Cyber Security Analyst

We are currently hiring on behalf of a rapidly growing digital finance organization that operates within Canada's fintech and blockchain ecosystem. This company is recognized as a leader in innovation and has built a reputation for security-first operations. With a strong multidisciplinary team, they are looking to expand their capabilities in cybersecurity and are seeking an experienced IT Security Specialist to join their Calgary-based team on a hybrid model.

Position Overview

As a Cyber Security Analyst / Specialist, you will play a key role in the implementation and management of a Security Information and Event Management (SIEM) system—ideally based on Elastic Stack. The successful candidate will be responsible for improving the organization's threat detection capabilities, refining incident response processes, and ensuring comprehensive security visibility across digital infrastructure.

Key Responsibilities

SIEM Implementation & Integration

• Deploy, configure, and maintain a SIEM solution to aggregate and analyze security logs from various sources including servers, endpoints, applications, and network devices.
• Ensure seamless integration with existing IT systems to allow for broad and effective monitoring coverage.

Detection & Use Case Development

• Create and manage detection rules and correlation use cases tailored to organizational risk and compliance needs.
• Continuously review and optimize rules to improve accuracy and reduce false positives.

Monitoring & Incident Handling

• Build real-time dashboards and alerting mechanisms for continuous monitoring.
• Collaborate with internal teams to triage, investigate, and respond to security incidents promptly.

Documentation & Compliance

• Maintain thorough documentation for all SIEM configurations, custom rules, and incident handling procedures.
• Generate periodic reports to highlight threat trends, system health, and compliance standing.

Access Management

• Assist in the secure onboarding and offboarding of employees, including account provisioning and deactivation.
• Provide technical support and ensure adherence to access control policies during user transitions.

Key Requirements

• Demonstrated experience in deploying and managing SIEM platforms such as Elastic Stack, Splunk, IBM QRadar, or Microsoft Sentinel.
• Strong knowledge of threat detection, log analysis, and incident response workflows.
• Proficiency in writing and optimizing detection rules for high-fidelity alerting.
• Detail-oriented with excellent analytical and problem-solving abilities.