Cybersecurity Detection Engineer – Purple Team

About the role

Act Digital is seeking a Cybersecurity Detection Engineer to strengthen detection capabilities for a major financial‑sector client in Montreal. You will combine detection engineering, purple‑team activities and offensive validation to ensure defenses are effective against modern attacker techniques.

Key responsibilities

• Review, tune and expand existing detection use cases across endpoint, identity, network and cloud environments.
• Develop new detection logic and behavioral analytics using SIEM and EDR platforms.
• Validate detections through adversary simulations mapped to the MITRE ATT&CK framework.
• Identify detection gaps and reduce false positives.
• Collaborate with SOC, Incident Response and Security Engineering teams to improve overall defensive maturity.

Required profile

• 3+ years of experience in cybersecurity, preferably in detection engineering, SOC or purple‑team roles.
• Hands‑on experience with offensive security techniques or adversary simulation.
• Background working in enterprise or regulated environments, such as the financial sector.
• Strong analytical and investigative capabilities.

Required skills

• SIEM and EDR technologies.
• Detection use case development and tuning.
• MITRE ATT&CK framework knowledge.
• Log analysis and event correlation.
• Threat detection methodologies.
• Offensive security fundamentals.
• Scripting in Python, PowerShell and/or Bash.
• Windows security and Active Directory expertise.