IR simulations.

  • Provide proactive security investigation and searches on corporate environments to detect malicious activities.

  • Maintain up-to-date understanding of security threats, countermeasures, security tools, cloud security and SaaS technologies.

  • Maintain technical proficiency through training, keeping up with industry best practices, and security frameworks.

  • Communicate investigation findings and risk posture to technical and non-technical stakeholders.

  • Own and report on SOC operational metrics (MTTD, MTTR, alert fidelity).

So are YOU our next Senior SOC Specialist, Incident Response? You are if you…

  • 5+ years of relevant experience in performing Cybersecurity Incident Response and Threat Hunting activities in a complex incident management or Security Operations Center environment.

  • Experience in the creation and fine-tuning of detection rules.

  • Practical experience integrating security tools via APIs for automation, and familiarity with Security Orchestration, Automation, and Response (SOAR) concepts.

  • Experience with complex investigations and incident response using EDR tools such as CrowdStrike Falcon and SIEM tools such as Elastic Security (KQL, ESQL, Timeline analysis).

  • Experience with forensic triage (disk, memory, network) and multiple operating systems (Mac, Linux, Windows).

  • Experience with building SOC processes, playbooks, SIEM correlation rules, and incident reports.

  • Proven experience in incident management and communication under pressure.

  • Knowledge of programming languages such as Python, JavaScript and others.

  • Knowledge of NIST Cybersecurity Framework, MITRE ATT&CK.

  • Knowledge of security products and device monitoring tools including Firewalls, IDS/IPS, Phishing and e-mail security, content filtering, DDoS, WAF, and more.

Brownie points if you have...

GCIH, GCED, CCFR, HTB CDSA, GCFA, CHFI or similar relevant certifications.

Compensation Information:

  • Base salary range: $95,920 - $119,899

  • The final compensation package will be commensurated with the successful candidate's experience, skills, and geographic location (Canada). It includes a comprehensive benefits plan and a competitive incentive (bonus) program for Full-Time Permanent roles.

Sounds like you? Click below to apply!

#LI-Hybrid #LI-MM1

See more open positions at Flexiti Financial
Privacy policyCookie policy