Incident Response Specialist

Integriti - 4 emplois

Toronto, ON

Postulez dès maintenant

Posté hier

Détails de l'emploi :

Temps plein

Niveau d`entrée

Responsibilities:

Monitor, assess, and triage security alerts and events from SIEM, EDR/XDR, email security, cloud security, and other monitoring platforms.
Validate security incidents and determine severity, scope, and business impact.
Conduct end-to-end investigations of cybersecurity incidents including phishing, malware, ransomware, account compromise, insider threat, unauthorized access, data exfiltration, and cloud-related incidents
Document investigative findings, timelines, indicators of compromise (IOCs), and remediation recommendations.
Contribute to use case development, threat hunting, and IOC enrichment where needed.

Required Skills:

3–5 years of cybersecurity experience, with at least 2–3 years in incident response, SOC, or cyber investigations.
Strong understanding of the incident response lifecycle: preparation, identification, containment, eradication, recovery, and lessons learned.
Hands-on experience with common incident categories such as phishing, malware, endpoint compromise, suspicious authentication activity, privilege misuse, and cloud security events
Hands-on experience with:
- SIEM, EDR/XDR, Identity & cloud logs (Azure, GCP)
Strong skills in log analysis, IOC identification, and root cause determination
Experience documenting incidents and producing actionable remediation guidance
Experience performing Threat hunting using KQL or other query languages, SOAR/playbook automation

#Community and Social Services carrières

Postulez dès maintenant

Enregistrer

Partager un emploi :

Foire aux questions

Where is this Incident Response Specialist role located?

This position is located in Toronto, ON.

What type of employment is this job?

This is a full-time position.

What kind of experience is required for this role?

The role requires 3–5 years of cybersecurity experience, with at least 2–3 years in incident response, SOC, or cyber investigations.

What are the key areas I’ll monitor and respond to in this job?

You will monitor, assess, and triage security alerts from SIEM, EDR/XDR, email security, cloud security, and other monitoring platforms, and conduct end-to-end investigations of cybersecurity incidents.

What skills are important for incident handling in this role?

Strong log analysis, IOC identification, root cause determination, and experience with threat hunting using KQL or other query languages, plus SOAR/playbook automation.

What kinds of incidents would I be investigating?

You’ll investigate phishing, malware, ransomware, account compromise, insider threat, unauthorized access, data exfiltration, and cloud-related incidents.

What documentation and outputs are expected from this role?

You will document investigative findings, timelines, IOCs, and remediation recommendations, and produce actionable remediation guidance.