Tekvaly is looking for a SOC Analyst for its client in Canada!
Who We are
Tekvaly is a diversified global software development and IT consulting company that gives both offshore and onshore technical solutions to business enterprises. Our mission is to enable superior returns on clients’ technology investments through best-in-class industry solutions, domain expertise and global scale. We feel deeply connected to our customers, and therefore our success isn’t just a matter of our bottom line, but a reflection of how our customers flourish, and how their communities thrive. We strive to understand our customers’ individual needs so that we can develop products and services that enhance their livelihoods. Our customers are our partners, and when we rise, we rise together.
This role is primarily focused on continuous monitoring, alert triage, and first-line investigation. You will be on the front line of defense, monitoring security events, investigating suspicious activity, and helping contain and remediate incidents across cloud and on-prem environments. If you enjoy being on the front lines of cybersecurity, tuning detections, and improving day-to-day security visibility, this role is for you.
Responsibilities
- Monitor security alerts and logs across SIEM, EDR/XDR, firewalls, and other security platforms.
- Triage security events, distinguish false positives from true incidents, and escalate as needed to Tier 2 / Incident Response.
- Perform initial investigation and analysis of suspicious activities, including endpoint, network, and identity related events.
- Provide Tier 1 case resolution for basic security cases including initial reporting, follow-ups, and information requests.
- Collaborate with Incident Response and security engineering teams during active incidents.
- Contribute to tuning detection rules, use cases, and playbooks to reduce noise and improve detection quality.
- Support research on global security events, issues, and trends to produce security advisories for customers.
- Maintain and update SOC documentation, knowledge base articles, and standard operating procedures.
- Assist with managing and configuring security monitoring tools used by the SOC.
- Accept, manage, and update service requests and incidents to ensure contracted SLAs are met.
- Continuously develop both technical and soft skills required within the role and support the development of other staff.
- Understand and comply with all information security and company policies.
Requirements
- Professional experience in a SOC, security operations, or closely related security role.
- Working knowledge of SIEM platforms (e.g., Splunk, Microsoft Sentinel, QRadar, Elastic) and endpoint security tools (EDR/XDR).
- Understanding of core networking and security concepts (TCP/IP, DNS, HTTP, VPNs, firewalls, IDS/IPS).
- Familiarity with incident response processes and frameworks (e.g., NIST, MITRE ATT&CK).
- Ability to handle high alert volumes, prioritise effectively in time sensitive situations.
- Relevant security certifications (e.g., Security+, CySA+, SSCP, GCIA, or similar) are an asset.
- Bachelor’s degree in Computer Science, Cybersecurity, IT, or related field, or equivalent combination of experience and education.
Soft Skills We Like to See:
- Excellent Communication skills.
- Adaptability and willingness to learn.
- Problem-solving mindset.
- Analytical skills.
- Ability to work in a team environment and collaborate effectively with others.
*****************************************************************************************************************************************************************************
Accommodations will be provided on request for candidates taking part in all aspects of our recruitment and selection process.
We thank all candidates for their interest; however, only those selected for an interview will be contacted.
*******************************************************************************************************************************************************************************
