Triage Security Engineer

Position: Triage Security Engineer 3
Arctic Wolf – Triage Security Engineer
We’re redefining cybersecurity. With accolades such as the Forbes Cloud 100, CNBC Disruptor 50, Fortune Future 50, and CRN Products of the Year, Arctic Wolf leads the way in managed detection and response. Our mission is simple:
End Cyber Risk. Join us as a  Triage Security Engineer (TSE)  and help our customers stay protected through our Security Operations Centre.

About the Role
The TSE leverages deep threat knowledge to identify, investigate, and notify customers of security events. Working nights and weekends in a 24x7 environment, the TSE manages incidents, collaborates with Concierge Security Teams, and continuously improves triage processes.

Key Responsibilities

Analyze incoming security events from network, endpoint, and log sources accurately and efficiently.

Prioritize events and determine escalation paths.

Own incidents to completion—detect, investigate, mitigate, and communicate with internal and external stakeholders.

Lead complex investigations within your domain and coordinate with cross‑disciplinary experts as needed.

Prioritize task work based on organizational priorities.

Review outgoing tickets and security engagements to identify improvement opportunities.

Enhance detection signals using the development platform to reduce noise.

Coach and mentor team members, sharing knowledge and expertise.

Continuously deepen your security expertise within the specified competency area.

Qualifications

5+ years in Information Security, Network Security, or Cyber Security with focus on threat hunting, incident response, or security analysis.

Experience in threat intelligence analysis, proactive threat hunting, incident response, forensic analysis, and security investigation.

Deep technical competency in:

Networking – protocols, infrastructure, routers, switches, WAPs.

Perimeter – firewalls, IDS, IPS, UTM, WAF, gateways, proxies, mail servers.

Authentication – AD, SSO, MFA.

IaaS – AWS, Azure, GCP.

Endpoint – MDM, EDR, EPP, AV.

SaaS – O365, GSuite, Box, Salesforce, Workday.

Assistance in the incident response lifecycle for analysis, containment, and eradication.

Advisory and coaching of clients during active breaches.

Creation and audit of detections for malicious activity.

Analysis of SIEM events to determine malicious intent.

Experience in a SOC, forensic, or malware analysis role.

Proficiency in scripting languages such as Python, Bash, Power Shell.

Excellent written and verbal communication skills.

Positive can‑do attitude and continuous learning mindset.

No specific degree or certification required; engineering or technology degrees and certifications (CISSP, GIAC, CEH) are a plus.

Job Details

Seniority level:
Mid‑Senior

Employment type:

Full‑time

Job function:
Information Technology

Industries:
Computer and Network Security

Benefits

Equity for all employees

Flexible time off and paid volunteer days

RRSP and 401(k) match

Training and career development programs

Comprehensive private benefits package (medical, mental health, dental, disability, life & AD&D, value‑added services)

Robust Employee Assistance Program (EAP) with mental health services

Fertility support and paid parental leave

Security Requirements

Compliance with AWN’s Information Security policies, standards, processes, and controls.

Background checks are required.

May require access to information protected under U.S. export control laws; authorization may be required.

Equal Employment Opportunity
Arctic Wolf is an Equal Opportunity Employer and considers applicants for employment without regard to race, color, religion, sex, orientation, national origin, age, disability, genetics, or any other basis forbidden under applicable law. We are committed to fostering a welcoming, accessible, respectful, and inclusive environment. Please let us know if you require accommodations by emailing

#J-18808-Ljbffr