Senior SOC Engineer

🚨 Senior SOC Engineer – Cloud Security & AI Automation
Location: Toronto (Hybrid – 2 days/week in-office)
Type: Full-Time | Permanent
Are you a hands-on SOC Engineer with a passion for building, automating, and leading next-gen security operations?
We’re looking for a Senior SOC Engineer who’s more than just a responder. We want someone who builds, scripts, configures, tunes, and owns the tooling from end to end.
This isn’t a SOC Analyst role. This is an engineering-first position for someone who’s rolled up their sleeves and solved complex security problems hands-on — not just worked with vendors or supervised teams.
🔍 What You’ll Be Doing:
Build, enhance, and own incident response systems and SOC tooling
Lead high-impact investigations as a Security Incident Commander
Integrate and automate detection workflows with GenAI / AI tools
Tune and manage Microsoft Defender and CrowdStrike environments
Automate detection and alerting pipelines using Python and other scripting tools
Secure cloud-native environments — AWS, Docker, Kubernetes, CloudFormation, ELK
Operate in Linux/Unix environments and drive log parsing, response scripting, and tool deployment

✅ What You Bring:
10–15 years of experience in SOC or Incident Response roles
Proven experience owning and managing Microsoft Defender and CrowdStrike end-to-end
Strong scripting ability in Python
Solid background securing cloud-native environments (AWS, Docker, Kubernetes, ELK, CloudFormation)
Fluency in Unix/Linux command-line environments
Familiarity with MITRE ATT&CK, Cyber Kill Chain, detection engineering
Ability to clearly explain the why, where, and how behind alerts, detections, and data sources
Pragmatic thinker and straight-shooter — honest about limitations, confident in your strengths
Bonus: Experience with AI-driven security workflows and startups.
📍 Location Preferences:
Toronto-based (hybrid, 2x/week in-office) strongly preferred
Open to candidates in Ottawa, Calgary, Halifax (no Vancouver due to time zone)
Must be working EST hours