Security Operations Engineer
Top Benefits
About the role
As a Security Operations Engineer, you'll be a key player in protecting our infrastructure and our customers' data. We're not just looking for someone to check boxes; we need a proactive problem-solver who can identify risks, harden our systems, and manage the day-to-day security operations that keep our environment resilient.
You'll be the "eyes and ears" of our security posture, working hands-on to manage security tools, oversee our vulnerability management lifecycle, and champion a culture of security across the company. If you're passionate about information security and want to make a tangible impact in a fast-paced environment, this role is for you.
What You'll Do
- Evaluate, deploy, and optimize a wide range of security controls, including endpoint protection, firewalls, and monitoring tools to ensure they are configured properly.
- Conduct periodic 'health checks' on existing security tooling to ensure configurations haven't drifted and are aligned with the defined configuration and industry best practices.
- Take ownership of our vulnerability management process by reviewing findings, prioritizing risks based on business impact, and tracking remediation and patching efforts across both infrastructure and applications.
- Conduct hands-on security reviews of our cloud infrastructure and manage network security controls to strengthen our overall security posture.
- Support the security incident management process, acting as a frontline responder to investigate, contain, and resolve threats.
- Oversee the administration, tuning, and enrichment of the Security Information and Event Management (SIEM) system to enhance visibility, improve alert fidelity, and support proactive threat hunting.
- Implement, configure, and maintain advanced email security solutions to protect against email-borne threats.
- Maintain a secure asset inventory to ensure full visibility and protection of all corporate and production resources.
- Create and maintain security documentation, including risk reports and incident response playbooks.
- Design and conduct regular tabletop exercises to test and improve incident response capabilities, identify gaps, and train relevant stakeholders.
- Develop key performance indicators (KPIs), key risk indicators (KRIs) and metrics related to security operations, incident response, and security posture.
- Identify opportunities to automate routine security tasks and incident response workflows to increase operational efficiency.
What You’ll Bring:
- Up to 5 years of professional experience in information security operations or related domains.
- Strong foundation in information security principles, threat analysis, and risk management.
- Hands-on experience with EDR, FW, DLP, CASB, secure email gateways, IPS/IDS tools, identity and access management (IAM), and security monitoring solutions.
- Working knowledge of vulnerability management and patching processes across both infrastructure and applications.
- Understanding of Microsoft 365, SaaS platform security features, and cloud environment security reviews.
- Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.)
Preferred/Advantage:
- Practical experience with Microsoft Sentinel or other SIEM platforms.
- Familiarity with cloud security best practices in GCP, or other cloud environments.
- Certifications such as CISSP, CCSK, or relevant vendor related.
- Experience in regulated industries (e.g., financial services, fintech).
Soft****Skills
- A natural problem-solver who is always looking for ways to improve security and reduce risk.
- Ability to clearly explain complex technical risks and solutions to diverse audiences, from engineers to senior leadership.
- Ability to work independently and collaboratively across teams.
What you can expect from us
Our Employee Experience is designed to support and inspire our team through:
- A collaborative, growth-oriented engineering culture.
- Encouragement to innovate, experiment, and continuously learn.
- Comprehensive health and dental benefits.
Work Location & Remote Flexibility
This role follows a hybrid model, requiring employees to work 50% in-office, with flexibility to work remotely or from the office on other days.
The company has two office locations:
- Downtown Toronto (Church Street) – The tech team is primarily based here.
- Mississauga – Another office location, but less frequently used by the tech team.
Next Steps
We take hiring seriously and have designed this process to be thoughtful and transparent. Please take time to do the same with your application — tell us how your skills and experience align with this role and what excites you about joining our team.
Diversity & Inclusion
The CanCap Group and our subsidiaries are equal opportunity employers and value diversity. We are committed to building and evolving a team reflecting a variety of backgrounds, perspectives, and skills.
We appreciate your interest — only candidates selected for next steps will be contacted.
About CanCap Group Inc.
We manage the entire lifecycle of the finance receivable from credit adjudication through to contract administration, customer service, default management and post charge-off recoveries. We are a company of innovators: we learn from each other, respect each other, and create together. We strive to inspire our customers by continually understanding them, meeting their needs, and keeping them happily surprised. And we always do so with integrity.
Nous gérons tout un cycle de vie de la créance financière, de l'adjudication de crédit à l'administration des contrats, au service à la clientèle, à la gestion des défauts et aux recouvrements après imputation. Nous sommes une entreprise d'innovateurs: nous apprenons mutuellement, nous nous respectons et créons ensemble. Nous nous efforçons d'inspirer nos clients en les écoutant, en répondant à leurs besoins et en les gardant agréablement surpris. Et nous le faisons toujours avec intégrité.
