Cybersecurity
Jul 8, 2026

Cyber Security Analyst II

Req Id: 431245

 

Connection is everything. It drives us to innovate, explore, and stay close to what matters to us most. At Bell, we’re building a more connected future through world-class networks, AI-powered solutions, and digital experiences that elevate how people live, work, and play every day. 

 

We believe in empowering people. That’s why we equip our teams with cutting-edge technology, AI tools, and a collaborative environment that supports creativity and growth. Want to be part of a diverse team where your work makes a real impact? If you’re inspired by innovation that advances how people connect and transforms what’s possible, you belong on #TeamBell.

 

 

Summary

We are seeking a Cyber Security Analyst II to join a high-performing Threat Detection & Intelligence team within a large, complex enterprise environment. This role is ideal for professionals who thrive at the intersection of threat intelligence, detection engineering, and proactive cyber defense. In our Defense Centre, we don’t simply react to alerts—we analyze emerging threats, simulate adversary tactics, and engineer detection capabilities grounded in real-world attacker behavior. You will play a key role in identifying and assessing evolving threats, translating intelligence into actionable detection content, and continuously strengthening our ability to detect and respond to sophisticated cyber attacks. If you think like an adversary, challenge assumptions, and are passionate about building detection systems—not just monitoring alerts—this is an opportunity to make a meaningful impact on the security of a critical enterprise environment.

Key Responsibilities

 

Threat Intelligence & Analysis
o    Analyze and classify threat reports, campaigns, and attacker behaviors (TTPs)
o    Track and profile threat actors, motivations, and evolving tradecraft
o    Transform intelligence into operationalized detections aligned with MITRE ATT&CK
o    Validate intelligence quality, including AI-assisted outputs and datasets
o    Support investigations with adversary context, scoping, and attribution insights
o    Partner with Defence Center, IR, fraud, and engineering teams to improve response
o    Provide clear intelligence reporting to both technical and executive audiences

 

 Detection Engineering & Platform Integration
o    Support the development of value-add detections for our Defense Centre teams
o    Develop, test, and optimize detections using detection-as-code practices
o    Continuously improve detection coverage and reduce false positives
o    Build scalable detection pipelines (CI/CD, automated validation, purple teaming)
o    Design integrations across SIEM, EDR, SOAR, TIPs, and internal telemetry
o    Engineer data pipelines leveraging Kafka, Elastic, parsing, normalization, and data views
o    Develop dashboards and analytics to track threats, coverage, and detection efficacy

Critical Qualifications

•    5–8+ years in Threat Intelligence, Threat Hunting, or Advanced Cyber Security roles (large enterprise preferred)
•    Deep knowledge of MITRE ATT&CK, kill chain models, and adversary tradecraft
•    Strong hands-on experience with: SIEM analytics (Splunk, Sentinel, Elastic, etc.) and Log analysis, correlation, and detection logic development
•    Solid understanding of networking & infrastructure (TCP/IP, OSI, network telemetry, IDS/IPS)
•    Experience working with log ingestion pipelines (Kafka, Elastic), including data parsing, normalization, and enrichment
•    Scripting/automation skills (Python, PowerShell, APIs)
•    Ability to translate intelligence into detections and measurable outcomes
•    Experience leading complex investigatio

Preferred Qualifications

•    Threat Intelligence Platform (TIP) experience (IOC lifecycle, STIX/TAXII)
•    Detection engineering frameworks (Sigma, YARA) and CI/CD pipelines
•    Cloud security experience (AWS, Azure, GCP) and cloud telemetry
•    Experience with SOAR automation and playbook development
•    Exposure to AI/ML-assisted detection or intelligence workflows
•    Malware analysis, red team/purple team, or reverse engineering experience
•    Experience with dark web monitoring or adversary tracking

 

Adequate knowledge of French is required for positions in Quebec. 

 

Additional Information:

Position Type: Management 
Job Status: 
Regular - Full Time 
Job Location:
Canada : Ontario : Toronto || Canada : Ontario : Mississauga || Canada : Ontario : Ottawa || Canada : Quebec : Montreal 
Work Arrangement: Hybrid 
Application Deadline: 07/17/2026 

 

For work arrangements that are ‘Hybrid’, successful candidates must be based in Canada and report to a set Bell office for a minimum of 3 days a week.  Recognizing the importance of work-life balance, Bell offers flexibility in work hours based on the business needs.

 

Please apply directly online to be considered for this role.  Applications through email will not be accepted.

 

We know that caring for our team members is at the heart of a healthy, positive and thriving workplace. As part of our team, you’ll enjoy a comprehensive compensation package that includes a competitive salary and a wide range of benefits to support the well-being of you and your family. As soon as you join us, you'll be eligible for medical, dental, vision and mental health benefits that you can tailor to your specific needs. Plus, as a Bell team member, you'll enjoy a 35% discount on our services and access exclusive offers from our partners. 

 

At Bell, we are proud of our focus on fostering an inclusive and accessible workplace where all team members feel valued, respected, supported, and that they belong.

 

Bell is committed to clarity in our hiring process. All roles posted are opportunities we’re actively recruiting for, unless stated otherwise. We also want to make sure that everyone has an equal opportunity to join our team. We encourage individuals who may require accommodations during the hiring process to let us know. For a confidential inquiry, email your recruiter or recruitment@bell.ca to make arrangements.If you have questions or feedback regarding accessibility at Bell, we invite you to complete the Accessibility feedback form or visit our Accessibility page  for other ways to contact us.

 

Artificial intelligence may be used to assess parts of your application. Please review our privacy policy (see Phenom for details) to learn more about how we collect, use, and disclose your personal information.

 

Created: Canada, ON, Toronto

 

Bell, one of Canada's Top 100 Employers.