Senior SOC Engineer – Cloud Security & AI Automation
Job Description
Senior SOC Engineer – Cloud Security & AI Automation
📍 Location: Toronto preferred (2 days/week onsite)
💰 Compensation: Competitive base + bonus + vacation
Are you a deeply technical SOC Engineer who thrives in hands-on environments and loves building next-gen security systems from the ground up?
We are looking for a Senior SOC Engineer to help lead the charge on building and automating our AI-enabled security infrastructure. This isn’t a coordination or oversight role — we need someone who’s in the trenches: deploying tools, tuning alerts, writing scripts, and leading real-time investigations.
This is a high-impact opportunity to join a global security team at a pivotal moment of growth. You’ll be the boots-on-the-ground expert, while helping shape the next evolution of our cloud and detection infrastructure.
🔍 What You’ll Be Doing:
Lead enhancement of security incident management tools, workflows, and response strategies
Act as Security Incident Commander during major investigations
Design and maintain SIEM tooling, detection logic, and automation systems
Integrate AI/GenAI to enhance alerting, triage, and response workflows
Build out detection engineering capabilities using modern tools and scripting
Mentor teammates and drive security excellence across the org
Participate in on-call rotation for escalated incidents
✅ What You MUST Bring:
We’re looking for builders. People who know the tools because they’ve used them.
Hands-on experience REQUIRED with:
Microsoft Defender – You’ve tuned it, deployed it, and responded to live alerts
CrowdStrike – You’ve configured it, monitored it, and dug into real incidents
Cloud-native security in AWS – You’ve worked with CloudFormation, Docker/K8s, and the ELK stack
Python scripting – You’ve written your own automation and can walk us through a sample
Unix/Linux – You live in the command line and have used it to investigate real threats
Plus:
10+ years in security, including end-to-end incident response
Deep knowledge of frameworks like MITRE ATT&CK or Cyber Kill Chain
Experience integrating AI or automation into detection/response workflows
Strong communicator
Apply now by sending your resume to tinak@corgta.com
