Just Eat Takeaway.com logo
Just Eat Takeaway.com

Egal, wer Du bist, wie Du aussiehst, wen Du liebst oder woher Du kommst, bei Just Eat Takeaway.com findest Du Deinen Platz. Wir setzen uns dafür ein, eine integrative Kultur zu schaffen, die die Vielfalt der Menschen und des Denkens fördert.

Security Operations Analyst

Security OperationsSecurity OperationsFull TimeRemoteMid LevelTeam 10,001

Location

Canada

Posted

3 days ago

Salary

C$79.4K - C$88.8K / year

Seniority

Mid Level

No structured requirement data.

Job Description

Security Operations Analyst

Just Eat Takeaway.com

Role Description Our Cyber Security Operations Centre (CSOC) is a fully internal team responsible for threat detection, investigation, and incident response. The CSOC's mission centres on threat investigation and continuously refining the organisation's ability to detect and respond to incidents — catching threats early to mitigate and minimise impact. The team works with an advanced toolset anchored by Palo Alto XSIAM as the SIEM and investigation platform, drawing on telemetry from a wide range of sources including endpoint agents, cloud infrastructure, network controls, and application-layer signals from platforms such as Cloudflare. We are building towards a modern, AI-augmented CSOC — one where agentic investigation pipelines handle first-pass triage and analysis, and our analysts focus on validation, quality assurance, and complex threat investigation. This role requires analytical thinking, a willingness to work with and improve automated systems, and genuine curiosity about how threats manifest in cloud-native environments. A CSOC Analyst is an independently operating practitioner: someone who can own incidents end-to-end, write and maintain detection content, critically assess the conclusions of AI-driven investigation pipelines, and act as a capable on-call responder. This role is ideal for an analyst with solid foundations who is ready to take on greater ownership and is growing towards a senior or specialist track. - Triage, investigate, and analyse security incidents — own alerts from initial triage through to resolution or escalation, working within XSIAM as the primary investigation and case management platform - Validate agentic investigation conclusions — review, challenge, and provide structured feedback on AI-driven investigation outputs; identify false positives, missed signals, or incorrect conclusions, and feed insights back to improve automated pipeline quality - Write and maintain playbooks — author, review, and iterate on detection and response playbooks; ensure playbooks reflect current threat landscape, tooling, and team processes; follow playbooks consistently during incident response - Implement and tune correlation rules — develop and refine XSIAM correlation rules to improve detection fidelity; reduce false positive rates through systematic tuning; document changes and rationale - Handle cloud security incidents — investigate incidents originating in or involving cloud infrastructure (AWS, GCP, or Azure); understand cloud-native attack paths, misconfigurations, and threat indicators - Participate in the on-call rota — share on-call responsibility with the wider team; respond to critical and high-severity incidents outside business hours in line with defined SLAs - Contribute to threat detection improvement — proactively identify detection gaps, propose new use cases, and collaborate with Security Engineering to implement them - Support threat intelligence operationalisation — apply threat intelligence to detection, investigation, and hunting activities; consume and act on intelligence from internal and external sources Qualifications - SIEM and investigation platform proficiency — hands-on experience working in a SIEM for alert triage, investigation, and case management; familiarity with query languages used for log analysis (XQL, KQL, SPL, or equivalent) - Incident response competency — demonstrable experience investigating and responding to security incidents across a range of alert types (endpoint, network, identity, cloud); ability to follow and apply structured response methodologies - Detection engineering foundations — experience writing or tuning detection rules, correlation logic, or detection-as-code; understanding of what makes a detection effective and how to reduce noise - Cloud security knowledge — practical understanding of cloud environments (AWS, GCP, or Azure) as they relate to security; experience investigating cloud security incidents or misconfigurations - Endpoint telemetry analysis — ability to interpret endpoint telemetry during investigations; familiarity with the types of signals and indicators surfaced by endpoint agents - Playbook literacy — experience following formal incident response playbooks; ideally, experience writing or reviewing them - Analytical judgement — ability to critically evaluate evidence, assess confidence in conclusions, and make sound decisions with incomplete information - Communication — clear written communication; able to document investigations, produce concise incident summaries, and brief stakeholders appropriately - Ownership and accountability — takes end-to-end ownership of assigned incidents and tasks; follows through without requiring frequent prompting; flags blockers proactively Requirements - Direct experience with Palo Alto XSIAM or Cortex XDR — familiarity with the platform we use day-to-day - Cloud security certification — AWS Security Specialty, GCP Professional Cloud Security Engineer, or equivalent - Experience with agentic or AI-assisted security tooling — prior exposure to AI-driven investigation or SOAR platforms, and an understanding of their limitations - Threat intelligence experience — familiarity with structured threat intel (MITRE ATT&CK, STIX/TAXII, threat feeds) and how to operationalise it - Scripting or automation skills — Python, Bash, or similar; ability to write simple automation or tooling to support investigations - Experience in a food delivery, e-commerce, or high-scale consumer platform environment - Relevant certifications: GCIA, GCIH, GCFE, SC-200, or similar Benefits - Team Vibes: Thrive in a collaborative culture where your ideas matter. - Tasty Perk: Enjoy a monthly Skip spend allowance – treat yourself! - More Time Off: Generous PTO with a buy and sell program with up to 5 extra days! - Family First: Up to 20 weeks top up for parental leave. - Premium Benefits: Flexible medical & dental insurance for you and your family. - Keep Learning: Access world-class training resources to power your success. - Perks Galore: Exclusive offers from Workperks from hundreds of top brands. - Future Funded: RRSP contributions with diverse investment portfolios. - We’ve Got You: Access paid sick time to care for yourself or your family when life happens & access to our well-being support programs. - Digital Nomads: Enjoy the freedom to work from almost anywhere in the world for 4 weeks a year. - Career Growth: Fuel your personal and professional evolution through our dedicated mentorship, global mobility pathways, and a wellness-first culture rooted in true diversity and inclusion. Company Description Just Eat Takeaway is one of the world's leading online food delivery marketplaces, connecting millions of customers with hundreds of thousands of restaurant partners across multiple continents. Operating at significant scale across markets including the UK, Canada, Australia, and Europe, we depend on robust and resilient security operations to protect our customers, partners, and platform.

