Security Operations Analyst - Copperleaf

About the Role:

IFS Canada is hiring a Security Operations Analyst to help defend a hybrid environment — with a mix of legacy on-prem infrastructure and growing cloud-native services across AWS and Azure.

This is a hands-on role within our Security Operations team. You'll be responsible for building and refining detection logic, responding to incidents, and coordinating vulnerability remediation efforts. The ideal candidate is comfortable navigating across endpoint, network, and cloud contexts — and is curious enough to chase down leads others might miss.

You’ll also play a key role in ensuring our security controls and practices support compliance with ISO 27001, SOC 2, and other regulatory frameworks.

Who We’re Looking For:

We're seeking someone who’s curious by nature and analytical by default — the kind of person who asks “what else is this connected to?” after every alert. You enjoy exploring how systems work, breaking things in test environments, and tinkering with new detection ideas.

While this role is primarily defensive, we welcome candidates with an interest in red teaming, adversary emulation, or purple team activities. Over time, there’s potential to grow into a more proactive simulation-focused role — working with engineering teams to anticipate and test attacker behavior.

If you're passionate about building detections, breaking assumptions, and closing gaps, you’ll thrive here.

Key Responsibilities:

• Investigate and respond to alerts from SIEM, EDR, and cloud-native logging systems
• Correlate activity across identity, endpoint, network, and cloud data to detect threats
• Build, tune, and maintain detection logic using query languages and regular expressions
• Create and maintain investigation playbooks, detection documentation, and response templates
• Coordinate vulnerability management activities:
  • Work with IT and Dev Ops to validate, prioritize, and track remediation
  • Support compliance evidence collection for vulnerability closure
• Tune endpoint, firewall, and DNS protections based on evolving threat intelligence
• Contribute to detection gap analysis, threat modeling, and internal red team exercises
• Assist with enforcement of policies and evidence collection for ISO 27001/SOC 2 compliance
• Recommend improvements to logging, alerting, and monitoring pipelines

Preferred Experience

• 2+ years in a SOC, detection engineering, or security analyst role
• Experience working in a technology or SaaS company, ideally under ISO 27001 or SOC 2
• Familiarity with IAM, endpoint security, vulnerability management, and cloud logging
• Experience writing detection logic in query-based systems (LEQL, SQL, regex, etc.)
• Exposure to AWS and/or Azure security tools (e.g., IAM, Cloud Trail, Defender for Cloud)
• Scripting or automation knowledge in Power Shell, Bash, or Python is a plus

Must-have

• CompTIA Security+ or equivalent.

Nice-to-have

• ISC2 CC.
• Microsoft SC-900, AWS Security Specialist or CompTIA Network+.

What We’re Offering

• Salary Range: $70,000 - $80,000 CAD annually + bonus
• Flexible paid time off, including sick and holiday
• Medical, dental, & vision insurance
• RRSP with Company contribution
• Flexible spending accounts
• Life insurance and disability benefits
• Tuition assistance
• Community involvement and volunteering events

We embrace flexibility and hybrid work opportunities to support diverse needs and lifestyles, while also valuing inclusive workplace experiences. By fostering a sense of community, we drive innovation, strengthen connections, and nurture belonging. Our commitment ensures you can work in a way that suits you best, while also engaging with colleagues to share ideas and build meaningful relationships.