For over 50 years, LifeLabs has been Canada’s leading provider of laboratory diagnostic information and digital health connectivity systems, enabling patients and healthcare practitioners to diagnose, treat, monitor and prevent disease. We are passionate about empowering healthier Canadians through accessible, accurate, and innovative diagnostic services.
We are committed innovators, operating Canada’s first commercial genetics lab, and the country’s largest online patient portal, with more than 8 million Canadians receiving their results online. More than 112 million laboratory tests come through LifeLabs’ laboratories annually, and our team of more than 6,000 passionate, caring, and diverse professionals works together as one to provide high quality testing and results that Canadians can trust.
We know that behind every lab requisition, sample being tested, or investment in technology is an individual and their family counting on us. At LifeLabs, you can make a meaningful impact on Canadians’ lives every day.
Our teams are at the heart of everything we do. We are proud to be recognized as one of Canada’s Best Employers, reflecting our deep commitment to our core values of caring, agility, teamwork, and a customer-centered approach. As part of this commitment, LifeLabs prioritizes the ongoing development of our diversity, equity, and inclusion (DEI) program to better serve the needs of our diverse workforce and the communities we serve. We continue to take steps to challenge ourselves to act with courage and integrity, and to create an environment where people can be their true selves.
These values are not just words on a page, they guide our actions and decisions every day and have come to define our team culture.
Job Title: Senior Security Operations Centre Analyst
Reports to: Manager, Security Operations
Status: Full time
Schedule: Monday – Friday
Additional Requirements: NA
Number of positions: 1
Start Date: ASAP
Internal Application Deadline: 23 June 2025
This vacancy is for an existing position.
Purpose of the Role
The Senior Security Operations Centre Analyst plays a critical role in the identification, investigation, and response to cybersecurity threats affecting LifeLabs systems and data. As a senior individual contributor within the Security Operations Centre (SOC), this role supports advanced threat detection, performs detailed incident response activities, and provides technical expertise in security monitoring, triage, and forensics. The analyst may mentor junior team members and help refine SOC tools and processes.

Knowledge Sharing and Operation Maturity

• Document incident response playbooks, standard operating procedures (SOPs), and detection runbooks for SOC operations.
• Share insights, threat research, and lessons learned with SOC peers to promote continuous improvement.
• Provide mentorship to junior SOC analysts, guiding them through complex cases and helping them develop technical skills.
• Conduct knowledge-sharing sessions or case study reviews to build team expertise.
• Contribute to and participate in tabletop exercises, threat simulations, and incident response drills to improve operational readiness

YOUR RESPONSIBILITIES WILL INCLUDE:

Advanced Threat Detection and Analysis

• Continuously monitor security alerts across SIEM, EDR, and threat intelligence platforms.
• Analyze and correlate logs from various sources to identify potential threats and security incidents.
• Differentiate between normal system behavior and actual security events to prioritize actions.
• Use frameworks like MITRE ATT&CK to analyze attack vectors and potential impacts.
• Recommend and implement adjustments to detection strategies based on new threat trends or attack patterns.
• Conduct deep dives into APTs, malware behaviors, and other advanced threats to enhance detection capabilities.

Incident Response and Forensics

• Act as a primary responder to high-severity security incidents, investigating alerts and incidents from detection to resolution.
• Collect, preserve, and analyze forensic evidence (logs, files, network traffic) for incident analysis.
• Identify the root cause of security breaches, including determining attack methods, techniques, and tools used.
• Collaborate with IT and engineering teams to contain, eradicate, and recover from incidents.
• Document all actions taken, findings, and analysis throughout the incident lifecycle.
• Lead post-incident reviews and provide recommendations to prevent future occurrences.

Detection Engineering and Tool Enhancement

• Work with the engineering team to build and refine detection rules and use cases in SIEM/EDR platforms.
• Continuously tune detection rules to reduce false positives while maintaining high detection accuracy.
• Validate and enhance data sources, ensuring critical assets are adequately monitored and logged.
• Assist in the onboarding of new security tools and ensure their proper integration into the SOC workflow.
• Identify gaps in monitoring and collaborate with teams to implement solutions for improved visibility.
• Ensure that SOC tools (SIEM, EDR, SOAR, etc.) are up-to-date and aligned with the latest threat intelligence.

Knowledge Sharing and Operation Maturity

• Document incident response playbooks, standard operating procedures (SOPs), and detection runbooks for SOC operations.
• Share insights, threat research, and lessons learned with SOC peers to promote continuous improvement.
• Provide mentorship to junior SOC analysts, guiding them through complex cases and helping them develop technical skills.
• Conduct knowledge-sharing sessions or case study reviews to build team expertise.
• Contribute to and participate in tabletop exercises, threat simulations, and incident response drills to improve operational readiness.

WHAT YOU BRING TO THE ROLE:

• Bachelor’s degree or Diploma in IT, Software Engineering, Computer Science, Engineering, Business Technology Management or any related technical field
• One or more relevant security certifications (LPT, OSCP, GWAPT, GWEB, GCIA, GSNA, GCIH, CISSP, CISM, CISA, CEH, GIAC, GPEN, GCED, Security +)
• Minimum 3+ years of direct experience in an information security role
• Multitasking in high-stress situations while ensuring that no details are missed.
• Fluency with scripting as PowerShell and Bash.
• Experience building and securing infrastructure as code (CloudFormation, GitLab, Terraform, etc.)
• Solid experience running security monitoring software such as DLP, IDS, IPS, etc.
• Asset if the candidate has experience working in the healthcare industry.
• Must have experience working in a Security Operations Center
• Experience working through incident response processes as they relate to cybersecurity breaches
  LifeLabs’ compensation programs are commensurate based on the role, skill, effort, responsibility and working conditions, irrespective of gender, race, ethnicity, beliefs, age or any other personal characteristics. Pay programs are communicated regularly in an accessible and transparent manner.
  LifeLabs is also proud to offer resources, opportunities, as well as a collaborative and supportive environment that enables our team members to thrive.

In addition to a competitive compensation package, LifeLabs provides a comprehensive total rewards program, specific to the job position. Your package may include:

• Employee Group Benefits: Competitive coverage for employees and their families to support their overall health and wellness needs, including Extended Health Care, Dental Care, and Life Insurance.
• Retirement Savings Plan
• Vacation and Wellness Days
• Employee Wellness and Giving Programs: Our award winning mental, physical and financial wellness programs aim to address the comprehensive well-being of our team members, including resources like the Employee & Family Assistance Program, financial planning tools, and employee recognition initiatives.
• Professional development and membership reimbursement, access to preferred rates and discount programs, including WorkPerks, Home and Auto Insurance, Costco Membership, etc., and optional health-related benefits.

In accordance with LifeLabs’ Accessibility Policy, and the applicable Accessibility Acts within the provinces we operate in, accommodations are available by request for candidates taking part in all aspects of the recruitment and selection process. For a confidential inquiry or to request an accommodation, please contact your recruiter or email careers@lifelabs.com.
Vaccinations are highly encouraged at LifeLabs’. Vaccinations and/or immunization screening may be mandatory for selected employees if regulated by provincial or regional governments, or through employer-led vaccination policies in the facilities we service. Please ensure you ask if this position requires the successful candidate to be vaccinated or undergo immunization screening.
Ready to empower healthier Canadians? Apply today