Security Operations Analyst - Copperleaf Job Toronto area,Ontario Canada,IT/Tech

Job Description

About the Role:

IFS Canada is hiring a Security Operations Analyst to help defend a hybrid environment — with a mix of legacy on-prem infrastructure and growing cloud-native services across AWS and Azure.

This is a hands-on role within our Security Operations team. You'll be responsible for building and refining detection logic, responding to incidents, and coordinating vulnerability remediation efforts. The ideal candidate is comfortable navigating across endpoint, network, and cloud contexts — and is curious enough to chase down leads others might miss.

You’ll also play a key role in ensuring our security controls and practices support compliance with ISO 27001, SOC 2, and other regulatory frameworks.

Who We’re Looking For:

We're seeking someone who’s curious by nature and analytical by default — the kind of person who asks “what else is this connected to?” after every alert. You enjoy exploring how systems work, breaking things in test environments, and tinkering with new detection ideas.

While this role is primarily defensive, we welcome candidates with an interest in red teaming, adversary emulation, or purple team activities
. Over time, there’s potential to grow into a more proactive simulation-focused role — working with engineering teams to anticipate and test attacker behavior.

If you're passionate about building detections, breaking assumptions, and closing gaps
, you’ll thrive here.

Key Responsibilities:

Investigate and respond to alerts from SIEM, EDR, and cloud-native logging systems

Correlate activity across identity, endpoint, network, and cloud data to detect threats

Build, tune, and maintain detection logic using query languages and regular expressions

Create and maintain investigation playbooks, detection documentation, and response templates

Coordinate vulnerability management activities
:

Work with IT and Dev Ops to validate, prioritize, and track remediation

Support compliance evidence collection for vulnerability closure

Tune endpoint, firewall, and DNS protections based on evolving threat intelligence

Contribute to detection gap analysis, threat modeling, and internal red team exercises

Assist with enforcement of policies and evidence collection for ISO 27001/SOC 2 compliance

Recommend improvements to logging, alerting, and monitoring pipelines

Qualifications

Preferred Experience

2+ years in a SOC, detection engineering, or security analyst role

Experience working in a technology or SaaS company, ideally under ISO 27001 or SOC 2

Familiarity with IAM, endpoint security, vulnerability management, and cloud logging

Experience writing detection logic in query-based systems (LEQL, SQL, regex, etc.)

Exposure to AWS and/or Azure security tools (, IAM, Cloud Trail, Defender for Cloud)

Scripting or automation knowledge in Power Shell, Bash, or Python is a plus

Must-have

CompTIA Security+ or equivalent.

Nice-to-have

ISC2 CC.

Microsoft SC-900, AWS Security Specialist or CompTIA Network+.


Increase/decrease your Search Radius (miles)



Job Posting Language