Cyber Security Engineer L2/L3

Headquartered in Brampton, Ontario, Supra ITS operates across Canada, the United States, the United Kingdom, and India.\n\nSupra’s Network Operations Centers (NOCs) in Canada and India provide 24×7 coverage, ensuring operational continuity and a consistently high client experience. Its end-to-end service portfolio spans infrastructure management, private and hybrid cloud, security operations, service desk, and disaster recovery.\n\nWith a security-first, SLA-driven approach, Supra ITS takes full ownership of client IT environments, enabling customers to focus on business growth while Supra ensures reliability, security, and scalability.\n\nCanon Partnership\nIn 2021, Canon Canada made a strategic equity investment in Supra ITS, reflecting a shared commitment to secure, innovative, and customer-centric technology solutions.\n\nToday, Canon and Supra operate as an integrated partnership combining Canon’s global innovation and enterprise strength with Supra’s agility and managed services expertise to drive rapid growth across North America.\n\nTogether, Canon and Supra are redefining enterprise technology delivery through strong engineering, operational excellence, and deep customer relationships.\n\nPosition: Cybersecurity Engineer (L2/L3)\nExperience : 7–12 Years.\nShift : 24*7 Rotational shift\nMode : Remote\n\nRole Overview\nThe L3 Cybersecurity Engineer serves as a senior technical authority within the security operations team, owning P1/P2 incident response, post-incident analysis, detection engineering, and L2 capability development. This is a leadership-oriented, high-ownership role operating with full autonomy across client environments.\n\nKey Responsibilities\nLead P1 & P2 incident response end-to-end across client environments\nConduct root cause analysis & formal post-mortems for major incidents\nDrive detection rule tuning & sustained false positive reduction\nDesign & implement automation, response playbooks & runbooks\nLead proactive threat hunting across client environments\nMentor & train L2 analysts — structured coaching & knowledge transfer\nAct as engineering liaison between SOC/NSOC and security engineering teams\nAuthor and maintain SOPs, process documentation & operational standards\nManage shift handovers — ensure continuity, escalation readiness & log integrity\n\nRequired Skills & Experience\n8–10 years SOC / cybersecurity operations (L3)\nCrowdStrike Falcon & Sentinel One — hands-on EDR\nSIEM platforms — Adlumin or equivalent\nFull incident response lifecycle ownership\nMITRE ATT&CK framework working knowledge\nLog analysis, threat detection & incident handling\nWindows / Linux & networking fundamentals\n\nTooling & Platform Management\nCrowdStrike Falcon — health & alert pipeline\nSentinel One — telemetry & response workflows\nAdlumin SIEM — log management & ingestion\nMonitor tool health & data pipeline continuity\nTroubleshoot integration & telemetry gaps\n\nCompliance & Governance\nISO/IEC 27001 control implementation & alignment\nSupport audits, risk assessments & reporting\nMaintain incident documentation, SOPs & playbooks\n\nEducation\nB.Tech / B.E.

/ BCA / B.Sc (IT, CS, Electronics)\n\nGood to Have\nISO/IEC 27001 audit or implementation exposure\nCloud environments — Azure / AWS\nCertifications: Security+, CEH, CySA+ or equivalent\n\nSoft Skills\nAnalytical, structured problem-solving approach\nClear written & verbal communication\nIndependent and effective in on-site environments\nProactive, ownership-driven with low supervision\n\nWhy Join Atomic North?\nLive international enterprise environments from Day 1\nEDR, SIEM & multi-client security ops exposure\nCareer growth in Cybersecurity & IT Operations\nGlobal pathway through Supra ITS Canada\nISO/IEC 27001 governance & compliance exposure\nMentorship, structured escalation & team culture