Intermediate SecOps Engineer

Intermediate SecOps Engineer to join our Infrastructure team. You will focus on threat detection, incident response, security monitoring, and operational resilience across the Foundation’s infrastructure and services. Collaborate with infrastructure, release engineering, and development teams to maintain security visibility, contribute to response playbooks, improve alert quality, and drive continuous improvements. Core responsibilities include building and tuning detection rules and dashboards, leading incident triage and post-incident analysis, operating SIEM and security tooling, threat hunting, developing runbooks and escalation procedures, hardening cloud/container/identity configurations, and participating in disaster recovery planning and live exercises. Ideal candidates bring 3–5+ years in active security operations or related roles, hands-on SIEM/logs/incident experience, Linux and networking fundamentals, familiarity with containers and cloud ecosystems (AWS/Azure/GCP), experience documenting detections and response procedures, and knowledge of MITRE ATT&CK or CIS Controls. Certifications such as Security+, CEH, CSSLP, CCSP, or cloud security credentials are highly desirable. The role is remote, with a preference for candidates based in Canada or the European Union. We offer competitive compensation and a comprehensive benefits package; accommodation is available during recruitment.