Lead Security Engineer
| Company | Morningstar |
|---|---|
| Location | Toronto, ON, Canada |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | |
| Experience Level | Senior |
Requirements
- 5+ years of hands-on experience in security engineering, threat detection, and response.
- Strong expertise with SIEM, SOAR, and EDR.
- Experience developing and tuning detections using logs, telemetry, and threat intelligence.
- Proficiency in scripting and automation (Python, PowerShell, Bash, etc.).
- Strong understanding of attack techniques (MITRE ATT&CK framework) and incident response methodologies.
- Ability to analyze security telemetry, investigate threats, and develop effective mitigation strategies.
- Excellent communication skills and ability to collaborate across teams.
Responsibilities
- Lead security detection and response initiatives, ensuring effective threat monitoring, investigation, and mitigation.
- Develop and maintain security detections across SIEM, SOAR, and EDR platforms.
- Architect and optimize security automation workflows to enhance threat response efficiency.
- Collaborate with our in-house SOC and IT teams to refine detection and preventative capabilities and reduce false positives.
- Research and implement new security technologies and best practices to enhance monitoring and response effectiveness.
- Perform security assessments, tuning detection rules, and developing playbooks for security incidents.
- Mentor junior engineers and contribute to security strategy and roadmap planning.
Preferred Qualifications
- Experience with cloud security monitoring (AWS, Azure, GCP).
- Familiarity with security frameworks (NIST, CIS, ISO 27001).
- Certifications such as GIAC (GCDA, GCIH, GCFA), OSCP, CISSP, or relevant credentials.