Top Benefits
About the role
About Mjolnir Security
Mjolnir Security is a Canadian MSSP and DFIR firm with deep expertise in Microsoft 365 security, endpoint detection and response, threat intelligence, and digital forensics. We operate a proprietary AI-augmented security operations platform and serve enterprise clients in banking, automotive, education, and regulated sectors. All operations are Canadian-data-resident by design.
The Role
We're hiring a Security Analyst to join our security operations and DFIR practice. You'll support threat monitoring, incident triage, log analysis, M365 security investigations, and endpoint forensics across a portfolio of enterprise clients. You'll work alongside senior DFIR and M365 specialists and be expected to grow fast — this is a hands-on role from day one.
What You'll Do
-
Monitor client environments for security events, anomalies, and indicators of compromise using SIEM, EDR, and proprietary tooling
-
Triage and investigate alerts, escalating confirmed incidents per established playbooks
-
Conduct M365 log analysis including Unified Audit Log, Entra ID sign-in logs, and Exchange/Teams telemetry
-
Support DFIR engagements: evidence acquisition, chain-of-custody documentation, timeline reconstruction, and report contribution
-
Write and refine detection rules, Suricata signatures, and threat hunting queries
-
Contribute to threat intelligence briefs (BLUF format): IOC enrichment, OSINT research, and context development
-
Assist with client vulnerability assessments and security posture reviews
-
Document findings clearly for both technical audiences and executive summaries
-
Support the deployment and tuning of security controls including DLP policies, conditional access, and endpoint agents
What You Bring
-
1–3 years of experience in a SOC, MSSP, IT security, or DFIR-adjacent role
-
Working knowledge of Microsoft 365 security: Defender for Endpoint/Identity/O365, Entra ID, Purview
-
Familiarity with SIEM concepts and log analysis (Sumo Logic, Sentinel, or similar)
-
Understanding of common attack techniques (MITRE ATT&CK), phishing chains, and ransomware tradecraft
-
Exposure to network-level security: Suricata, Zeek, firewall log analysis, or packet capture
-
Strong written communication — you can write a coherent incident summary under pressure
-
Security certifications (SC-200, Security+, CySA+, BTL1, or equivalent) are an asset
-
Hands-on experience with forensic tools (Magnet AXIOM, Velociraptor, or similar) is a strong advantage
-
Python or PowerShell scripting for automation or log parsing is a plus
Why Join Us
- Work real DFIR cases and live SOC operations — not a training lab
- Exposure to a proprietary AI-augmented SOC platform and 90+ internal security tools
- Mentorship from senior DFIR and M365 specialists with 17+ years of enterprise experience
- Clear path to Senior Analyst or DFIR Specialist with hands-on case ownership
- Competitive compensation, hybrid flexibility, and the pace of a firm that builds and ships
Not the right fit? Search for Security Analyst jobs in Toronto, ON
About Mjolnir Security
Mjolnir provides clients with a suite of highly advanced and AI/ML driven tools and services – Security Ops Center as a Service, Threat Detection and Dark web Threat Intelligence, Digital Forensics, Threat Analysis and Incident Response services, as well as Cyber Security training.
Mjolnir supports both corporate and public agencies – and specializes in supporting law enforcement agencies. They also run training sessions specifically to support the Cyber Teams for Law Enforcement agencies across Canada.
Mjolnir is a 100% Canadian owned and operated team of committed, knowledgeable and trusted Security Professionals. Launched in 2017, our leadership team brings a collective 100 years’ experience providing solutions to both large enterprise and small business. From Fortune 500 companies to family-owned businesses, we have experience in Energy, Utilities, Mining, Transportation, Telecom, Health Care, Manufacturing, Military, and Government.
Similar Jobs
Top Benefits
About the role
About Mjolnir Security
Mjolnir Security is a Canadian MSSP and DFIR firm with deep expertise in Microsoft 365 security, endpoint detection and response, threat intelligence, and digital forensics. We operate a proprietary AI-augmented security operations platform and serve enterprise clients in banking, automotive, education, and regulated sectors. All operations are Canadian-data-resident by design.
The Role
We're hiring a Security Analyst to join our security operations and DFIR practice. You'll support threat monitoring, incident triage, log analysis, M365 security investigations, and endpoint forensics across a portfolio of enterprise clients. You'll work alongside senior DFIR and M365 specialists and be expected to grow fast — this is a hands-on role from day one.
What You'll Do
-
Monitor client environments for security events, anomalies, and indicators of compromise using SIEM, EDR, and proprietary tooling
-
Triage and investigate alerts, escalating confirmed incidents per established playbooks
-
Conduct M365 log analysis including Unified Audit Log, Entra ID sign-in logs, and Exchange/Teams telemetry
-
Support DFIR engagements: evidence acquisition, chain-of-custody documentation, timeline reconstruction, and report contribution
-
Write and refine detection rules, Suricata signatures, and threat hunting queries
-
Contribute to threat intelligence briefs (BLUF format): IOC enrichment, OSINT research, and context development
-
Assist with client vulnerability assessments and security posture reviews
-
Document findings clearly for both technical audiences and executive summaries
-
Support the deployment and tuning of security controls including DLP policies, conditional access, and endpoint agents
What You Bring
-
1–3 years of experience in a SOC, MSSP, IT security, or DFIR-adjacent role
-
Working knowledge of Microsoft 365 security: Defender for Endpoint/Identity/O365, Entra ID, Purview
-
Familiarity with SIEM concepts and log analysis (Sumo Logic, Sentinel, or similar)
-
Understanding of common attack techniques (MITRE ATT&CK), phishing chains, and ransomware tradecraft
-
Exposure to network-level security: Suricata, Zeek, firewall log analysis, or packet capture
-
Strong written communication — you can write a coherent incident summary under pressure
-
Security certifications (SC-200, Security+, CySA+, BTL1, or equivalent) are an asset
-
Hands-on experience with forensic tools (Magnet AXIOM, Velociraptor, or similar) is a strong advantage
-
Python or PowerShell scripting for automation or log parsing is a plus
Why Join Us
- Work real DFIR cases and live SOC operations — not a training lab
- Exposure to a proprietary AI-augmented SOC platform and 90+ internal security tools
- Mentorship from senior DFIR and M365 specialists with 17+ years of enterprise experience
- Clear path to Senior Analyst or DFIR Specialist with hands-on case ownership
- Competitive compensation, hybrid flexibility, and the pace of a firm that builds and ships
Not the right fit? Search for Security Analyst jobs in Toronto, ON
About Mjolnir Security
Mjolnir provides clients with a suite of highly advanced and AI/ML driven tools and services – Security Ops Center as a Service, Threat Detection and Dark web Threat Intelligence, Digital Forensics, Threat Analysis and Incident Response services, as well as Cyber Security training.
Mjolnir supports both corporate and public agencies – and specializes in supporting law enforcement agencies. They also run training sessions specifically to support the Cyber Teams for Law Enforcement agencies across Canada.
Mjolnir is a 100% Canadian owned and operated team of committed, knowledgeable and trusted Security Professionals. Launched in 2017, our leadership team brings a collective 100 years’ experience providing solutions to both large enterprise and small business. From Fortune 500 companies to family-owned businesses, we have experience in Energy, Utilities, Mining, Transportation, Telecom, Health Care, Manufacturing, Military, and Government.