Security Analyst - Incident Handler
Top Benefits
About the role
SOC OTTAWA, ON, CANADA
Convergence Networks is one of North America’s leading managed service and managed security providers. We are a service company focused on helping clients leverage technology as a strategic tool and proactively protecting their business. We are fueled by providing outstanding service and sharing our passion for innovative technology as part of our integrated solutions.
POSITION SUMMARY
TheSecurity Analyst - Incident Handlersits at the core of our Security Operations Center, serving as the primary investigator for P3 through P1 incidents that require hands-on response. This role is responsible for owning security incidents from initial identification through full recovery across our managed services client base. The ideal candidate possesses sharp critical thinking skills under pressure, a commitment to continuous learning, and the ability to maintain high-quality analysis and documentation in a fast-paced, high-volume environment.
WHAT DOES OUR SECURITY ANALYST DO?
-Identification & Triageby monitoring security alerts from managed platforms to determine severity, scope, and the necessity of an immediate response. -Containmentof confirmed incidents through immediate actions such as revoking sessions, resetting credentials, and isolating affected systems. -Eradicationof threat actor persistence by auditing MFA registrations, inbox rules, OAuth app grants, and mail forwarding configurations. -Recovery Coordinationwith clients and internal teams to restore access and verify that the environment has returned to normal operations. -Communicate Effectivelyby translating technical findings into clear language for non-technical stakeholders and keeping clients informed throughout the incident lifecycle. -Documentevery investigative step, finding, and communication within the ticketing system to ensure notes are clear and complete for other analysts and engineers. -Escalateincidents that exceed Tier 1 scope to senior analysts, providing thorough context to ensure a seamless handoff. -Utilize Security Toolingdaily, including Microsoft Entra, Defender, Huntress, and O365, to manage suspicious sign-ins, endpoint detections, and advanced threats.
WHAT ARE THE QUALIFICATIONS I NEED TO HAVE?
-Experience: 3+ years in IT operations (Help Desk, SysAdmin, Network Admin), 1+ year as an incident handler, or 2+ years as a junior analyst. -Technical Foundation: Working knowledge of networking fundamentals sufficient to read logs, review pcaps, and understand network topology. -Platform Expertise: Hands-on experience with Microsoft 365 administration, including Entra ID, Exchange Online, Purview, or Defender. -Operational Skills: Ability to manage multiple active incidents simultaneously without dropping critical details. -Soft Skills: High levels of patience and composure when working with clients during stressful security events. -Communication: Strong written communication skills for creating detailed ticket notes and client-facing summaries. -Flexibility: Ability to work shift coverage, including non-standard hours, evenings, weekends, and on-call rotations.
WHAT QUALIFICATIONS WOULD REALLY HELP SET ME APART FROM OTHER APPLICANTS?
-Prior SOC Experienceand familiarity with established incident response frameworks and procedures. -**Advanced Tooling:**Hands-on experience with SIEM platforms, CyberChef, sandbox environments, and EDR consoles. -Triage and AnalysisTooling - log parsers, timeline reconstruction, network traffic analysis, and artifact extraction tools -Technical Proficiency: Skill in PowerShell and Linux command line, as well as experience with virtualization like Hyper-V and VMware. -**Relevant Certifications:**Credentials such as Security Blue Team, GIAC, CompTIA Security+, CySA+, or other vendor-specific security titles. -Investigative Mindset: A background in criminal justice or law enforcement.
WHAT IS THE WORK ENVIRONMENT LIKE?
- Normal office working conditions. Work requires regular sitting/standing at a desk, working with a computer. This position requires standing, walking, sitting, using hands, seeing, reaching, talking, writing, and hearing; it may require occasionally carrying or lifting equipment (10-50 pounds) if working on-site.
- Position requires contact with others - in meetings, by phone or by email. Interactions focus on data collection, problem solving, needs analysis and technical work.
- Interactions are initiated in person or electronically. Position may require some travel to customer sites.
WHY SHOULD YOU WORK HERE?
