Remote Cybersecurity Specialist - Blue & Red Team | Canada

**Overview**

YO IT CONSULTING is recruiting for an innovative AI research lab developing cutting-edge cybersecurity AI systems. This flexible remote contractor position (full-time or part-time) seeks seasoned cybersecurity experts with comprehensive experience in both defensive and offensive security operations. You'll leverage your real-world expertise to enhance AI models focused on threat detection, incident response, and attack simulation, directly shaping how AI systems understand and respond to cybersecurity challenges.

**

Responsibilities **

*Blue Team Operations:* Examine and dissect security incidents including phishing campaigns, lateral movement, ransomware, and privilege escalation attacks. Analyze telemetry from SIEM, EDR/XDR, firewalls, cloud platforms, and identity systems. Utilize MITRE ATT&CK frameworks for adversary behavior classification.

Evaluate detection rules, alert effectiveness, and response procedures while assessing AI-generated investigations for accuracy.

*Red Team Operations:* Deconstruct attack methodologies from initial compromise through data exfiltration. Apply adversarial perspectives to identify detection vulnerabilities and bypass methods. Examine exploitation techniques and evasion tactics. Conduct attack surface evaluations and challenge AI systems with realistic adversarial scenarios.

*AI Enhancement:* Deliver detailed analytical reasoning for investigative and offensive security decisions. Pinpoint AI system limitations and recommend enhancements. Contribute to developing benchmarks for detection accuracy and attack simulation effectiveness.

**

Requirements **

Minimum 5 years cybersecurity experience as SOC Analyst (Level II/III), Incident Responder, Detection Engineer, Threat Hunter, Red Team Operator, Penetration Tester, or Security Consultant. Proven hands-on incident response experience required.

*Blue Team Expertise:* Proficiency with SIEM platforms (Splunk, Sentinel, QRadar, Elastic), EDR/XDR solutions (CrowdStrike, Defender, Carbon Black), log analysis, network traffic analysis tools, and MITRE ATT&CK mapping.

*Red Team Expertise:*

Experience with penetration testing, adversary emulation, exploitation frameworks (Metasploit, Cobalt Strike), and privilege escalation techniques.

Fluent English required. Independent contractor engagement.

Monday to Friday, 9 AM – 5 PM (full-time)