At CAAT, weâre passionate about what we do. And it shows!
Here, youâll find a cultural spark in everything we do â from the way we partner with members and employers, to the way we work, collaborate, and grow. It doesnât just feel different at CAAT. It is different. Weâre one of the fastest-growing pensions in the country for a reason. We challenge the status quo, making a real impact on the hundreds of employers we serve â from education institutions to major corporations and household brands. And weâre just getting started. Driven by core values and a shared purpose, weâre fierce champions for better retirement security, known for our can-do culture where everyone plays a role in bringing our vision to life. If this sounds like a fit, weâd love you to be a part of it.
About the Role:
We are seeking a Senior Cybersecurity Engineer â ML SecOps for our Technology \& IT Services Management team. Reporting to the Manager, Cybersecurity Operations the Senior Cybersecurity Engineer â ML SecOps provides expert technical leadership in security operations, ML-driven detection engineering, SOAR(Security Orchestration, Automation, and Response) automation, and adversarial security testing, directly supporting next-generation SOC capabilities. This role leads complex incident investigations, advanced forensics, and threat-hunting, while designing ML-enhanced detection models and automation pipelines to improve SOC efficiency. The engineer evaluates emerging AI/ML security technologies, conducts resilience testing, and supports major incident response with hands-on expertise and architectural guidance. As a technical authority within the Cybersecurity Operations team, they mentor junior staff, develop detection content, and drive continuous improvement to align ML-driven capabilities with evolving threats and regulatory standards. Their work is essential to advancing the organizationâs 24x7 SOC strategy, enabling cyber defenders to operate with greater precision and intelligence
As the Newest Member of our Team, Youâll:
Lead advanced security engineering initiatives across hybrid and cloud environments, delivering robust detections, continuous monitoring, forensics, and incident response capabilities.
Develop sophisticated AI and ML-based detections, including behavioral analytics, anomaly models, and predictive SOC monitoring frameworks for emerging threats.
Design and automate cross-platform SOAR workflows, Sentinel playbooks, enrichment pipelines, and containment logic to enhance SOC response efficiency.
Architect, optimize, and scale Microsoft Sentinel through customized KQL analytics, UEBA models, and automation to reduce false positives.
Maintain expert proficiency with EDR, SIEM, SOAR, and cloud-native tools such as CrowdStrike, Tenable, and Azure Defender.
Lead intelligence-driven, hypothesis-based, and ML-assisted threat hunting operations to uncover emerging tactics and reduce attacker dwell time.
Secure MLOps pipelines through governance controls, model validation, artifact integrity, CI/CD protection, and resilient retraining workflows.
Enhance SOC effectiveness by developing new detections, reusable content, AI-driven playbooks, and modernized response processes across all tiers.
Collaborate closely with Cloud, Identity, Data, and DevOps teams to embed detection logic and automated controls into enterprise platforms, while interacting with external vendors and Managed Security Service Providers (MSSPs).
Act as senior technical escalation point, performing in-depth analysis, forensics, and containment support during high-severity cybersecurity incidents.
To Succeed, You Bring:
Bachelor's degree in Computer Science, Cybersecurity, or related field, or equivalent hands-on experience.
A minimum of seven (70 to ten (10) years of progressive, hands-on cybersecurity experience in SOC operations, detection engineering, and incident response.
A minimum of six (6) years of applied experience with ML/AI-driven security operations, including behavioral analytics, anomaly detection, and SOAR automation.
Expert knowledge of security frameworks including MITRE ATT\&CK, NIST AI RMF, and Zero Trust architectures.
Proven ability to engineer and automate ML-augmented detection pipelines and integrate threat hunting into SOC workflows.
Deep experience securing cloud-native infrastructure (Azure/AWS/GCP) and applying security automation via Python, PowerShell, or Bash.
Hands-on experience in digital forensics (endpoint, cloud, malware) and supporting major incident response investigations.
Background in securing MLOps pipelines, ensuring governance, model integrity, and CI/CD security for AI/ML workflows.
Demonstrated ability to uplift SOC capabilities through reusable detection libraries, AI-enhanced frameworks, and mentoring junior staff.
Industry certifications (CIH, GCFA, GNFA, GCFE, GCTI, GMON, GCDA, OSCP, OSCE, OSEP, CRTO, Machine learning or cloud certifications AWS/Azure ML, TensorFlow, Google Cloud Professional ML Engineer)are preferred.
The target hiring salary for this position is $122,000 â $152,600. Placement within our salary range will be based on factors such as internal equity, market conditions, and the candidateâs experience, skills, and qualifications relevant to the role.
No artificial intelligence tools are used to screen, assess, or select applicants for this position. Artificial intelligence tools may be used to help recruiters identify potential candidates on external platforms. All hiring decisions are made by human reviewers.
At CAAT, we believe innovation, passion, and purpose are ingredients for a great work environment. Weâre incredibly proud of our people and the remarkable impact they have as catalysts for change. Weâre committed to attracting and keeping great talent, which means competitive compensation, exceptional benefits, and an environment where people can grow and thrive. When you work with CAAT, youâll enjoy:
Opportunities to Build a Better You: We never stand still. As we grow, so do you. Enjoy a place that provides endless opportunities to learn and master your skills while cultivating new ones.
Comprehensive \& Holistic Care: Be at your best with a Total Rewards program that feeds and prioritizes your physical, mental, and financial wellness. From flexible work arrangements, comprehensive benefits to wellness incentives, and a defined benefit pension plan â we have you covered.
A Place to Collaborate and Win: Weâve built a lively environment where creativity and open communication thrive. Itâs why weâre consistently recognized as one of âCanadaâs Most Admired Corporate Culturesâ, one of âGreater Torontoâs Top Employersâ, and one of the âBest Places to Workâ.
Work that Truly Matters. Youâre giving Canadians the opportunity for better retirement security, and organizations the chance to do more.
If you believe that Canadians deserve a future where a secure lifetime retirement income contributes to their financial and overall well-being, then CAAT could be the right fit for you. Start your journey with us today. Apply now.
Learn more about us by visiting www.caatpension.ca/careers
Diversity, Equity, Inclusion, and Belonging (DEIB):
DEIB at CAAT means we respect and value the broadest range of experiences, geographies, gender, ethnicities, backgrounds, and perspectives as key elements of our culture. Our vision is to provide an environment where employees can bring their best, professional, authentic, selves to work.
CAAT Pension Plan is an equal opportunity employer, and we will accommodate any needs under the Accessibility for Ontarians with Disabilities Act and the Ontario Human Rights Code. Hiring processes will be modified to remove barriers to accommodate those with disabilities, if requested. Should any applicant require accommodation through the application processes, please contact us at hr@caatpension.ca or call Human Resources at 416-673-9000 for assistance.