About the role
What You’ll Do Lead and coordinate threat detection & incident response efforts, including maintaining and refining security playbooks and response processes. Develop and maintain detection engineering content across SIEM, XDR, and cloud-native logging systems (AWS CloudTrail, K8s, Wiz, PAM, etc.). Triage and manage alerts from cloud security posture management and monitoring platforms, ensuring efficient workflows and accurate escalations. Oversee and enhance logging pipelines, SIEM rules, and threat detection coverage to improve fidelity and reduce noise. Implement and optimize log management, cloud monitoring, and security automation to improve the efficiency of response. Build and maintain automation and orchestration workflows to streamline alert triage and incident response. Partner with engineering teams to integrate security visibility into infrastructure, applications, and CI/CD pipelines. Participate in the security on-call rotation to respond to and mitigate incidents. Collaborate with a purple team mindset, working closely with defenders and offensive security partners to continually improve detection coverage across the organization. Continuously evaluate and improve threat detection coverage, alert fidelity, and response automation.
What We’re Looking For 5+ years of hands-on security engineering experience (incident response, detection engineering, or SOC engineering). Strong experience in AWS environments, including CloudTrail, IAM, and native logging. Proficiency with SIEM, EDR/XDR, and cloud security monitoring tools. Hands-on scripting and automation skills (Python, SOAR platforms a plus), with an ability to streamline workflows and reduce manual effort. Experience building and tuning detections, triaging alerts from cloud security posture management tools. Experience working with Cloud Security Posture Management platforms, including triaging alerts, tuning policies, and integrating findings into workflows. Understanding of common security threats, vulnerabilities, and mitigations, and the ability to operationalize defenses. Familiarity with modern application stacks, CI/CD pipelines, and DevSecOps practices. Strong ability to collaborate with engineering teams to incorporate security visibility in ways that enhance, rather than hinder, development. A problem-solver mindset, balancing automation, detection, and pragmatic defenses to reduce risk. Relevant security certifications are a plus but we value hands-on experience and problem-solving skills over formal credentials.
Nice to Have Skills Exposure to threat hunting or purple team collaboration. Knowledge of application security pipelines (GitHub, Terraform, CI/CD security).
Not the right fit? Search for Security Operation Engineer jobs in Canada
About Mastech Digital
Mastech Digital helps enterprises ignite intelligence and transform tomorrow by turning data into real, measurable business outcomes. We focus on creating tangible impact by combining industry expertise, modern data engineering, and advanced AI capabilities that help organizations move with speed and clarity. Our teams work across complex enterprise environments to structure and integrate data, apply analytics, and operationalize AI so decisions become smarter and outcomes become stronger.
We bring together industry knowledge, architect‑led design, and deep technical skill to build trusted data foundations and scalable AI‑ready platforms. Working closely with clients, we ensure every solution is grounded in strong architecture, built for scale, and aligned to business priorities. Our work spans data modernization, AI systems, analytics enablement, and intelligent automation, helping enterprises unlock value faster and sustain innovation over time.
We support organizations across consumer and retail, health sciences, financial services, energy, and manufacturing. Our approach blends speed with rigor through jumpstart industry solutions, reliable data platforms, and enterprise‑wide thinking from foundation to execution. Whether enabling AI adoption, building modern data ecosystems, or delivering specialized digital talent, we help enterprises move from pilots to production and create outcomes that last.
At the core of our work is a belief in strong partnerships, scalable engineering, and a commitment to turning intelligence into impact. With our global reach and deep capability across data, AI, and engineering, we help organizations navigate change with confidence and build the foundation for tomorrow’s growth.
Similar Jobs
About the role
What You’ll Do Lead and coordinate threat detection & incident response efforts, including maintaining and refining security playbooks and response processes. Develop and maintain detection engineering content across SIEM, XDR, and cloud-native logging systems (AWS CloudTrail, K8s, Wiz, PAM, etc.). Triage and manage alerts from cloud security posture management and monitoring platforms, ensuring efficient workflows and accurate escalations. Oversee and enhance logging pipelines, SIEM rules, and threat detection coverage to improve fidelity and reduce noise. Implement and optimize log management, cloud monitoring, and security automation to improve the efficiency of response. Build and maintain automation and orchestration workflows to streamline alert triage and incident response. Partner with engineering teams to integrate security visibility into infrastructure, applications, and CI/CD pipelines. Participate in the security on-call rotation to respond to and mitigate incidents. Collaborate with a purple team mindset, working closely with defenders and offensive security partners to continually improve detection coverage across the organization. Continuously evaluate and improve threat detection coverage, alert fidelity, and response automation.
What We’re Looking For 5+ years of hands-on security engineering experience (incident response, detection engineering, or SOC engineering). Strong experience in AWS environments, including CloudTrail, IAM, and native logging. Proficiency with SIEM, EDR/XDR, and cloud security monitoring tools. Hands-on scripting and automation skills (Python, SOAR platforms a plus), with an ability to streamline workflows and reduce manual effort. Experience building and tuning detections, triaging alerts from cloud security posture management tools. Experience working with Cloud Security Posture Management platforms, including triaging alerts, tuning policies, and integrating findings into workflows. Understanding of common security threats, vulnerabilities, and mitigations, and the ability to operationalize defenses. Familiarity with modern application stacks, CI/CD pipelines, and DevSecOps practices. Strong ability to collaborate with engineering teams to incorporate security visibility in ways that enhance, rather than hinder, development. A problem-solver mindset, balancing automation, detection, and pragmatic defenses to reduce risk. Relevant security certifications are a plus but we value hands-on experience and problem-solving skills over formal credentials.
Nice to Have Skills Exposure to threat hunting or purple team collaboration. Knowledge of application security pipelines (GitHub, Terraform, CI/CD security).
Not the right fit? Search for Security Operation Engineer jobs in Canada
About Mastech Digital
Mastech Digital helps enterprises ignite intelligence and transform tomorrow by turning data into real, measurable business outcomes. We focus on creating tangible impact by combining industry expertise, modern data engineering, and advanced AI capabilities that help organizations move with speed and clarity. Our teams work across complex enterprise environments to structure and integrate data, apply analytics, and operationalize AI so decisions become smarter and outcomes become stronger.
We bring together industry knowledge, architect‑led design, and deep technical skill to build trusted data foundations and scalable AI‑ready platforms. Working closely with clients, we ensure every solution is grounded in strong architecture, built for scale, and aligned to business priorities. Our work spans data modernization, AI systems, analytics enablement, and intelligent automation, helping enterprises unlock value faster and sustain innovation over time.
We support organizations across consumer and retail, health sciences, financial services, energy, and manufacturing. Our approach blends speed with rigor through jumpstart industry solutions, reliable data platforms, and enterprise‑wide thinking from foundation to execution. Whether enabling AI adoption, building modern data ecosystems, or delivering specialized digital talent, we help enterprises move from pilots to production and create outcomes that last.
At the core of our work is a belief in strong partnerships, scalable engineering, and a commitment to turning intelligence into impact. With our global reach and deep capability across data, AI, and engineering, we help organizations navigate change with confidence and build the foundation for tomorrow’s growth.