Senior SOC Engineer – Cloud Security & AI Automation

Now Hiring: Senior SOC Engineer – Cloud Security & AI Automation
📍 Location: Toronto (Hybrid – 2 Days Onsite) | 🕒 Schedule: EST Hours

🔒 Level: Senior | 👥 Team: Global Security Engineering
This isn’t a monitoring role. This is for a true hands-on SOC Engineer who can design, build, automate, and defend complex cloud environments — not just manage vendors or coordinate playbooks. If you know why the alert is firing, where the dataset lives, and how to engineer detection logic from scratch — we want to talk to you.
🔧 What You’ll Be Doing:
Lead the development of our Incident Response and Security Engineering tools and processes
Architect and manage SIEM integrations, dashboards, alert tuning, and incident automation
Embed AI/GenAI into our detection workflows and decision support systems
Serve as a Security Incident Commander during high-impact events

Collaborate cross-functionally to push forward innovative detection and response capabilities
Stay on-call as part of a rotational coverage model within InfoSec
🛠️ Must-Have Technical Expertise:
✅ CrowdStrike – Implementation, tuning, incident triage
✅ Microsoft Defender – Deep experience with alerting, response, tuning
✅ SIEM Tools – Setup, tuning, log ingestion, and rule creation
✅ Cloud Security (AWS preferred) – CloudFormation, Docker, Kubernetes, ELK stack
✅ Scripting (Python preferred) – Able to show past work automating SOC workflows
✅ Unix/Linux CLI – Daily comfort with shell scripting, log parsing, and troubleshooting
✅ Familiarity with frameworks: MITRE ATT&CK, NIST, Cyber Kill Chain

🧠 Ideal Background:
10–15 years in Cybersecurity / SOC / Detection Engineering
Worked at or with top-tier tech companies (think: Amazon, Microsoft, Shopify)
Experienced in building, not just using, SOC tools and detection systems
Straightforward, no-BS communicator who owns what they know (and don’t)
Comfortable working independently and taking initiative
Why Join?
✅ Influence and help shape a next-gen, AI-powered SOC
✅ Collaborate with a global, forward-thinking InfoSec team
✅ Competitive comp, strong benefits, and hybrid flexibility
✅ Real technical challenges. Real impact. No fluff.
📢 Ready to build, secure, and automate the future of detection engineering at scale?
Apply now by sending your resume to tinak@corgta.com