DDoS Security Analyst (SOC)

Finney-Taylor Consulting Group

Job#

FT30927

Location

Ontario, ON

Job Type

Permanent

Salary

Negotiable

Contact

***email_hidden***

Status

ACTIVE

Date Posted

June 22, 2026

Submission Deadline

July 06, 2026

Job Stream

Benefits

Negotiable

Job Description : Our client is looking for a DDoS Security Analyst (SOC)!

Must Have Primary Skills

3+ years of experience in Security Operations Center (SOC), Cybersecurity Operations, Incident Response, or related security roles Hands-on experience with DDoS mitigation and protection technologies such as Netscout Arbor, Arbor Sightline, Netscout AED, or similar platforms Strong understanding of networking concepts including TCP/IP, UDP, DNS, BGP, routing, switching, firewalls, and load balancing Experience using SIEM platforms, preferably Microsoft Sentinel Strong KQL (Kusto Query Language) querying and investigation skills Experience analyzing network traffic using packet capture and monitoring tools Knowledge of security frameworks such as NIST, ISO 27001, CIS Controls, or MITRE ATT&CK Strong analytical, troubleshooting, and problem-solving skills Excellent written and verbal communication skills.

Nice To Have Secondary Skills

Experience working within enterprise SOC environments Relevant certifications such as Security+, CySA+, GCIH, GCIA, CISSP, CCNP Security, or Azure Security certifications Experience with cloud security environments (Azure, AWS, or GCP) Knowledge of threat intelligence and threat hunting methodologies.

Proven Experience In

Position Overview

We are seeking a highly skilled DDoS Security Analyst to join our Security Operations team. The successful candidate will be responsible for monitoring, detecting, analyzing, and responding to cybersecurity threats, with a strong focus on Distributed Denial of Service (DDoS) attacks. This role requires expertise in network security, threat analysis, incident response, and security monitoring technologies.

As a key member of the SOC team, you will work closely with network, cloud, and security teams to strengthen the organization's cyber defense capabilities and improve incident response processes.

Key Responsibilities

Monitor security events, alerts, and network traffic for indicators of compromise and DDoS attacks Investigate suspicious activity and perform triage, analysis, containment, and escalation of security incidents Operate and maintain DDoS mitigation platforms and protection technologies Conduct real-time traffic analysis to identify malicious patterns and attack vectors Analyze security incidents, assess business impact, and coordinate response activities Create detailed incident reports, post-incident reviews, and root cause analyses Collaborate with SOC, network engineering, cloud, and infrastructure teams during security events Develop and enhance detection rules, alerting mechanisms, and response workflows Create and maintain operational playbooks, runbooks, and technical documentation Perform proactive threat hunting activities to identify emerging threats and vulnerabilities Recommend security improvements to strengthen organizational resilience against cyber threats Support continuous improvement initiatives aligned with security best practices and frameworks

IND1: ***email_hidden***