Related Categories

Related Job Pages

More Security Operations Jobs

Zensar logo

Cloud Security Operations Analyst

Zensar

At Zensar, we’re “experience-led everything”. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures. Whether for our clients, our people, or the world around us, this belief powers everything we do. At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus. Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace. All qualified applicants will be considered without regard to race, creed, color, ancestry, religion, sex, national origin, citizenship, age, sexual orientation, gender identity, disability, marital status, family medical leave status, or protected veteran status.

Full TimeRemoteTeam 10,001

Role Description We are seeking an experienced Cloud Security Operations Analyst to design, implement, and operate security controls across multi-cloud environments (AWS & Azure). The role focuses on ensuring robust cloud security posture, proactive threat detection, and continuous improvement of security operations aligned with industry best practices. Key Responsibilities - Design, implement, and support cloud security solutions across AWS and Azure environments. - Deploy, configure, and manage Cloud Security Posture Management (CSPM) tools to ensure continuous compliance and risk visibility. - Implement and provide operational support for Cloud Workload Protection Platforms (CWPP) to secure cloud workloads. - Ensure strong cloud infrastructure security across AWS & Azure, covering: - Identity and Access Management (IAM) - Network security controls - Data protection and encryption - Continuous monitoring mechanisms - Configure, optimize, and manage: - AWS Web Application Firewall (WAF) - AWS Shield Advanced for DDoS protection - Implement and manage Microsoft Defender for Cloud (Azure Defender / ATP equivalent) for advanced threat detection and response. - Monitor and respond to security threats using: - AWS GuardDuty for threat detection - AWS Security Hub for centralized visibility, posture management, and compliance reporting - Perform continuous monitoring, incident response, and vulnerability management across cloud environments. - Collaborate with internal teams (SOC, DevOps, IAM, Infrastructure) to: - Enforce security policies and governance frameworks - Ensure compliance with organizational and regulatory requirements - Drive automation, optimization, and continuous improvement in cloud security operations and processes. Qualifications - 8+ years of experience in cloud security engineering, implementation, and operations in multi-cloud environment (AWS/AZURE) - Strong hands-on experience with: - AWS security services (GuardDuty, Security Hub, WAF, Shield) - Azure security services (Microsoft Defender for Cloud, Azure Security controls) - In-depth understanding of: - CSPM and CWPP tools (AWS + Azure) - Cloud-native security architecture includes NGX, AWS WAF, Shield Advance - Threat detection and incident response - Security monitoring, alert tuning, and response workflows Company Description At Zensar, we’re “experience-led everything”. We are committed to conceptualizing, designing, engineering, marketing, and managing digital solutions and experiences for over 130 leading enterprises. We are a company driven by a bold purpose: Together, we shape experiences for better futures. Whether for our clients, our people, or the world around us, this belief powers everything we do. - At the heart of our culture is ONE with Client - a set of four core values that reflect who we are and how we work: One Zensar, Nurturing, Empowering, and Client Focus. - Part of the $4.8 billion RPG Group, we’re a community of 10,000+ innovators across 30+ global locations, including Milpitas, Seattle, Princeton, Cape Town, London, Zurich, Singapore, and Mexico City. - We believe the best work happens when individuality is celebrated, growth is encouraged, and well-being is prioritized. - We are an equal employment opportunity (EEO) and affirmative action employer, committed to creating an inclusive workplace.

