At Suncor, we produce and provide energy.

When you join Suncor, you become part of a company that has built a solid foundation for both business and employee success. We are a place where talented people thrive. As part of our team, you play a vital role in delivering energy we all rely on, and you'll make a meaningful impact in the communities where we live and work.

We are looking for a highly skilled SOC Analyst to join our Cyber team. You will be responsible for threat hunting, deep investigation, incident scoping, and response across Suncor’s IT and OT environments. This role bridges Tier 2 investigation and Tier 3 hunting, improving detection capability while leading complex incident response.

What we offer:

We recognize your contribution and offer a range of rewards and development opportunities designed to support your success. Benefits/perks listed below may vary depending on the nature of your employment with Suncor and the region where you work.

• Strong compensation: we offer competitive compensation, regional-based uplifts, annual bonuses, and long-term financial rewards. We also help you save for your future by offering pension programs, and savings plans with company matching

• Benefits: utilize an employee assistance program and comprehensive company-paid health, dental, and vision benefits for you and your family to support your mental, physical, and financial well-being

• Generous time-off: enjoy generous paid vacation time and personal time-off to recharge and maintain a healthy work-life balance

• Talent development programs: Internal mobility, succession planning, and employee training and development programs are just a few ways we’re dedicated to your development

Minimum requirements:

• 7+ years cybersecurity, including SOC investigation and response

• Proven experience in complex incident management and threat hunting

• Strong SIEM query and automation expertise

• Deep knowledge of attack tactics and techniques as well as experience with EDR, SIEM, identity, and network investigations

• Ability to perform forensic analysis and log correlation

Don’t have all the qualifications listed? That’s ok! Apply anyway. We acknowledge the value of transferable skills.

Responsibilities:

• Lead end-to-end incident investigations and response during cyber events by determining blast radius, root cause, and attack path

• Lead threat hunting activities by conducting hypothesis-driven investigations using threat intelligence and the MITRE ATT&CK framework, identifying threats across SIEM, SOAR, EDR, identity, and network data, and translating findings into new detections and enhanced security coverage

• Coordinate response across SOC, Infrastructure teams, IAM, and various partners

• Develop and tune SIEM/SOAR analytics rules and playbooks

• Reduce false positives and improve alert fidelity

• Enhance telemetry, logging, and investigation workflows

• Mentor Tier 2 analysts and improve investigation quality

• Partner with threat intel, vulnerability management, and partner teams

• Lead post-incident reviews and drive continuous improvement

Location and Other Key Details:

• This is an office-based role. You will work out of our Calgary head office

• Hours of work are a regular 40-hour work week, Monday to Friday, with the potential for extended work hours based on business needs

• Our engineering/professional roles follow internal compensation guidelines, and the pay band will generally be based years of experience and scope of work

Think we are a fit? Apply now!

Suncor is committed to providing equal opportunities for employment and building an inclusive, results-oriented and high-performance culture where all members of our team feel safe, valued and respected.