Location
vancouver
Job Type
Full-time
Posted
July 13, 2026
Job Description
Responsibilities
- Lead investigations and incident response for medium- and high-severity security events — phishing campaigns, insider risk, compromised accounts, data-loss concerns — owning the response from triage through resolution and post-incident review.
- Own detection engineering across the corporate security stack — tune DLP, EDR, phishing templates, remediations, and SSO/IdP signals; build correlation rules; reduce false-positive rates without sacrificing coverage.
- Drive root-cause analysis after incidents and near-misses, then translate findings into durable runbooks, controls, and tooling changes.
- Build and maintain automations and integrations that move work left — auto-remediation playbooks, signal enrichment, evidence collection pipelines.
- Define, document, and evolve internal incident response playbooks for insider threat, compromised device, and data-loss scenarios.
- Partner with the Manager, CorpSec on tool...