Mjolnir Security
Mjolnir Security

Security Analyst

TLDR

Hands-on SOC/DFIR role handling threat monitoring, incident triage, M365 investigations, and endpoint forensics across enterprise clients with mentorship and AI-augmented tooling.

About Mjolnir Security

Mjolnir Security is a Canadian MSSP and DFIR firm with deep expertise in Microsoft 365 security, endpoint detection and response, threat intelligence, and digital forensics. We operate a proprietary AI-augmented security operations platform and serve enterprise clients in banking, automotive, education, and regulated sectors. All operations are Canadian-data-resident by design.


The Role

We're hiring a Security Analyst to join our security operations and DFIR practice. You'll support threat monitoring, incident triage, log analysis, M365 security investigations, and endpoint forensics across a portfolio of enterprise clients. You'll work alongside senior DFIR and M365 specialists and be expected to grow fast — this is a hands-on role from day one.


What You'll Do

  • Monitor client environments for security events, anomalies, and indicators of compromise using SIEM, EDR, and proprietary tooling
  • Triage and investigate alerts, escalating confirmed incidents per established playbooks
  • Conduct M365 log analysis including Unified Audit Log, Entra ID sign-in logs, and Exchange/Teams telemetry
  • Support DFIR engagements: evidence acquisition, chain-of-custody documentation, timeline reconstruction, and report contribution
  • Write and refine detection rules, Suricata signatures, and threat hunting queries
  • Contribute to threat intelligence briefs (BLUF format): IOC enrichment, OSINT research, and context development
  • Assist with client vulnerability assessments and security posture reviews
  • Document findings clearly for both technical audiences and executive summaries
  • Support the deployment and tuning of security controls including DLP policies, conditional access, and endpoint agents


What You Bring

  • 1–3 years of experience in a SOC, MSSP, IT security, or DFIR-adjacent role
  • Working knowledge of Microsoft 365 security: Defender for Endpoint/Identity/O365, Entra ID, Purview
  • Familiarity with SIEM concepts and log analysis (Sumo Logic, Sentinel, or similar)
  • Understanding of common attack techniques (MITRE ATT&CK), phishing chains, and ransomware tradecraft
  • Exposure to network-level security: Suricata, Zeek, firewall log analysis, or packet capture
  • Strong written communication — you can write a coherent incident summary under pressure
  • Security certifications (SC-200, Security+, CySA+, BTL1, or equivalent) are an asset
  • Hands-on experience with forensic tools (Magnet AXIOM, Velociraptor, or similar) is a strong advantage
  • Python or PowerShell scripting for automation or log parsing is a plus


Why Join Us

  • Work real DFIR cases and live SOC operations — not a training lab
  • Exposure to a proprietary AI-augmented SOC platform and 90+ internal security tools
  • Mentorship from senior DFIR and M365 specialists with 17+ years of enterprise experience
  • Clear path to Senior Analyst or DFIR Specialist with hands-on case ownership
  • Competitive compensation, hybrid flexibility, and the pace of a firm that builds and ships


Location requirement: Candidates must reside in the Greater Toronto Area. This hybrid role requires in-person availability at our office or client sites up to three days per week. Relocation assistance and travel reimbursement are not available for this position.

Benefits

Competitive salary and benefits

Competitive compensation

Remote-Friendly

Hybrid flexibility

Apply for this job