About the Company
Act Digital is an international technology and cybersecurity consulting company supporting major organizations across digital transformation, cyber defense and security operations.
Within our cybersecurity activities, we support large enterprise and financial-sector clients on topics including:
- Detection engineering
- SOC operations
- Incident response
- Offensive security
- Purple teaming
- Threat-driven defense improvement
We are currently looking for a Detection Engineer to join a major financial-sector environment in Montreal.
About the Role
As a Detection Engineer, you will help improve and validate cybersecurity detection capabilities against modern attacker techniques.
This role combines detection engineering, purple teaming and offensive validation activities. The objective is not only to create detections, but also to continuously test and improve their effectiveness against realistic attack scenarios.
You will work closely with SOC, Incident Response and Security Engineering teams to strengthen detection coverage and defensive maturity across the environment.
Main responsibilities include:
- Reviewing and improving existing detection use cases
- Developing new detection logic and behavioral analytics
- Validating detections through offensive testing and adversary simulation
- Identifying detection gaps across endpoint, identity, network and cloud environments
- Simulating attacker techniques mapped to MITRE ATT&CK
- Improving detection quality and reducing false positives
- Supporting continuous improvement of monitoring and response capabilities
Qualifications
- 3+ years of experience in cybersecurity
- Experience in Detection Engineering, Threat Detection, SOC or Purple Teaming
- Hands-on experience with offensive security techniques or adversary simulation
- Experience working in enterprise or regulated environments
- Strong understanding of modern attack techniques and intrusion methodologies
Required Skills
- SIEM and EDR technologies
- Detection use case development and tuning
- MITRE ATT&CK framework
- Log analysis and event correlation
- Threat detection methodologies
- Offensive security fundamentals
- Scripting skills (Python, PowerShell and/or Bash)
- Windows security and Active Directory knowledge
- Strong analytical and investigation capabilities
Preferred Skills
- Experience in financial or highly regulated environments
- Experience with purple teaming or adversary simulation
- Experience with detection-as-code methodologies
- Knowledge of threat hunting methodologies
- Familiarity with Windows internals, Active Directory and cloud environments
- Knowledge of modern attack chains, lateral movement and privilege escalation techniques