India
Full TimeRemoteTeam 501-1,000Since 1998H1B Sponsor

• Deliver major features and architectural improvements across the Add-ons stack, including automated moderation pipelines, Reviewer tools, and DevHub. • Create robust observability systems and data-backed insights. • Provide peer feedback, share knowledge and help others grow. • Improve platform reliability through deployments, monitoring, and incident response. • Help keep the platform safe and trustworthy, with attention to security and user trust. • Step in to resolve issues impacting users and developers, from small bugs to larger incidents. • Collaborate with designers, product managers, QA, and community contributors to deliver end-to-end improvements. • Contribute in the open through pull requests, code reviews, and discussions. • Work on: • Full stack development: React/TypeScript frontends, Django backend, MySQL datastore. • Platform reliability: deployments, monitoring, and incident response on Google Cloud. • Feature development: submission flows, trust and safety signals, DevHub and Reviewer tools modernization. • Ecosystem moderation: abuse report management, policy compliance, and ecosystem safety. • Open collaboration: We work in the open, with contributions from Mozilla staff and community members.

Germany
€68K - €91K / year
Full TimeRemoteTeam 501-1,000Since 1998H1B Sponsor

• Deliver major features and architectural improvements across the Add-ons stack, including automated moderation pipelines, Reviewer tools, and DevHub. • Create robust observability systems and data-backed insights. • Provide peer feedback, share knowledge and help others grow. • Improve platform reliability through deployments, monitoring, and incident response. • Help keep the platform safe and trustworthy, with attention to security and user trust. • Step in to resolve issues impacting users and developers, from small bugs to larger incidents. • Collaborate with designers, product managers, QA, and community contributors to deliver end-to-end improvements. • Contribute in the open through pull requests, code reviews, and discussions. • Work on: • Full stack development: React/TypeScript frontends, Django backend, MySQL datastore. • Platform reliability: deployments, monitoring, and incident response on Google Cloud. • Feature development: submission flows, trust and safety signals, DevHub and Reviewer tools modernization. • Ecosystem moderation: abuse report management, policy compliance, and ecosystem safety. • Open collaboration: We work in the open, with contributions from Mozilla staff and community members.

Canada
$104K - $139K / year
Full TimeRemoteTeam 501-1,000Since 1998H1B Sponsor

• Deliver major features and architectural improvements across the Add-ons stack, including automated moderation pipelines, Reviewer tools, and DevHub. • Create robust observability systems and data-backed insights. • Provide peer feedback, share knowledge and help others grow. • Improve platform reliability through deployments, monitoring, and incident response. • Help keep the platform safe and trustworthy, with attention to security and user trust. • Step in to resolve issues impacting users and developers, from small bugs to larger incidents. • Collaborate with designers, product managers, QA, and community contributors to deliver end-to-end improvements. • Contribute in the open through pull requests, code reviews, and discussions. • Work on: • Full stack development: React/TypeScript frontends, Django backend, MySQL datastore. • Platform reliability: deployments, monitoring, and incident response on Google Cloud. • Feature development: submission flows, trust and safety signals, DevHub and Reviewer tools modernization. • Ecosystem moderation: abuse report management, policy compliance, and ecosystem safety. • Open collaboration: We work in the open, with contributions from Mozilla staff and community members.

France
€53K - €71K / year