- Group benefits plans, including medical, dental, vision in US and health savings and supplement insurance (including dental) in Canada, including retirement plans (Group RRSP).
- We believe in personal and professional growth. We offer regular internal training opportunities, as well as training and certification reimbursement.
- We believe feedback makes us better. You can expect regular meetings with your manager and quarterly conversations about your performance and growth.
- Many teambuilding and company events throughout the year so you can get to know your teammates on a more personal level, as well as have some fun (families are often included as well).
PERFECT FIT…
If this sounds like your type of place and you can wow us with your spectacular skill set, then we would love to hear from you!
The compensation range for this position is $63,000 - $95,000, which includes base salary and variable compensation. Individual compensation is determined by a combination of factors including skills, experience, qualifications, and geographic location. In addition to base salary, eligible employees may have opportunities to participate in variable incentive programs designed to reward individual and organizational performance. We are committed to pay transparency and comply with all applicable pay transparency legislation.
We are an equal opportunity employer and invite diversity in our applicants; our differences make us stronger! We welcome and encourage applications from qualified candidates of all races, sexes, colors, religions, sexual orientations, disabilities, ages, and gender identities. Accommodations are available upon request for candidates taking part in all stages of the selection process.
About Convergence Networks
Convergence Networks is one of North America's leading Managed Services & Security Providers. We are focused on preparing our customers for the future that’s just around the bend: a complex environment in which users access data through multiple applications on multiple devices. The only way forward is an identity-driven security strategy, protecting your data wherever you venture.
We’ve always thought security first, not security as an add-on. Our team works with you to build an integrated, consistent, and robust security posture centered around Microsoft’s industry-leading solutions. We attract incredibly capable people from across the globe who work with our customers as strategic partners to drive results in the uncharted territory of tomorrow’s technology landscape.
At Convergence Networks, you’ll find a culture built on trust and autonomy. We’re a place for people who elevate those around them. How do you know you’ll go far here? You bring drive, accountability, and a passion for charting your course – together.
Similar jobs you might like
Security Analyst - Incident Handler
Top Benefits
About the role
SOC OTTAWA, ON, CANADA
Convergence Networks is one of North America’s leading managed service and managed security providers. We are a service company focused on helping clients leverage technology as a strategic tool and proactively protecting their business. We are fueled by providing outstanding service and sharing our passion for innovative technology as part of our integrated solutions.
POSITION SUMMARY
TheSecurity Analyst - Incident Handlersits at the core of our Security Operations Center, serving as the primary investigator for P3 through P1 incidents that require hands-on response. This role is responsible for owning security incidents from initial identification through full recovery across our managed services client base. The ideal candidate possesses sharp critical thinking skills under pressure, a commitment to continuous learning, and the ability to maintain high-quality analysis and documentation in a fast-paced, high-volume environment.
WHAT DOES OUR SECURITY ANALYST DO?
-Identification & Triageby monitoring security alerts from managed platforms to determine severity, scope, and the necessity of an immediate response. -Containmentof confirmed incidents through immediate actions such as revoking sessions, resetting credentials, and isolating affected systems. -Eradicationof threat actor persistence by auditing MFA registrations, inbox rules, OAuth app grants, and mail forwarding configurations. -Recovery Coordinationwith clients and internal teams to restore access and verify that the environment has returned to normal operations. -Communicate Effectivelyby translating technical findings into clear language for non-technical stakeholders and keeping clients informed throughout the incident lifecycle. -Documentevery investigative step, finding, and communication within the ticketing system to ensure notes are clear and complete for other analysts and engineers. -Escalateincidents that exceed Tier 1 scope to senior analysts, providing thorough context to ensure a seamless handoff. -Utilize Security Toolingdaily, including Microsoft Entra, Defender, Huntress, and O365, to manage suspicious sign-ins, endpoint detections, and advanced threats.
WHAT ARE THE QUALIFICATIONS I NEED TO HAVE?
