<p><strong>Beem Credit Union: Banking for every journey</strong></p> <p>Beem is redefining what it means to be a credit union. With 80 years of cooperative history and a bold vision for the future, we’ve united to create a financial partner that offers both digital ease and people-first service.</p> <p>Our mission is clear: <strong>financial wellness for all.</strong> We help British Columbians achieve their goals through personalized advice, innovative technology, and genuine human connection. </p> <p>As one of BC’s largest credit unions, we serve over <strong>200,000 members</strong> across <strong>66 branches</strong> with <strong>$18 billion in assets under administration</strong>. </p> <p>If you’re passionate about making a difference and want to join a team that values collaboration, innovation, and purpose, join us on the journey. </p> <p>Learn more: <a href="http://www.beemcreditunion.ca/" target="_blank" rel="noopener">www.beemcreditunion.ca</a></p> <p><strong>What this role is all about:</strong></p> <p>The Security Specialist will drive enhancements in threat detection, incident response, vulnerability management and cloud security. This role requires strong expertise in Microsoft Azure security technologies, SIEM operations, threat intelligence, and security automation, ensuring Beem’s defenses are proactive, scalable, and resilient against modern cyber threats. As a key member of the security team, you will work hands-on with Microsoft Sentinel, Sentinel Data Lake, Defender XDR, KQL-based threat hunting, SOAR automation, and UEBA to optimize Beem’s Security Operations Center (SOC) capabilities. You will also play a pivotal role in improving cloud security posture management (CSPM), identity security, and endpoint protection The Security Specialist will be responsible for strengthening and maturing Beem’s Security Operations capabilities while overseeing the operational governance of a Managed Security Services Provider (MSSP) delivering SOC services.</p> <p><em><strong>This role is open to remote or hybrid working arrangements within British Columbia.</strong></em></p> <p><strong>What you’ll do:</strong></p> <p><strong>Security Operations & Incident Response</strong></p> <ul> <li>Lead threat detection engineering by writing advanced KQL-based detection rules in Microsoft Sentinel to identify malicious activities, lateral movement, privilege escalation, and anomalous cloud access.</li> <li>Manage and fine-tune SIEM correlation rules, threat intelligence integrations, and alerting mechanisms to reduce false positives and increase detection efficiency.</li> <li>Deploy and optimize Microsoft Defender for Endpoint, Defender for Cloud, and Defender for Identity to detect host, cloud, and identity-based attacks.</li> <li>Lead the deployment, configuration, and continuous optimization of Wiz (Cloud Security platform) to ensure comprehensive visibility across cloud infrastructure, identities, workloads, containers, and data services.</li> <li>Develop custom detection logic for MITRE ATT&CK TTPs, leveraging Sentinel Analytics rules, Azure Logic Apps, and Machine Learning-based UEBA analytics.</li> <li>Integrate external threat intelligence feeds into Sentinel and fine-tune detection models for real-time attack detection.</li> <li>Conduct periodic validation of log coverage to ensure critical data sources (identity, endpoint, network, cloud, SaaS) are continuously ingested without gaps.</li> <li>Own the development, standardization, and maintenance of comprehensive documentation across the enterprise security toolset, including Microsoft Sentinel, Defender XDR, Wiz, cloud security controls and identity platforms.</li> <li>Develop and maintain Standard Operating Procedures (SOPs) for monitoring, alert triage, escalation, tool health validation, vulnerability management, and incident response workflows.</li> <li>Own and operationalize enterprise Privileged Access Management, Privileged Identity Management and Identity & Access Management controls, ensuring least-privilege enforcement, telemetry integration into Microsoft Sentinel, development of identity-based detection use cases, and continuous monitoring to prevent, detect, and respond to privileged and account compromise threats.</li> </ul> <p><strong>Incident Response & Security Automation</strong></p> <ul> <li>Serve as an escalation point for security incidents, performing forensic analysis, memory dumps, and endpoint triage using Microsoft Defender and Sysinternals tools.</li> <li>Develop and execute incident response runbooks for ransomware, cloud account takeover, data exfiltration, and insider threats.</li> <li>Automate security response workflows using SOAR capabilities in Microsoft Sentinel, Logic Apps, and Power Automate.</li> <li>Conduct log analysis and correlation from diverse data sources, including Sentinel, Sentinel Data Lake, Wiz Cloud Security, Azure AD, Defender XDR, Firewalls, DNS logs, and SaaS applications.</li> <li>Perform digital forensics and malware analysis, leveraging tools like Velociraptor, Sysmon, and Windows Event Forwarding (WEF).</li> <li>Lead threat hunting exercises, proactively identifying sophisticated adversarial activities by analyzing endpoint telemetry, and Azure AD logs.</li> </ul> <p><strong>Vulnerability Management & Cloud Security</strong></p> <ul> <li>Enhance vulnerability scanning and remediation workflows, integrating results from Wiz, Qualys, or Tenable.io into JIRA or ServiceNow.</li> <li>Design and implement custom security baselines for Windows, Linux, and Azure cloud resources using Microsoft Intune, GPOs, and Desired State Configuration (DSC).</li> <li>Harden Azure environments by applying CIS Benchmarking, Microsoft Secure Score improvements, and Azure Policy configurations.</li> <li>Secure Kubernetes Services and containerized workloads, ensuring RBAC enforcement, network segmentation, and container runtime security.</li> <li>Work with IAM teams to optimize Conditional Access Policies, Identity Protection rules, and Just-In-Time (JIT) access policies in Azure AD.</li> </ul> <p><strong>Security Metrics & Threat Intelligence</strong></p> <ul> <li>Develop and track KPIs and KRIs to measure and report on security posture, vulnerabilities, and incident response times to senior leadership.