Security SOC Analyst - Remote (CA East)

Employment Hero • Remote (Toronto, ON, Canada) • 6d ago

Why This Job is Featured on The SaaS Jobs

Security operations is becoming a core SaaS competency as HR, payroll, and identity-heavy platforms consolidate more sensitive workflows into a single product. This SOC Analyst role sits at the intersection of cloud tooling, user security, and always-on service expectations, with an explicit “follow the sun” model that reflects how globally distributed SaaS products are protected in practice.

For a security professional building a SaaS career, the work maps closely to the operating rhythms of subscription software: high alert volume, repeatable triage, and continuous improvement of detection and response. The remit spans SIEM and EDR monitoring, identity and access administration across common SaaS stacks, and collaboration on automation via an “AI Analyst”, all of which builds transferable experience for security engineering, detection engineering, or broader cloud security paths.

This position is best suited to someone who prefers operational ownership and clear incident-handling workflows, and who is comfortable working independently in a remote, asynchronous environment. It will particularly fit candidates who like combining hands-on troubleshooting with process refinement, and who want their security work to connect directly to the reliability and trust expectations of a large SaaS user base.

The section above is editorial commentary from The SaaS Jobs, provided to help SaaS professionals understand the role in a broader industry context.

Job Description

Who we are

Employment Hero is on a mission to make employment easier and more valuable for everyone. Our Employment Operating System brings hiring, HR, payroll and benefits into an all-in-one solution. Since our inception in 2014, we’ve scaled to a $2 billion valuation and gained a presence in 6 countries globally. We now service over 300,000 businesses and more than 2 million employees.

The EH Way

At Employment Hero, we’re proud of our unique DNA, which we call The EH Way.

We are Mission First: Everything we do is driven by our Mission.
We are Remote First: We champion a remote environment with a preference for asynchronous communication.
We are AI First: AI is not just a tool; it’s a fundamental part of how we operate and scale.
We are Apolitical: We do not take a position on political or social topics.
We Live by Our Values: We role model our values 100% of the time.
We Expect High Performance: We set a high standard; there is no room for average performance here.

This role

As our Security SOC Analyst, you’ll be working with the wider security team to act as the front line of our security defense. You will be instrumental in protecting our community of 2 million+ users, ensuring our vector to 10 million users remains secure and unimpeded.

Your key focus areas will be:

Achieving 24/7 "Follow the Sun" coverage by bridging the gap between our teams.
Maintaining a high-velocity response rate to SOC alerts and internal security queries.
Integrating and improving our "AI Analyst" to automate manual triage.

This will include:

Triage & Incident Response: Monitoring SIEM alerts and responding to events in real-time.
Security Service Delivery: Resolving internal security tickets and troubleshooting tools like Netskope, Crowdstrike, and Abnormal Security.
AI Collaboration: Working hand-in-hand with our AI Analyst to improve its accuracy and automation capabilities.
Identity & Access Management: Configuring Google Workspace (IDP/SSO/Conditional Access) and MDMs (Intune, Jamf, Kandji).
Threat Intelligence: Monitoring dark web mentions and compromised credentials.
Vulnerability Support: Performing regular scans and providing remediation guidance.

Who you are

To thrive at Employment Hero, you’ll need to embody The EH Way—operating with focus, agility, and an obsession with impact. For this role, you’ll also bring:

A "Self-Starter" Mentality: You are a high-performer who takes initiative to investigate challenges independently before seeking guidance. You possess the technical aptitude and confidence to step into complex scenarios and deliver outsized impact as you grow into the role.
Technical Passion: You likely run personal labs, participate in CTFs/Hack The Box, or have personal AI projects.
Operational Experience: 2–3 years in a SOC, NOC, or technical Helpdesk environment.
Tooling Knowledge: Familiarity with EDR, SIEM, and Cloud Security.
Ambition: You aren't satisfied with a "passing grade"; you strive for excellence.
Reliability: The ability to own your impact in a fully remote, asynchronous environment.

What we can offer

You will work remotely, with the flexibility to own your time and impact
You will access cutting-edge tools to amplify your work, knowledge and outputs
You’ll surround yourself with ambitious, outcome-driven colleagues who challenge you to do the best work of your life
You’ll own ESOP (employee share options) in one of the world’s fastest-growing tech companies
You’ll also have access to a wide range of benefits that includes - a very generous parental leave policy, subsidised egg freezing (so you can make the choice that’s right for you, on your terms), a WFH office expense budget, and outstanding learning & development opportunities
Annual Global Gathering - so far we’ve been to Thailand, Vietnam, Bali, Dubai and are excited to meet in Gold Coast in Australia in September 2026

We’re AI-first, so you may meet some of our AI tools early in the process. They help us cut the noise, surface great talent fast and make sure every candidate gets a fair, consistent experience.

We verify candidate identity and location as part of our hiring process.

At Employment Hero, we are committed to safeguarding the privacy of your application data. To understand how we do so, you can read our Applicant Privacy Policy here employmenthero.com/legals/applicant-policy/

Employment Hero celebrates diverse perspectives and experiences, we invite people of all backgrounds and identities to apply for this position.