×
Register Here to Apply for Jobs or Post Jobs. X

L2 SOC Analyst

Job in Toronto, Ontario, C6A, Canada
Listing for: Brightit
Full Time position
Listed on 2026-07-18
Job specializations:
  • IT/Tech
    Cybersecurity, Network Security, Security Management & Operations, Information Security
Salary/Wage Range or Industry Benchmark: 100000 - 125000 CAD Yearly CAD 100000.00 125000.00 YEAR
Job Description & How to Apply Below

Location: Toronto, Ontario (In-Office) (King & Spadina)
Work Schedule: Monday – Friday, some shift work and on call required
Salary Range: $100,000 - $125,000 CAD per year
AI Disclosure: We do not use artificial intelligence to screen, assess, or select applicants for this position.
Vacancy Status: This posting is for an existing vacancy at our Toronto office.

BrightIT is a high-velocity tech hub focused on delivering world-class digital solutions for the iGaming sector. We bridge the gap between creative startup culture and industrial-scale execution.

Mission: Empowering brands through bold, responsible technology.

Vision: Creating a home for the brightest minds in tech to redefine the gaming landscape.

The SOC L2 Analyst plays a critical role in our Information Security department. Your primary mission is to monitor and analyze security events to detect, investigate, and respond to potential threats. As an L2 specialist, you will act as a bridge between high-volume monitoring and deep-dive incident response, ensuring our infrastructure remains resilient against evolving threat vectors.

Key Responsibilities Monitoring & Advanced Analysis

Continuously monitor security alerts and events from a variety of sources, including SIEM, IDS/IPS, firewalls, and endpoint security tools.

  • Monitor, validate, and analyze security events across AWS Cloud infrastructure
    , SaaS platforms, and on-premise systems.
  • Perform deep-dive investigations using diverse log sources to identify sophisticated security incidents and anomalous activity.
Incident Response & Escalation
  • Participate in the full lifecycle of incident response: containment, eradication, recovery, and post-mortem reporting.
  • Act as the primary escalation point for the L1 team
    , providing guidance and technical expertise on complex alerts.
  • On-Call Function: Be available for critical incident escalations and “fire drill” scenarios as part of the extended SOC response capability to ensure 24/7 coverage for high-priority threats.
  • Triage security alerts: assess severity and potential impact to determine the appropriate handling or escalation path.
Detection & Strategy
  • Develop and refine SIEM rules and detection logic based on the MITRE ATT&CK framework and emerging threat intelligence.
  • Identify vulnerabilities and security gaps in the environment; contribute to remediation through enhanced alerting or control improvements.
  • Support the threat intelligence function by filtering actionable insights to guide operational decision-making.
Documentation & Continuous Improvement
  • Ensure timely documentation of all security events and incidents in Jira
    , adhering strictly to SLAs and SOC policies.
  • Actively contribute to developing, validating, and optimizing detection use cases to minimize false positives and improve overall response efficiency.
Requirements Must-Haves
  • 2+ years of experience in security operations, incident response, or threat monitoring.
  • Technical Proficiency: Hands‑on experience with SIEM platforms (e.g.,
    Elastic Security, Splunk, Sentinel, QRadar, ELK) and log correlation.
  • Infrastructure Knowledge: Familiarity with IDS/IPS, EDR, firewalls, and email/web gateways. Familiarity with network and endpoint security technologies, with specific experience managing/monitoring Palo Alto Next-Generation Firewalls and Cortex XDR (EDR).
  • Cloud Security: Experience securing cloud platforms (specifically AWS
    ) and their native security services.
  • Protocol Expertise: Strong understanding of web protocols and common application-layer attacks.
  • Analytical Mindset: Ability to research and investigate security events independently with high attention to detail.
  • Methodologies: Solid understanding of cybersecurity principles,
    MITRE ATT&CK, Cyber Kill Chain
    , and threat hunting.
  • Communication: Clear verbal and written communication for documenting incidents and collaborating with the SOC Lead.
Nice-to-Haves
  • Bachelor’s degree in Computer Science, Cybersecurity, or a related field.
  • Familiarity with regulatory frameworks:
    ISO 27001, PCI DSS, or GDPR
    .
  • Relevant certifications (e.g., CySA+, GCIH, or cloud-specific security certs).
Why Join Us

We believe that our people are our greatest asset, and we are committed to…

Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary