Role Description Reporting to the Director of IT & Security, you will be responsible for supporting the business with detection and remediation of vulnerabilities and incidents. A key project will be the deployment of a SIEM/SOAR to help alert, detect, and remediate threats to the business. You will work closely with the wider IT team to build out our Vulnerability Management platform and support our drive towards SOC2 Type II certification. - Help deploy and manage the Security Information and Event Management (SIEM) application, monitoring security and compliance alerts and remediating any detected incidents. - Monitor key business systems for vulnerabilities and champion the remediation of vulnerabilities that are outside of IT’s purview. - Create processes and procedures to improve the company’s security posture. - Support the company’s drive for SOC2 Type II compliance. - Handle security incidents with the support of the IT team. Qualifications - 3-5 years of experience in Security and Compliance. - Experience in a SaaS first company with a remote workforce is a plus. - Experience with SIEM application deployment and management. - Experience with Google Workspace. - Experience with EDR tools (Jamf Protect, SentinelOne preferred but not required). - Familiarity with Google Cloud Platform. - Familiarity with Vanta or other SaaS security compliance and management tools. - Familiarity with automation, for instance with an automation platform like Zapier, or scripting tools like Python. Requirements - This role has an annual salary range of $85,000 to $105,000 CAD. - Where an offer falls within this range is determined through the interview process. - Compensation progression is tied to demonstrated performance, expanded scope, and sustained contribution over time, not tenure alone. Benefits - Comprehensive benefits and total rewards package designed to support our team as they grow with us. DEI Commitment Viral Nation is committed to diversity, equity and inclusion in our agency. Viral Nation welcomes applications from people with visible and non-visible disabilities. Accommodations are available on request for candidates taking part in all aspects of the recruiting and selection process.

• Collaborate with stakeholders to design and operate security controls that comprise the LaunchDarkly GRC program • Use technology to automate compliance activities like gathering evidence and verifying controls • Operationalize the health and maturity of the program by tracking metrics based on quantitative and qualitative data • Drive progress towards results for GRC-related continuous improvement projects • Contribute to documentation for security standards, policies, and processes • Support audits and assessments with internal and external stakeholders • Work with product and infrastructure delivery teams on engineering projects related to GRC requirements

• Perform a comprehensive cybersecurity risk assessment and deliver a prioritized remediation plan. • Design and implement the organization's overall security strategy and roadmap. • Establish security monitoring, incident response, and threat detection processes. • Lead and mature Microsoft 365 and Azure security posture (Defender, Entra ID, Sentinel, Purview). • Own SOC 1 and SOC 2 compliance readiness and audit preparation. • Define and enforce IAM policies, MFA standards, and Zero Trust principles. • Develop and maintain security policies, standards, and documentation. • Evaluate and manage third-party vendors and SaaS platform security risks. • Oversee vulnerability management: assessments, tracking, prioritization, and remediation coordination. • Lead incident response, including coordination with MSPs, infrastructure teams, and leadership. • Establish security awareness programs and build a security-conscious culture. • Manage and mentor the Cybersecurity Analyst, providing technical direction and growth opportunities. • Report cybersecurity risks and program status to senior leadership. • Evaluate and recommend security tools and technologies.

Role Description The Senior SOC Analyst is responsible for advanced security monitoring, investigation, and incident response activities within the Everforth Security Operations Center (SOC). This role serves as a senior technical resource within the analyst team, responsible for leading complex investigations, mentoring junior analysts, and ensuring high-quality incident analysis across enterprise environments. The Senior SOC Analyst plays a critical role in identifying sophisticated threats, escalating security incidents, and improving SOC investigative capabilities. This role reports to the SOC Manager and works closely with the Security Engineering team, enterprise IT operations teams, and the Everforth Commercial MSSP to ensure effective monitoring, investigation, and response across the enterprise. Responsibilities - Advanced Threat Investigation: Conduct in-depth analysis of complex security alerts, anomalies, and potential threat activity across enterprise environments. - Incident Response Support: Lead investigation and response activities for confirmed or suspected cybersecurity incidents affecting enterprise systems. - Alert Triage and Escalation: Perform detailed triage of security alerts and escalate validated incidents according to established procedures. - Investigation Leadership: Serve as the lead analyst during significant investigations, coordinating investigative efforts and guiding response activities. - Threat Analysis: Analyze indicators of compromise, attacker behavior, and malicious artifacts to determine the scope and impact of security incidents. - Detection Engineering: Develop and refine detection logic, analytics, and monitoring use cases based on investigative findings and threat intelligence. - Threat Hunting: Conduct proactive threat hunting activities to identify adversary behavior not detected through automated alerts. - MSSP Escalation Handling: Review and validate alerts and escalations originating from the MSSP after-hours monitoring team. - Investigation Documentation: Ensure thorough documentation of investigations, findings, and response actions within the SOC case management platform. - Operational Quality Assurance: Support the SOC Manager in maintaining investigation quality and adherence to SOC playbooks and procedures. - Operational Effectiveness: Lead the design and implementation of SOC process improvements through automation, AI-driven solutions, workflow optimization, and continuous enhancement of detection and response capabilities. - Operational Collaboration: Work closely with IT operations, infrastructure teams, and security engineering to support investigation and remediation activities. - Knowledge Sharing: Mentor junior SOC analysts and provide guidance on investigative techniques, threat analysis, and incident handling procedures. - Situational Awareness: Maintain awareness of emerging threats, attacker tactics, techniques, and procedures relevant to enterprise environments. - Playbook Execution: Execute established SOC investigation playbooks and contribute to the refinement of operational procedures. - On-Call Support: Participate in on-call support to assist with security incident response, operational issues, and investigation activities to maintain continuous SOC coverage and response capability. Qualifications - Experience: Minimum of 5 years of cybersecurity experience, with at least 3 years in a Security Operations Center or incident response role. - Security Investigation Expertise: Strong experience investigating security alerts, analyzing suspicious activity, and determining the scope and impact of security incidents. - Incident Response Experience: Hands-on experience supporting incident response investigations including containment, eradication, and recovery coordination. - Security Technology Experience: Experience working with enterprise security tools such as SIEM platforms, EDR platforms, and log analysis systems. - Threat Analysis Skills: Ability to analyze indicators of compromise, attacker behaviors, and adversary techniques during investigations. - Log Analysis Expertise: Strong experience reviewing and interpreting system logs, endpoint telemetry, network events, and authentication activity. - Detection Engineering Experience: Experience developing or tuning detection rules, analytics, or monitoring logic used to identify malicious activity. - Security Framework Knowledge: Familiarity with cybersecurity frameworks such as NIST Cybersecurity Framework or CIS Critical Security Controls. - Investigation Documentation: Experience documenting investigations, incidents, and response actions within case management platforms. Requirements - Able and willing to obtain a US Security Clearance. - This role may require occasional on-call support during off-hours to respond to security incidents.