Tekvaly is looking for an Incident Response Analyst for its client in Canada!

Who We are

Tekvaly is a diversified global software development and IT consulting company that gives both offshore and onshore technical solutions to business enterprises. Our mission is to enable superior returns on clients’ technology investments through best-in-class industry solutions, domain expertise and global scale. We feel deeply connected to our customers, and therefore our success isn’t just a matter of our bottom line, but a reflection of how our customers flourish, and how their communities thrive. We strive to understand our customers’ individual needs so that we can develop products and services that enhance their livelihoods. Our customers are our partners, and when we rise, we rise together.

This role centers on hands-on incident response, advanced forensic analysis, root cause determination, and guiding remediation during active security events.

Responsibilities

• Lead and support the full lifecycle of security incidents: detection hand-off, analysis, containment, eradication, and recovery.
• Analyze alerts, logs, and telemetry from SIEM, EDR/XDR, identity, cloud, and network tools to determine incident scope and impact.
• Perform forensic analysis on endpoints, servers, and cloud workloads to identify root cause and attacker activity.
• Coordinate with SOC, IT, cloud, application, and business stakeholders during active incidents and on incident bridges.
• Develop, maintain, and improve incident response playbooks, runbooks, and standard operating procedures.
• Document incidents clearly, including timelines, attacker techniques, affected assets, and recommended remediation steps.
• Conduct post-incident reviews, capture lessons learned, and recommend security control improvements.
• Contribute to threat intelligence activities by documenting IOCs, TTPs, and sharing insights with SOC and security engineering teams.
• Participate in incident simulations, tabletop exercises, and continuous readiness activities.
• Support continuous improvement of incident response processes, tooling, and automation.

Requirements

• Professional experience in incident response, SOC, digital forensics, or threat detection.
• Strong familiarity with incident response frameworks and best practices (e.g., NIST, SANS).
• Hands-on experience with security tools such as SIEM, EDR/XDR, forensic tools, and log analysis platforms.
• Solid understanding of operating systems (Windows, Linux), networks, and common enterprise technologies.
• Experience with cloud environments (e.g., AWS, Azure, GCP) and SaaS incident handling is a strong plus.
• Ability to analyze complex data sets, reconstruct attacker timelines, and communicate clearly with technical and non-technical stakeholders.
• Relevant certifications (e.g., GCIH, GCFA, GCIA, CEH, or similar) are considered an asset.
• Bachelor’s degree in Computer Science, Cybersecurity, or related field, or equivalent experience.

Soft Skills We Like to See:

• Excellent Communication skills.
• Adaptability and willingness to learn.
• Problem-solving mindset.
• Analytical skills.
• Ability to work in a team environment and collaborate effectively with others.

********************************************************************************************************************************************************************************************

Accommodations will be provided on request for candidates taking part in all aspects of our recruitment and selection process.

We thank all candidates for their interest; however, only those selected for an interview will be contacted.

********************************************************************************************************************************************************************************************