Level 2 SOC Analyst / Security Systems Administrator
Location: Ottawa, ON (In Office – 5230 Canotek Road)
Employment Type: Full-Time
Experience Level: Intermediate to Senior (3–7+ Years)
About the Role
We are seeking a highly motivated Level 2 SOC Analyst / Security Systems Administrator to join our growing Security Operations and Professional Services teams.
This is a hybrid role that combines hands-on cybersecurity operations with infrastructure and cloud project delivery. You will be responsible for monitoring and responding to security events, tuning and maintaining SIEM platforms, securing Microsoft environments, and participating in the deployment and management of customer infrastructure solutions.
The ideal candidate is equally comfortable investigating security alerts, hardening Microsoft 365 and Entra environments, deploying firewalls, building cloud infrastructure, and supporting client projects. This role provides an excellent opportunity for someone who enjoys both cybersecurity operations and technical implementation work.
Key Responsibilities
Security Operations (SOC)
- Monitor, investigate, and respond to security alerts and incidents across multiple customer environments
- Perform event triage, threat analysis, and escalation in accordance with incident response procedures
- Analyze suspicious activity and determine appropriate containment and remediation actions
- Tune and optimize SIEM platforms to improve detection capabilities and reduce false positives
- Create and maintain SIEM use cases, correlation rules, dashboards, and reporting
- Conduct vulnerability reviews and recommend remediation strategies
- Assist with security assessments, risk reviews, and client security improvement initiatives
- Prepare technical incident reports and executive summaries when required
- Support Microsoft 365, Entra ID, Defender, and Azure security monitoring activities
Professional Services & Infrastructure
- Deploy, configure, and support firewall solutions including Sophos and pfSense
- Build, migrate, and maintain Microsoft Azure environments
- Deploy and support Windows Server infrastructure both on-premises and in the cloud
- Configure and maintain virtualization platforms including Hyper-V and Proxmox
- Participate in server migrations, infrastructure upgrades, and cloud transformation projects
- Configure and troubleshoot switching, routing, VLANs, VPNs, and network security controls
- Implement security hardening and best practices across customer environments
- Collaborate with project teams to deliver infrastructure and security projects on time and within scope
Required Qualifications
- 5–10+ years of experience in cybersecurity, systems administration, or infrastructure operations
- Experience working in a Security Operations Center (SOC) or security-focused role
- Hands-on experience investigating and responding to security events and alerts
- Experience administering Microsoft 365 and Microsoft Entra ID environments
- Experience with Microsoft Defender security products and Azure security services
- Experience working with SIEM platforms, preferably Blumira
- Understanding of SIEM tuning, alert correlation, and threat detection methodologies
- Strong knowledge of Windows Server and Active Directory environments
- Experience supporting cloud infrastructure, particularly Microsoft Azure
- Experience with virtualization platforms such as Hyper-V and Proxmox
- Experience configuring and supporting Sophos and/or pfSense firewalls
- Strong understanding of TCP/IP networking, VLANs, VPNs, routing, switching, and network troubleshooting
- Ability to work independently and manage multiple priorities simultaneously
- Excellent communication, documentation, and customer service skills
- Valid driver's license and reliable vehicle
Preferred Qualifications
- Security+, CySA+, SC-200, SC-300, AZ-500, CISSP, or equivalent certifications
- Experience working in an MSP, MSSP, or multi-tenant environment
- Experience with Microsoft Sentinel or other enterprise SIEM platforms
- Familiarity with vulnerability management platforms such as Rapid7
- Experience with incident response, threat hunting, and forensic investigations
- Knowledge of Zero Trust security principles and security frameworks
- Experience with Microsoft Intune and endpoint management AZ900 minimum, AZ-500 an asset
- Experience with backup, disaster recovery, and business continuity solutions
What Success Looks Like
- Efficiently triages and responds to security events while maintaining excellent client communication
- Continuously improves SIEM detection quality and reduces alert fatigue
- Successfully delivers infrastructure and security projects with minimal oversight
- Identifies security risks and proactively recommends improvements
- Serves as a trusted technical resource for both internal teams and clients
Why Join Us?
- Work with a diverse mix of cybersecurity and infrastructure technologies
- Gain exposure to multiple customer environments and industries
- Opportunity to develop both security and systems engineering expertise
- Participate in meaningful security initiatives and infrastructure projects
- Career growth opportunities within a rapidly expanding technology organization
Pay: $50,125.76-$80,000.00 per year
Benefits:
- Casual dress
- Dental care
- Disability insurance
- Extended health care
- Mileage reimbursement
- On-site parking
- Paid time off
- Tuition reimbursement
Work Location: In person
