JSOC - Cybersecurity Specialist - Incident Response

JSOC - Cybersecurity Specialist - Incident Response

British Columbia, Canada

Shift: 3:00PM to 11:00PM EST.

• Health & wellbeing resources and programs
• Paid vacation, personal, and sick days for work-life balance
• Competitive compensation and benefits packages
• Work-life balance
• Career growth and development opportunities
• Opportunities to contribute to community causes
• Work with diverse team members in an inclusive and collaborative environment

We’re looking for our next SOC Specialist. Your contribution delivering sustainable and measurable results in the following areas will be very important:

• Identify and respond to cyber threats—safeguarding the company’s infrastructure and data.
• Support the alert development cycle, triage and investigate alerts, and manage the full incident response lifecycle (investigation, containment, eradication, recovery) while collecting metrics for reporting.
• Collaborate with internal customers and vendor support teams to ensure security tools align with corporate policies and business needs.
• Work closely with Cybersecurity and IT teams to align priorities, execute new initiatives, and contribute to process improvements and documentation for new tools.
• Collaborate with team members on investigations and share technical knowledge.
• Monitor, analyze and report potential cybersecurity attacks.
• Investigate and analyze threat indicators.
• Gather indicators of compromise and any relevant data for threat hunting activities.
• Leverage security tools (Elastic, Crowd Strike, etc.) for analysis to identify malicious activity.
• Determine TTPs (Tactics, Techniques, and Procedures) of identified malicious activity.
• Conduct research, analysis, and correlation from various resources to determine incident impact.
• Execute containment and eradication actions following established playbooks.
• Participate in on-call and scheduled shift rotations, including outside business hours.
• Coordinate security incident response and investigations with internal teams and 3rd-party providers.
• Document incident timelines, evidence, and actions taken for post-incident review.
• Perform post-incident reviews and produce lessons-learned reports.
• Maintain and improve incident response playbooks and runbooks.
• Participate in tabletop exercises and IR simulations.
• Perform proactive security investigations in corporate environments to detect malicious activity.
• Maintain up-to-date understanding of security threats, countermeasures, tools, cloud security, and SaaS technologies.
• Maintain technical proficiency through training and industry best practices.
• Communicate investigation findings to technical stakeholders and contribute to reporting.
• Track SOC operational metrics (MTTD, MTTR, alert fidelity).

• 3+ years of experience in Cybersecurity Incident Response and Threat Hunting in a complex incident management or SOC environment.
• Experience creating and fine-tuning detection rules.
• Familiarity with integrating security tools via APIs for automation and SOAR concepts.
• Experience with investigations and incident response using EDR tools such as Crowd Strike Falcon and SIEM tools such as Elastic Security (KQL, ESQL, Timeline analysis).
• Experience with forensic triage (disk, memory, network) across Mac, Linux, Windows.
• Experience contributing to SOC processes, playbooks, SIEM correlation rules, and incident reports.
• Experience in incident management and communications under pressure.
• Knowledge of NIST Cybersecurity Framework and MITRE ATT&CK.
• Knowledge of security products and device monitoring tools (Firewalls, IDS/IPS, phishing/email security, content filtering, DDoS, WAF, etc.).

• GSEC, Security+, CySA+, CEH, CHFI or similar certifications.

• Base salary range: $80,604 – $100,756 (Canada)
• Comprehensive benefits plan and competitive incentive program for full-time permanent roles.

At Questrade Financial Group of Companies, we are committed to fostering a diverse, inclusive, and accessible work environment. We accommodate the recruitment and selection process to meet applicants’ needs. The QFG applicant tracking system utilizes AI for screening; final decisions are made by humans.