</li> <li>Design, implement, and operationalize comprehensive health monitoring across the enterprise security toolset (including Microsoft Sentinel, Microsoft Defender XDR, Azure security services, endpoint agents, log connectors and automation playbooks) for proactive monitoring and remediation.</li> <li>Implement threat intelligence initiatives to proactively identify and mitigate emerging threats, collaborating with external partners for intelligence sharing.</li> <li>Continuously assess and enhance security processes, identifying gaps in security operations, technology, and staffing, and proposing improvement strategies.</li> </ul> <p><strong>Compliance & Governance</strong></p> <ul> <li>Assist in responding to internal and external audits, ensuring alignment with security policies and regulatory requirements.</li> <li>Maintain a deep understanding of security frameworks and standards, such as NIST, CIS, and MITRE ATT&CK, and align security operations accordingly.</li> <li>Provide security advisory and governance support for IT and engineering teams, ensuring adherence to secure-by-design principles.</li> </ul> <p><strong>What you'll bring:</strong></p> <ul> <li>Bachelor’s degree in Computer Science, Information Security, or a related field.</li> <li>6-8 years of hands-on experience in security operations, focusing on cloud security, incident response, and vulnerability management.</li> <li>Extensive experience with Microsoft security technologies, including Azure Security Center, Microsoft Defender XDR, Microsoft Sentinel, Enterprise Privileged access management and Cloud Security solution.</li> <li>Proficiency in KQL scripting for threat hunting, security analytics, and incident response.</li> <li>Strong understanding of cloud security principles, the shared responsibility model, and secure cloud architecture.</li> <li>Industry certifications preferred: <ul> <li>CISSP (Certified Information Systems Security Professional)</li> <li>Microsoft Certified: Azure Security Engineer Associate</li> <li>Microsoft Certified: Cybersecurity Architect Expert</li> </ul> </li> <li>Experience leading security operations projects to enhance incident detection, response, and automation.</li> <li>Strong problem-solving skills, particularly in high-pressure incident response scenarios, including leading root cause analysis (RCA).</li> <li>Ability to collaborate cross-functionally, communicate effectively with technical and business teams, and influence security best practices.</li> <li>Agile mindset with a continuous improvement approach to enhance threat detection, response, and security governance.</li> </ul> <p><strong>Your Total Rewards  </strong></p> <p>At Beem, we believe great work deserves great rewards. That’s why we’ve built a Total Rewards package that’s more than competitive—it’s designed to help you shine. From your pay to your peace of mind, we’ve got your back.  </p> <p><strong>Compensation  </strong></p> <p><strong>Annual salary range: </strong>$95,500 - 119,400</p> <p>Your pay reflects the skills, experience, and unique strengths you bring. We review salaries every year.  </p> <p><strong>Performance and recognition  </strong></p> <p>Your success is Beem’s success. We reward great performance through recognition and, where applicable, performance bonuses tied to shared goals.  </p> <p><strong>Health and wellness </strong> </p> <p>We're invested in your well-being  </p> <ul> <li>Extended health coverage, including mental health support.</li> <li>Dental care that keeps you smiling. </li> <li>Disability coverage for peace of mind. </li> </ul> <p><strong>Time away: Rest isn’t extra—it’s essential  </strong></p> <ul> <li>Take the time you need to relax, explore, or just catch up on life, with vacation and personal days.   </li> </ul> <p><strong>Retirement and financial well-being  </strong></p> <p><strong>Your future self will thank you. </strong> </p> <ul> <li>Generous RRSP contributions.</li> <li>In-house financial advice to help you plan ahead.</li> <li>Flexible options to add your own contributions.  </li> </ul> <p><strong>Beem member perks</strong>  </p> <p><strong>Little extras that make a big difference.  </strong></p> <ul> <li>Free banking accounts.</li> <li>Special mortgage and lending rates.</li> <li>Preferred financial perks. </li> </ul> <p><strong>The bottom line  </strong></p> <p>Your Total Rewards aren’t just a package—they’re a reflection of our values. We build together by celebrating success, own it by investing in your growth, and keep things welcoming by making sure you feel supported at work, at home, and wherever your journey takes you.  </p> <p><strong>At Beem we are BOLD and Always Welcoming and our values are at the forefront of everything we do!  </strong></p> <ul> <li><strong>B</strong>uild Together: You are a team player who thrives on collaboration, sparks ideas, and fosters inclusivity.</li> <li><strong>O</strong>wn It: You are ready to take charge, drive change, and deliver outstanding results.</li> <li><strong>L</strong>ead with Agility: You are a dynamic, adaptable thinker who thrives on challenge and innovation.</li> <li><strong>D</strong>riven by Curiosity: You are eager to explore, learn, and shape the future. </li> </ul> <p><strong>Ready to join? </strong></p> <p>Visit us at <a href="http://www.beemcreditunion.ca" target="_blank" rel="noopener">www.beemcreditunion.ca</a> to learn more about what it’s like to work for Beem Credit Union!  We sincerely thank all applicants for their interest; however, only shortlisted candidates will be contacted for an interview.  </p> <p><em>We at Beem Credit Union are committed to ensuring inclusive employment practices and an accessible business environment for our employees. We do not discriminate based on any protected attribute covered by the Human Rights Code and encourage all qualified candidates to apply. We are committed to a fair and equitable hiring process for all candidates. All applications are reviewed by a member of our team. </em></p> <p><em>Beem Credit Union serves communities across many traditional Territories and Treaty areas in British Columbia. We are grateful to live and work on this land and are committed to reconciliation, decolonization, and building strong, connected relationships.</em></p>