SOC Analyst

Company: Starling Group
Location: Toronto (Hybrid)

About Us:
Starling is a pioneering financial technology company that started by building a new kind of bank. Our ecosystem includes our UK bank (Starling), our global Software-as-a-Service technology platform (Engine by Starling), and a growing portfolio of specialist financial and software businesses. Our operations are expanding globally, with offices in locations like Sydney and Toronto. We foster a fast-paced environment focused on building, creating, and leveraging disruptive technology. We operate with a flat structure, promoting innovation, collaboration, and ownership. Our core values are Listen, Keep It Simple, Do The Right Thing, Own It, and Aim For Greatness.

About the Role:
To support our growth, we are seeking SOC Analysts to join our expanding cyber security function. This role is critical to our 24/7 operational capabilities, providing coverage during working hours in Sydney and Toronto alongside our UK colleagues. You will work with leading SecOps professionals to protect Starling Group’s customers, assets, and systems using the latest technologies.

What You'll Be Doing:

• Incident triage, response, and investigations based on alerts from multiple sources, including Cloud Infrastructure/Security, Endpoint Detection and Response, and Perimeter detection tooling.
• Investigating and responding to security alerts raised by users.
• Enhancing and creating analytic triggers to improve alert efficacy.
• Continuous development of incident handling and readiness processes.
• Proactive threat hunting based on threat intelligence.
• Documentation of incidents and investigations.

About Your Skills:
We value aptitude and attitude over specific experience. The following are an overview of desired skills:

• 3+ years of experience in an in-house SOC role and team.
• Understanding of AWS Security Solutions (or other Public Cloud Solutions).
• Analysis and Incident Response experience with Cloud systems (GCP, AWS).
• Experience working with and supporting analytics/SIEM platforms.
• Experience supporting and conducting Incident Response engagements.
• Experience in endpoint-based investigations.
• Experience in cloud-based investigations.
• Experience with Incident Command and conducting Tabletop Exercises.
• Excellent communication skills (verbal and written), with the ability to communicate technical concepts to both technical and non-technical audiences.
• Demonstrated teamwork and collaboration skills as part of a multi-functional team.
• Time management, problem-solving, and interpersonal skills.
• Eagerness to learn and apply knowledge to new security challenges.
• Willingness to share knowledge with the team and mentor colleagues.
• A high-level understanding of mobile, network, and operating system security controls.

Preferred Qualifications:

• 3+ years of experience in a cyber incident response and digital forensics function.
• Experience in forensics: cloud (GCP, AWS); endpoint/server (Windows, MacOS, Linux); and/or network.
• Any experience of programming in Python, Go, and/or Java.
• A Cyber/Information Security related degree and/or relevant cyber security qualification(s).
• Understanding of malware analysis techniques.

Benefits:

• A discretionary benefits stipend, payable on a monthly basis.
• 20 days annual leave plus public holidays.

Important Information:

• Successful candidates will be required to pass background checks.
• Starling welcomes and encourages applications from people with disabilities. Accommodations are available on request.
• We are unable to provide work permit or visa sponsorship for any role in Canada at this moment.