×
Register Here to Apply for Jobs or Post Jobs. X

Analyste princ., Sécurité de l'information

Job in Toronto, Ontario, C6A, Canada
Listing for: TD
Full Time position
Listed on 2026-07-14
Job specializations:
  • IT/Tech
    Cybersecurity, Security Management & Operations, Network Security, Information Security
Salary/Wage Range or Industry Benchmark: 81600 - 115200 CAD Yearly CAD 81600.00 115200.00 YEAR
Job Description & How to Apply Below

Location

Toronto, Ontario, Canada

Hours

37.5 hours per week

Sector

Solutions technologiques

Compensation

$81,600 - $115,200 CAD

Job Description

We are seeking a Senior Information Security Analyst to support enterprise cybersecurity monitoring, detection engineering, and security operations improvement. This role will help develop and maintain effective security detections, improve alert quality, support threat detection activities, and contribute to the overall maturity of security monitoring capabilities.

The successful candidate should have a strong cybersecurity foundation, practical experience with SIEM platforms, and familiarity with cloud, identity, endpoint, and network security concepts. The role requires hands‑on experience with Microsoft Sentinel and the Microsoft security ecosystem
, along with working knowledge of Splunk
. The candidate should be able to analyze security events, understand attack behaviours, tune detections, and work with operational teams to improve detection coverage and investigation outcomes.

Key Responsibilities
  • Support the development, review, tuning, and maintenance of security detections across SIEM and security monitoring platforms.
  • Analyze security events, alerts, and telemetry to identify suspicious activity, detection gaps, and opportunities for improvement.
  • Apply detection engineering principles to improve alert fidelity, reduce unnecessary noise, and ensure detections are practical for security operations.
  • Work with Microsoft Sentinel, Microsoft Defender products, Microsoft Entra , and related security tools to support threat detection and investigation use cases.
  • Use Splunk to review security data, support investigations, and assist with detection tuning where required.
  • Apply cybersecurity knowledge across identity, endpoint, cloud, network, email, and application security domains.
  • Collaborate with SOC, incident response, security engineering, and technology teams to understand monitoring needs and improve security outcomes.
  • Document detection logic, assumptions, data sources, tuning decisions, and investigation guidance in a clear and maintainable way.
  • Support ongoing assessment of detection effectiveness, including relevance, actionability, coverage, and operational value.
Required Qualifications
  • Experience in cybersecurity, security monitoring, SOC operations, incident response, threat hunting, or detection engineering.
  • Hands‑on experience with Microsoft Sentinel and familiarity with the broader Microsoft security suite.
  • Working knowledge of Splunk and the ability to review or support SIEM-based detections and investigations.
  • Strong understanding of cybersecurity fundamentals, including common attack techniques, security controls, incident investigation, and risk‑based thinking.
  • Familiarity with cloud security concepts, especially around identity, access, logging, monitoring, and misconfiguration risks.
  • Understanding of security telemetry from identity, endpoint, network, email, cloud, and application environments.
  • Ability to assess whether alerts are accurate, actionable, and useful for security operations.
  • Strong analytical, troubleshooting, communication, and documentation skills.
  • Ability to work with cross‑functional technical teams in a large enterprise environment.
Preferred Qualifications
  • Experience with KQL, SPL, or other security query languages.
  • Experience with Microsoft Defender XDR, Defender for Endpoint, Defender for Identity, Defender for Office 365, Defender for Cloud, or Defender for Cloud Apps.
  • Experience with endpoint detection and response tools such as Sentinel One or similar EDR platforms.
  • Familiarity with MITRE ATT&CK, threat intelligence, attack paths, or adversary behaviour analysis.
  • Exposure to detection lifecycle management, detection‑as‑code, automation, SOAR, or version‑controlled security content.
  • Scripting or automation experience using Python, Power Shell, or similar technologies.
  • Experience working in a regulated, financial services, or large enterprise environment.
Candidate Profile

The ideal candidate is a hands‑on cybersecurity professional who understands both security operations and detection engineering. They should be comfortable working with SIEM data, investigating suspicious activity, improving detection quality, and applying broad cybersecurity knowledge across cloud, identity, endpoint, network, and application environments. They do not need to be an expert in every tool, but they should have strong fundamentals, be able to learn quickly, think critically, and make practical decisions that improve security monitoring effectiveness.

#J-18808-Ljbffr
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary