Senior Information Security Analyst, Cyber Threat Detection

Job description

Job Description

Role and Responsibilities

We are seeking an experienced and technically proficient Senior Information Security Analyst (L9) to join the Cyber Threat Detection (CTD) team.

This role will focus on developing and tuning detection alerts for the Cyber Security Operations Center (CSOC), with a strong emphasis on engineering use cases, alert fidelity, and automated response integration.

• Detection Engineering & Alert Development
  • Design, implement, and tune detection logic for Microsoft Defender for Identity (MDI), Defender for Endpoint (MDE), and Defender for Office (MDO) alerts.
    
    
  • Build and maintain detection use cases aligned with threat models and business risk profiles
  • Collaborate with CSOC to ensure alert coverage, reduce false positives, and improve triage efficiency
• Security Use Case Lifecycle
  • Own the end-to-end lifecycle of security use cases: from ideation and threat modeling to deployment and continuous tuning
  • Develop and maintain triage playbooks and enrichment logic for alerts.
    
    
  • Integrate detection logic with XSOAR playbooks for automated response
• Operational Support & Collaboration
  • Partner with Threat Hunting, CSIRT, CSOC, and infrastructure teams to validate alert efficacy and ensure operational readiness.
    
    
  • Participate in incident response efforts by providing detection context and supporting investigations
  • Contribute to weekly CSOC reporting and metrics reviews to assess alert performance and coverage
• Project-Specific Contributions
  • Support the E5 uplift by reviewing Microsoft security alerts and aligning them with enterprise threat models.
    
    
  • Assist in the synchronization of MDI/XDR incidents with XSOAR and ensure CSOC access and playbook readiness

Qualifications

• 7+ years of experience in information security, with at least 5 years in detection engineering or SOC operations
• Deep understanding of SIEM/SOAR platforms (e.g., Splunk, XSOAR), Microsoft Defender suite, and threat detection methodologies
• Strong scripting and automation skills (Python, PowerShell, etc.)
• Familiarity with MITRE ATT&CK framework and threat modeling practices
• Excellent communication and collaboration skills across technical and non-technical stakeholders

Preferred Certifications

• CISSP, GIAC (GCIA, GCIH, GCED), Microsoft SC-200, or equivalent

Who We Are

TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores.

Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world.

More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support.

We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.

TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing.

As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking.

Through regular leadership and development conversations to mentorship and training programs, we’re here to support you towards your goals.

As an organization, we keep growing – and so will you.

Our Total Rewards Package

Our Total Rewards package reflects the investment we make in our colleagues to help them, and their families achieve their well-being goals.

Total Rewards at TD includes a base salary and several other key plans such as health and well-being benefits, including medical coverage, paid time off, career development, and reward and recognition programs.

Additional Information

We’re delighted that you’re considering building a career with TD.

Through regular development conversations, training programs, and a competitive benefits plan, we’re committed to providing the support our colleagues need to thrive both at work and at home.

Colleague Development

If you’re interested in a specific career path or are looking to build certain skills, we want to help you succeed.

You’ll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities.

Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD – and we’re committed to helping you identify opportunities that support your goals.

Training & Onboarding

We will provide training and onboarding sessions to ensure that you’ve got everything you need to succeed in your new role.

Interview Process

We’ll reach out to candidates of interest to schedule an interview.

We do our best to communicate outcomes to all applicants by email or phone call.

Accommodation

If you require an accommodation for the recruitment / interview process (including alternate formats of materials, or accessible meeting rooms or other accommodation), please let us know and we will work with you to meet your needs.

Required Skill Profession

Database, Analytics & Bi