SOC L2 Analyst responsible for security monitoring and incident investigation. Analyzing escalated alerts, conducting correlation with SIEM, and executing response actions.
About the role
- Security Engineer safeguarding AWS environments for Genesys Cloud mission. Handling advanced threats and collaborating with SecDev, PenTest, DevOps, and SRE teams.
Responsibilities
- Protecting the trust our customers place in Genesys Cloud requires constant vigilance, technical depth, and proactive defense
- Safeguard a global SaaS platform by identifying advanced threats, strengthening identity controls, and driving resilient cloud security architecture
- Conduct proactive threat hunting across AWS environments using SIEM, EDR, and cloud-native telemetry to identify and disrupt sophisticated threat activity
- Investigate AWS GuardDuty findings and lead root cause analysis of security events, translating threat actor tactics, techniques, and procedures into actionable containment strategies
- Develop and maintain threat intelligence feeds and indicators of compromise to strengthen detection capabilities and reduce dwell time
- Execute quarterly vulnerability assessments and network segmentation scans, driving remediation to measurable risk reduction outcomes
- Identify cloud misconfigurations and implement structured ticketing workflows to ensure timely and traceable remediation
- Audit AWS IAM policies, service roles, and trust relationships to enforce least privilege and reduce identity-based attack surfaces
- Utilize Identity Security Posture Management practices to detect over-privileged accounts, dormant identities, and authentication misconfigurations
- Enhance detection tooling configurations across EDR and SIEM platforms to improve signal quality and operational efficiency
- Monitor cloud security services for regression or control gaps and implement persistent validation mechanisms
- Support incident containment, eradication, and recovery efforts using IAM-centric response methods such as credential rotation and session revocation
- Collaborate with SecDev, PenTest, DevOps, and SRE teams to embed automation and strengthen secure-by-design practices
Requirements
- Demonstrate mid-level experience securing AWS cloud environments within a SaaS or enterprise setting
- Apply strong knowledge of Linux systems administration and foundational security principles including OWASP Top 10
- Utilize EDR platforms such as CrowdStrike, SentinelOne, or Rapid7 and cloud SIEM technologies such as Splunk, Datadog, or Sumo Logic
- Analyze threat actor behavior and perform structured root cause analysis to drive lasting remediation
- Operate independently while managing security initiatives with minimal oversight
- Communicate technical findings clearly to both technical and non-technical stakeholders
- Work effectively within regulated environments and adhere to defined architectural and security standards
Benefits
- Comprehensive extended group health coverage
- Generous paid time off, including vacation and personal leave
- Retirement savings program with employer RRSP matching up to a prescribed maximum amount
- Family-friendly benefits, including parental leave top-up and adoption assistance
- Growth and development opportunities through access to learning resources and internal mobility programs
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cyber Security Specialist protecting digital estate from threats at the University of Edinburgh. Focused on identifying and mitigating cyber risks while supporting teaching and research services.
Lead Specialist in Security Operations, enhancing detection engineering and incident response at Pearson. Collaborate with teams and drive process improvements in a high - paced environment.
Cybersecurity Incident Response Analyst detecting and responding to cyber threats at NOV. Collaborating using AI tools to enhance cybersecurity operations across IT, cloud, and OT environments.
Security Engineer II at AvidXchange enhancing security operations and incident response. Collaborating with teams to develop, tune and improve security monitoring and automation capabilities.
Director leading security operations strategy and overseeing investigations at Ford Motor Company. Responsible for global investigations, crisis management, and team leadership.
Cloud Security Engineer at Artemys designing and maintaining secure Azure infrastructures, overseeing security monitoring and incident management.
Lead global Cyber Detect and Respond team at Assa Abloy, ensuring timely incident response and security compliance. Oversee operations while collaborating across IT and business functions for effective threat management.
Lead Cybersecurity Analyst responsible for technical leadership of a 24x7 SOC team at AT&T. Drive operational standards, incident response, and continuous improvement initiatives.
Senior Security Operations Center Analyst protecting computer systems and data through investigation and incident response. Collaborating with IT leaders and mentoring junior analysts in security operations.