Jobs.ca
Jobs.ca
Language
ATCO logo

Software Engineer, SOC Automation

ATCO1 day ago
Calgary, Alberta, Canada
Senior Level
Full-Time

Top Benefits

Competitive Compensation
Flex Benefits
Tuition Assistance Program

About the role

Why Work Here?

Help defend critical infrastructure through advanced cybersecurity innovation. Build threat analytics and automation capabilities that operate at scale.

At ATCO, you’ll do meaningful work strengthening cybersecurity resilience across complex IT and OT environments. You’ll contribute to next-generation security operations, automation, and AI-driven security solutions while continuing to grow your expertise in an evolving threat landscape. You’ll help shape next-generation SOC capabilities alongside a collaborative team that values accountability, practical innovation, and continuous development.

About the Role:

The Software Engineer, SOC Automation plays a key role in advancing ATCO’s threat mitigation capabilities across enterprise IT, cloud, and operational technology environments. Reporting to the Manager, Cybersecurity Operations Center, this role focuses on designing, implementing, and continuously improving automated threat protection and response solutions that support a modern, high-performing Security Operations Center (SOC).

As a subject matter expert in detection engineering and automation, you will connect threat intelligence to real-time operations by developing high-fidelity correlation rules, integrating AI/ML capabilities, and enabling faster, more consistent response through automation and orchestration. You will work across diverse technologies and platforms to embed security visibility into digital systems while maintaining alignment with regulatory frameworks and cybersecurity best practices.

What You Get to Do:

  • Design, build, and optimize high-fidelity signatures across SIEM, EDR, NDR, and cloud platforms to improve threat visibility
  • Align protection coverage to frameworks such as MITRE ATT&CK® and identify and prioritize visibility gaps
  • Improve alert quality by reducing false positives and strengthening analytics logic to enable faster response
  • Develop and implement automated SOAR playbooks and workflows to enhance response speed and consistency
  • Build integrations and scripts to connect security tools and streamline SOC operations
  • Contribute to AI/ML-driven capabilities to identify advanced threats and anomalies
  • Leverage automation and LLM technologies to improve alert triage and response processes
  • Conduct threat modeling and proactive threat hunting activities
  • Translate threat intelligence and adversary techniques into actionable SOC workflow logic
  • Support a Detection-as-Code approach using CI/CD and version control practices
  • Participate in testing, validation, and continuous tuning of SOC use case content
  • Maintain documentation for use case coverage, automation workflows, and integrations
  • Collaborate with IT, OT, cloud, and application teams to embed threat protection capabilities into systems
  • Communicate technical findings and recommendations to both technical and business stakeholders

What You Bring:

  • University degree in Software Engineering or Computer Engineering
  • 5+ years’ experience in cybersecurity operations, detection engineering, incident response, or security automation
  • Strong proficiency in programming and scripting (e.g., Python) and security analytics query languages (e.g., KQL, SPL, Sigma, YARA)
  • Experience working with SIEM, EDR, NDR, and SOAR platforms
  • Knowledge of Threat Analytics Engineering principles, including Detection-as-Code methodologies
  • Familiarity with AI/ML applications in cybersecurity and automation of SOC workflows
  • Strong understanding of cybersecurity frameworks and standards such as NIST CSF, MITRE ATT&CK®, and NERC CIP
  • Ability to analyze evolving threats across IT, OT, and cloud environments
  • Experience developing automated workflows and orchestration strategies to improve response times
  • Strong analytical, problem-solving, and communication skills
  • Ability to work independently and collaborate across teams
  • Available to respond to after-hours incidents
  • CISM, CISSP and/or CRISC certifications are considered assets
  • Experience working in complex environments such as utilities, energy, or critical infrastructure is an asset

What We Offer:

  • A culture based on caring, integrity, agility, collaboration, and striving for excellence
  • Competitive compensation
  • Flex benefits
  • Tuition assistance program
  • Training and mentorship programs
  • Charitable donation matching

We would like to thank everyone for their application; however, only those being considered for an interview will be contacted.      ATCO delivers inspired solutions for a better world. We are a diversified global corporation with investments in the essential services of Structures & Logistics, Utilities, Energy Infrastructure, Retail Energy, Transportation and Commercial Real Estate. Learn more about how we build communities, energize industries and deliver customer-focused solutions like no other company in the world at www.atco.com. ATCO is proud to be an equal opportunity employer. Visit our website for more information.  

About ATCO

Utilities
5001-10,000

ATCO is a diversified corporation with investments all over the globe. With over 7,100 employees and assets totalling over $24 billion, ATCO has operated for over for 75 years. We proudly provide essential services throughout many different industries.

We reserve the right to remove comments on our updates. We do not permit comments selling products or promoting commercial or other ventures. Comments containing profanity, abuse or spam are not tolerated and will be removed.

Similar Jobs