-Experience: 3+ years in IT operations (Help Desk, SysAdmin, Network Admin), 1+ year as an incident handler, or 2+ years as a junior analyst. -Technical Foundation: Working knowledge of networking fundamentals sufficient to read logs, review pcaps, and understand network topology. -Platform Expertise: Hands-on experience with Microsoft 365 administration, including Entra ID, Exchange Online, Purview, or Defender. -Operational Skills: Ability to manage multiple active incidents simultaneously without dropping critical details. -Soft Skills: High levels of patience and composure when working with clients during stressful security events. -Communication: Strong written communication skills for creating detailed ticket notes and client-facing summaries. -Flexibility: Ability to work shift coverage, including non-standard hours, evenings, weekends, and on-call rotations.
WHAT QUALIFICATIONS WOULD REALLY HELP SET ME APART FROM OTHER APPLICANTS?
-Prior SOC Experienceand familiarity with established incident response frameworks and procedures. -**Advanced Tooling:**Hands-on experience with SIEM platforms, CyberChef, sandbox environments, and EDR consoles. -Triage and AnalysisTooling - log parsers, timeline reconstruction, network traffic analysis, and artifact extraction tools -Technical Proficiency: Skill in PowerShell and Linux command line, as well as experience with virtualization like Hyper-V and VMware. -**Relevant Certifications:**Credentials such as Security Blue Team, GIAC, CompTIA Security+, CySA+, or other vendor-specific security titles. -Investigative Mindset: A background in criminal justice or law enforcement.
WHAT IS THE WORK ENVIRONMENT LIKE?
- Normal office working conditions. Work requires regular sitting/standing at a desk, working with a computer. This position requires standing, walking, sitting, using hands, seeing, reaching, talking, writing, and hearing; it may require occasionally carrying or lifting equipment (10-50 pounds) if working on-site.
- Position requires contact with others - in meetings, by phone or by email. Interactions focus on data collection, problem solving, needs analysis and technical work.
- Interactions are initiated in person or electronically. Position may require some travel to customer sites.
WHY SHOULD YOU WORK HERE?
- Group benefits plans, including medical, dental, vision in US and health savings and supplement insurance (including dental) in Canada, including retirement plans (Group RRSP).
- We believe in personal and professional growth. We offer regular internal training opportunities, as well as training and certification reimbursement.
- We believe feedback makes us better. You can expect regular meetings with your manager and quarterly conversations about your performance and growth.
- Many teambuilding and company events throughout the year so you can get to know your teammates on a more personal level, as well as have some fun (families are often included as well).
PERFECT FIT…
If this sounds like your type of place and you can wow us with your spectacular skill set, then we would love to hear from you!
The compensation range for this position is $63,000 - $95,000, which includes base salary and variable compensation. Individual compensation is determined by a combination of factors including skills, experience, qualifications, and geographic location. In addition to base salary, eligible employees may have opportunities to participate in variable incentive programs designed to reward individual and organizational performance. We are committed to pay transparency and comply with all applicable pay transparency legislation.
We are an equal opportunity employer and invite diversity in our applicants; our differences make us stronger! We welcome and encourage applications from qualified candidates of all races, sexes, colors, religions, sexual orientations, disabilities, ages, and gender identities. Accommodations are available upon request for candidates taking part in all stages of the selection process.
About Convergence Networks
Convergence Networks is one of North America's leading Managed Services & Security Providers. We are focused on preparing our customers for the future that’s just around the bend: a complex environment in which users access data through multiple applications on multiple devices. The only way forward is an identity-driven security strategy, protecting your data wherever you venture.
We’ve always thought security first, not security as an add-on. Our team works with you to build an integrated, consistent, and robust security posture centered around Microsoft’s industry-leading solutions. We attract incredibly capable people from across the globe who work with our customers as strategic partners to drive results in the uncharted territory of tomorrow’s technology landscape.
At Convergence Networks, you’ll find a culture built on trust and autonomy. We’re a place for people who elevate those around them. How do you know you’ll go far here? You bring drive, accountability, and a passion for charting your course – together.