Security Operations Engineer
Top Benefits
About the role
As a Security Operations Engineer, you'll be a key player in protecting our infrastructure and our customers' data. We're not just looking for someone to check boxes; we need a proactive problem-solver who can identify risks, harden our systems, and manage the day-to-day security operations that keep our environment resilient.
You'll be the "eyes and ears" of our security posture, working hands-on to manage security tools, oversee our vulnerability management lifecycle, and champion a culture of security across the company. If you're passionate about information security and want to make a tangible impact in a fast-paced environment, this role is for you.
What You'll Do
- Evaluate, deploy, and optimize a wide range of security controls, including endpoint protection, firewalls, and monitoring tools to ensure they are configured properly.
- Conduct periodic 'health checks' on existing security tooling to ensure configurations haven't drifted and are aligned with the defined configuration and industry best practices.
- Take ownership of our vulnerability management process by reviewing findings, prioritizing risks based on business impact, and tracking remediation and patching efforts across both infrastructure and applications.
- Conduct hands-on security reviews of our cloud infrastructure and manage network security controls to strengthen our overall security posture.
- Support the security incident management process, acting as a frontline responder to investigate, contain, and resolve threats.
- Oversee the administration, tuning, and enrichment of the Security Information and Event Management (SIEM) system to enhance visibility, improve alert fidelity, and support proactive threat hunting.
- Implement, configure, and maintain advanced email security solutions to protect against email-borne threats.
- Maintain a secure asset inventory to ensure full visibility and protection of all corporate and production resources.
- Create and maintain security documentation, including risk reports and incident response playbooks.
- Design and conduct regular tabletop exercises to test and improve incident response capabilities, identify gaps, and train relevant stakeholders.
- Develop key performance indicators (KPIs), key risk indicators (KRIs) and metrics related to security operations, incident response, and security posture.
- Identify opportunities to automate routine security tasks and incident response workflows to increase operational efficiency.
What You’ll Bring:
- Up to 5 years of professional experience in information security operations or related domains.
- Strong foundation in information security principles, threat analysis, and risk management.
- Hands-on experience with EDR, FW, DLP, CASB, secure email gateways, IPS/IDS tools, identity and access management (IAM), and security monitoring solutions.
- Working knowledge of vulnerability management and patching processes across both infrastructure and applications.
- Understanding of Microsoft 365, SaaS platform security features, and cloud environment security reviews.
- Strong and practical knowledge of industry adopted frameworks and methodologies (MITRE ATT&CK, CIS, NIST, ISO, PCI-DSS, etc.)
Preferred/Advantage:
- Practical experience with Microsoft Sentinel or other SIEM platforms.
- Familiarity with cloud security best practices in GCP, or other cloud environments.
- Certifications such as CISSP, CCSK, or relevant vendor related.
- Experience in regulated industries (e.g., financial services, fintech).
Soft****Skills
- A natural problem-solver who is always looking for ways to improve security and reduce risk.
- Ability to clearly explain complex technical risks and solutions to diverse audiences, from engineers to senior leadership.
- Ability to work independently and collaboratively across teams.
What you can expect from us
Our Employee Experience is designed to support and inspire our team through:
- A collaborative, growth-oriented engineering culture.
- Encouragement to innovate, experiment, and continuously learn.
- Comprehensive health and dental benefits.
Work Location & Remote Flexibility
This role follows a hybrid model, requiring employees to work 50% in-office, with flexibility to work remotely or from the office on other days.
The company has two office locations:
- Downtown Toronto (Church Street) – The tech team is primarily based here.
- Mississauga – Another office location, but less frequently used by the tech team.
Next Steps
We take hiring seriously and have designed this process to be thoughtful and transparent. Please take time to do the same with your application — tell us how your skills and experience align with this role and what excites you about joining our team.
Diversity & Inclusion
The CanCap Group and our subsidiaries are equal opportunity employers and value diversity. We are committed to building and evolving a team reflecting a variety of backgrounds, perspectives, and skills.
We appreciate your interest — only candidates selected for next steps will be contacted.
About CanCap Group Inc.
We manage the entire lifecycle of the finance receivable from credit adjudication through to contract administration, customer service, default management and post charge-off recoveries. We are a company of innovators: we learn from each other, respect each other, and create together. We strive to inspire our customers by continually understanding them, meeting their needs, and keeping them happily surprised. And we always do so with integrity.
Nous gérons tout un cycle de vie de la créance financière, de l'adjudication de crédit à l'administration des contrats, au service à la clientèle, à la gestion des défauts et aux recouvrements après imputation. Nous sommes une entreprise d'innovateurs: nous apprenons mutuellement, nous nous respectons et créons ensemble. Nous nous efforçons d'inspirer nos clients en les écoutant, en répondant à leurs besoins et en les gardant agréablement surpris. Et nous le faisons toujours avec intégrité.