Security Specialist

About Beem

Beem is a new credit union with 80 years of history. Rising to the rapidly evolving challenges of the financial services industry and inspired by cooperative values, our founding credit unions recognized that we can do more together. Beem means light. It means energy. It means a brighter financial future. United as Beem, we are combining our strengths to better serve our members. As of January 1, 2025, Beem will be one of BC’s largest provincially regulated credit unions, supporting the financial wellness of 193,000 members from 66 branches across the province with $17 billion in assets under administration. Learn more about our journey at www.beemcreditunion.ca.

What this role is all about:

Beem is seeking a highly skilled Security Operations Specialist with 6-8 years of experience in cybersecurity operations to drive enhancements in threat detection, incident response, vulnerability management, and cloud security. This role requires strong expertise in Microsoft Azure security technologies, SIEM operations, threat intelligence, and security automation, ensuring the Beem defenses are proactive, scalable, and resilient against modern cyber threats. As a key member of the security team, you will work hands-on with Microsoft Sentinel, Defender, KQL-based threat hunting, SOAR automation, and UEBA to optimize the Beem Security Operations Center (SOC) capabilities. You will also play a pivotal role in improving cloud security posture management (CSPM), identity security, and endpoint protection.

This role is open to a remote work arrangement and while we welcome all applications, we anticipate filling this role with a candidate located in British Columbia.

What you’ll do:

Security Operations & Incident Response

• Lead threat detection engineering by writing advanced KQL-based detection rules in Microsoft Sentinel to identify malicious activities, lateral movement, privilege escalation, and anomalous cloud access.
• Manage and fine-tune SIEM correlation rules, threat intelligence integrations, and alerting mechanisms to reduce false positives and increase detection efficiency.
• Deploy and optimize Microsoft Defender for Endpoint, Defender for Cloud, and Defender for Identity to detect host, cloud, and identity-based attacks.
• Develop custom detection logic for MITRE ATT&CK TTPs, leveraging Sentinel Analytics rules, Azure Logic Apps, and Machine Learning-based UEBA analytics.
• Integrate external threat intelligence feeds into Sentinel and fine-tune detection models for real-time attack detection.

Incident Response & Security Automation

• Serve as an escalation point for security incidents, performing forensic analysis, memory dumps, and endpoint triage using Microsoft Defender and Sysinternals tools.
• Develop and execute incident response runbooks for ransomware, cloud account takeover, data exfiltration, and insider threats.
• Automate security response workflows using SOAR capabilities in Microsoft Sentinel, Logic Apps, and Power Automate.
• Conduct log analysis and correlation from diverse data sources, including Azure AD, Defender XDR, Firewalls, DNS logs, and SaaS applications.
• Perform digital forensics and malware analysis, leveraging tools like Velociraptor, Sysmon, and Windows Event Forwarding (WEF).
• Lead threat hunting exercises, proactively identifying sophisticated adversarial activities by analyzing Sysmon logs, endpoint telemetry, and Azure AD logs.

Vulnerability Management & Cloud Security

• Enhance vulnerability scanning and remediation workflows, integrating results from Microsoft Defender for Cloud, Qualys, or Tenable.io into JIRA or ServiceNow.
• Design and implement custom security baselines for Windows, Linux, and Azure cloud resources using Microsoft Intune, GPOs, and Desired State Configuration (DSC).
• Harden Azure environments by applying CIS Benchmarking, Microsoft Secure Score improvements, and Azure Policy configurations.
• Secure Kubernetes Services and containerized workloads, ensuring RBAC enforcement, network segmentation, and container runtime security.
• Work with IAM teams to optimize Conditional Access Policies, Identity Protection rules, and Just-In-Time (JIT) access policies in Azure AD.

 Security Metrics & Threat Intelligence

• Develop and track KPIs and KRIs to measure and report on security posture, vulnerabilities, and incident response times to senior leadership.
• Implement threat intelligence initiatives to proactively identify and mitigate emerging threats, collaborating with external partners for intelligence sharing.
• Continuously assess and enhance security processes, identifying gaps in security operations, technology, and staffing, and proposing improvement strategies.

Compliance & Governance

• Assist in responding to internal and external audits, ensuring alignment with security policies and regulatory requirements.
• Maintain a deep understanding of security frameworks and standards, such as NIST, CIS, and MITRE ATT&CK, and align security operations accordingly.
• Provide security advisory and governance support for IT and engineering teams, ensuring adherence to secure-by-design principles.

A little about your qualifications:

• Bachelor’s degree in Computer Science, Information Security, or a related field.
• 6-8 years of hands-on experience in security operations, focusing on cloud security, incident response, and vulnerability management.
• Extensive experience with Microsoft security technologies, including Azure Security Center, Microsoft Defender, and Microsoft Sentinel.
• Proficiency in KQL scripting for threat hunting, security analytics, and incident response.
• Strong understanding of cloud security principles, the shared responsibility model, and secure cloud architecture.
• Industry certifications preferred:
  • CISSP (Certified Information Systems Security Professional)
  • Microsoft Certified: Azure Security Engineer Associate
  • Microsoft Certified: Cybersecurity Architect Expert
• Experience leading security operations projects to enhance incident detection, response, and automation.
• Strong problem-solving skills, particularly in high-pressure incident response scenarios, including leading root cause analysis (RCA).
• Ability to collaborate cross-functionally, communicate effectively with technical and business teams, and influence security best practices.
• Agile mindset with a continuous improvement approach to enhance threat detection, response, and security governance.

What you’ll gain:

• Competitive base salary; reviewed annually. The salary range for this position is $95,500 to $119,400
• Extended health care, dental coverage and disability coverage.
• Favorable vacation benefits - paid time off to recharge!
• RRSP with Employer contributions, and the option to contribute yourself.
• Special banking perks - including mortgage and lending products.

At Beem we are BOLD and Always Welcoming and our values are at the forefront of everything we do!

• Build Together: You are a team player who thrives on collaboration, sparks ideas, and fosters inclusivity.
• Own It: You are ready to take charge, drive change, and deliver outstanding results.
• Lead with Agility: You are a dynamic, adaptable thinker who thrives on challenge and innovation.
• Driven by Curiosity: You are eager to explore, learn, and shape the future.

Ready to join?

Visit us at www.beemcreditunion.ca to learn more about what it’s like to work for Beem Credit Union!  We sincerely thank all applicants for their interest; however, only shortlisted candidates will be contacted for an interview.

We at Beem Credit Union are committed to ensuring inclusive employment practices and an accessible business environment for our employees. We do not discriminate based on any protected attribute covered by the Human Rights Code and encourage all qualified candidates to apply. We are committed to a fair and equitable hiring process for all candidates. All applications are reviewed by a member of our team.

Beem Credit Union serves communities across many traditional Territories and Treaty areas in British Columbia. We are grateful to live and work on this land and are committed to reconciliation, decolonization, and building strong, connected relationships.