3-6+ years of experience in a SOC environment in any capacity (analyst, engineer, detection engineer, etc.)
Strong software engineering fundamentals - proficiency in at least one systems or scripting language (Python strongly preferred; Go, Rust, or similar a plus)
DevOps experience - hands-on with CI/CD tooling (GitHub Actions, GitLab CI, Jenkins, etc.), containerization (Docker/Kubernetes), and infrastructure-as-code (Terraform, Ansible, or equivalent)
Security domain expertise across one or more of: SIEM engineering, SOAR development, threat detection, cloud security, network security monitoring, or incident response
Familiarity with log pipelines and data engineering concepts (e.g., Kafka, Logstash, Cribl, Fluentd)
Working knowledge of MITRE ATT&CK framework and its application to detection and response
Strong understanding of attacker TTPs, common vulnerability classes, and defensive countermeasures
Able to context-switch effectively between engineering work and operational support
Comfortable receiving direction from multiple senior stakeholders and managing competing priorities
Strong written and verbal communication; can translate technical findings for non-technical stakeholders
Prefered Qualifications
Experience with SIEM platforms such as Splunk, Elastic, Microsoft Sentinel, or Chronicle
Experience with SOAR platforms such as Palo Alto XSOAR, Splunk SOAR, or Tines
Cloud security experience (AWS, Azure, or GCP) - ideally with security-specific services (GuardDuty, Defender for Cloud, Security Command Center)
Microsoft certifications are strongly preferred , in particular: SC-200 (Microsoft Security Operations Analyst) and SC-100 (Microsoft Cybersecurity Architect)
Azure infrastructure/engineering certifications such as AZ-104 , AZ-204 , or AZ-305
Other relevant certs: GCIA, GCIH, GCFA, GCFE, CySA+, or equivalent
Familiarity with API security and secure software development lifecycle (SSDLC)
Experience contributing to or maintaining open-source security tooling
Here are few reasons why folks love working at CAE!
Meaningful work that drives professional development
Ability to enter and grow within the technology industry
Work in a collaborative environment
Be part of a high-performance team
What we have to offer
Benefits: fully flexible for you to choose what is important
Retirement: Defined Benefits Retirement Plan & Group Registered R
Benefits
Flexible schedule
Additional Information
At CAE, our Technology & Product Development team is dedicated to shaping the future with immersive systems and pioneering technologies that elevate safety and readiness worldwide.
From VR/AR solutions to cutting-edge flight simulation, you'll work alongside brilliant minds in a rewarding and supportive environment with opportunities to learn and grow every day.
Simply put, you're empowered to tackle challenges with a team that embraces bold ideas and a commitment to safety and excellence on a global scale. With a career that blends flexibility, creativity, and impact, you'll play a vital role in an innovative and collaborative team, driving next-generation tech solutions for the moments that matter most.
Your mission
We are seeking a Cybersecurity Integrator Specialist to join our Security Operations Center as a core technical contributor. This role sits at the intersection of software engineering, DevOps, and cybersecurity - purpose-built for someone who can not only detect and respond to threats, but build and automate the systems that make the SOC more effective.
You will report to the Cybersecurity Manager as part of the Security Engineering team while collaborating with the Incident Response Lead and working in close collaboration with the Detection Engineering Lead on detection logic, tuning, and coverage. This cross-functional position requires equal comfort in engineering work and security operations - bridging the gap between those two disciplines is the job.
Are you ready to:
Own and execute security engineering tasks assigned by the Security Engineering Lead, spanning tooling builds, integrations, and infrastructure improvements
Collaborate directly with the Detection Engineering Lead on detection-as-code, rule authoring, alert tuning, and closing coverage gaps
Design and build security automation pipelines and integrations that connect SOC platforms (SIEM, SOAR, EDR, threat intel feeds, ticketing systems)
Support the Incident Response Manager during active incidents - providing platform support, log analysis tooling, and rapid engineering solutions under pressure
Develop and maintain SOAR playbooks, automated response workflows, and repeatable runbooks using scripting and IaC practices
Support CI/CD pipelines for security tooling including testing, versioning, and deployment of SOC infrastructure
Identify and close gaps in telemetry, logging coverage, and alerting fidelity across cloud, on-prem, and hybrid environments
Document integration architectures, runbooks, and operational procedures to support the entire SOC team
Cae · Montreal (st. Laurent)