Security Ops Analyst

Reference Number:  5049
Posted Date:  Jul 10, 2026
Employment Type:  Permanent Full Time
Hours of Work:  7.5 hours per day - 5 day week (M-F)
Work Arrangement:  Hybrid 8
Salary Range:  $72399.60 - $78223.60 Annually
Location: 

North Vancouver, British Columbia, Canada

This is an Internal ICBC job posting for applicants within the bargaining unit. External applicants will not be considered.

We welcome applications from all qualified job seekers. Should you require any accommodations, including alternative interview formats, assistance with online assessments, or an ASL interpreter, throughout the application or hiring process, please email your request to accessibility_services@icbc.com – we are committed to ensuring an accessible experience for all candidates.

 

At ICBC, we strive to build diverse teams which reflect the communities we serve. To support this, we’ve created two talent communities for Indigenous Peoples and People with Disabilities.  By joining one of these communities, you’ll connect with our recruitment team who will guide you through the application process and help you explore opportunities at ICBC. Of course, you’re welcome to apply for jobs at ICBC whether or not you join a talent community.

 

We look forward to hearing from you!

 

ICBC is committed to delivering consistently high-quality customer service to all British Columbians. If you are reliable and dependable, love to think outside of the box and have a growth mindset, we welcome you to apply for this exciting opportunity. 

 

Reporting to the Manager of IT Security, the Security Operations Analyst (SOA), as part of a team, will support ICBC’s cybersecurity functions (detection, monitoring and response) and become a technical and cybersecurity leader. 

 

You will work closely with ICBC’s Information Risk Management, Platform teams, Application teams and a Managed Security Operations Center. The SOA is responsible for delivery and continuous improvement of IT cybersecurity functions using ITIL principles and alignment to ISO 27001 controls, CIS controls, and NIST. 

 

Your responsibilities will include: 

  • Identifying, triaging and investigating cybersecurity events and incidents end-to-end, including response, escalation, and resolution with end users. 

  • Working independently and collaboratively with IT teams to proactively recognize any potential intrusion attempt and compromises through correlation analysis of relevant IOCs, event details and threat intelligence sources. 

  • Providing mitigation and remediation support in response to identified cyber threats. 

  • Actively contributing to the development of Security Operations Center (SOC) architecture, standards, methodologies, techniques, processes, and technical playbooks. 

  • Effectively using and improving SOC technologies (network data, endpoint and application) and SOC automation. 

  • Actively enhancing detection rules and technical capabilities of the SOC toolkit to optimize and tune alerts, minimize false positives, correlation, and parsing issues. 

  • Providing oversight to the compliance of ICBC systems with respect to vulnerabilities and patching. 

  • Continuously contributing to and improving IT cybersecurity metrics and reports. 

  • Acting as the first point of contact with external and internal stakeholders (business, IT teams, security service providers) to gain their trust and credibility. 

 

 Job Requirements:

The successful candidate will have two (2) years’ experience in a large, complex IT environment, with a preference of at least one (1) year in cybersecurity (in a Security Operations Center). 

 

A demonstrated continuous education and/or completion of relevant cybersecurity certifications is desirable but not required. 

 

The candidate will bring demonstrated solid knowledge, strong skills, and practical experience of: 

  • Various incident response stages, controls, processes, procedures, and playbooks. 

  • MITRE ATT&CK and Cyber kill-chain frameworks and applying their techniques, tactics and procedures in dynamic IT environment. 

  • SIEM, SOAR, UEBA and EDR technologies, vulnerability management tools and network monitoring applications. 

  • Analyzing, interpreting technical logs and data to identify event or incident root cause(s). 

  • File and host investigation techniques. 

  • Cybersecurity and privacy principles and risks preferably in relation to NIST framework and CIS controls. 

  • Communicating effectively, explaining, and documenting technical details clearly and concisely. 

  • Troubleshooting and applying analytical thinking skills. 

  • Staying on top of the latest cybersecurity research and cyberattacks. 

  • Scripting or programming languages such as Python, PowerShell, Bash, SQL etc. would be desirable. 

  • Basic network protocols, network layers and potential attacks occurring at different levels of the network stack would be advantage. 

  • Cybersecurity related certification holder such as SC-200, Comptia Security+, etc. is preferred. 

 

About us: 

At ICBC, it’s our job to make sure the car insurance system works for all British Columbians, today and in the future. Check out our ICBC Year in Review 2025  to learn more about what we've accomplished! If you want to make the most of your skills and expertise while growing your career, we want you. A career at ICBC is an opportunity to be part of a talented, diverse and inclusive team that is driven to serve its customers and community. You can expect a competitive salary, comprehensive benefits and a collaborative work environment. If you are reliable and dependable, contact us today to be part of our talented and diverse team as we work together to create an insurance system we can all be proud of.

 Our values guide how we interact with customers, partners, and each other. They shape our decisions and create a culture where employees feel inspired and empowered to do their best work.

  • Collaborative: We include different perspectives to reach our common goals.
  • Supportive: We seek to understand to meet diverse and evolving needs.
  • Straightforward: We simplify the complex to make things easier.
  • Knowledgeable: We gain knowledge through experience and learning to make informed decisions.

 

Work arrangements defined: 

  • Hybrid 8 – you will work a minimum of 8 days in a 4-week period at your primary office headquarters (typically 2 days per week). The remaining days will be remote within British Columbia.

 

Only candidates legally entitled to work in Canada will be considered for this position.

#IND1


Job Segment: Database, SQL, Technology