Information Security Manager

OverviewInformation Security Manager (Incident Response) at Celestica. The Cybersecurity Manager specializes in Incident Response and Forensics, focusing on advanced cyber threats, attacker methodologies, and security technologies to identify and neutralize complex threats within the enterprise. This role requires a strong understanding of security best practices, excellent analytical and problem-solving skills, and the ability to work independently and within a team. The Senior Cybersecurity Specialist helps protect the organization\'s digital assets and maintain a robust security posture.ResponsibilitiesPerforms strategic assessments to understand current capabilities and future security needs; identifies business security risks and defines risk-mitigating controls and technologies.Takes a primary role in investigating and responding to complex security incidents identified through threat-hunting activities, including containment, eradication, and recovery.Presents incident details and findings to senior management.Based on threat-hunting insights, recommends and drives the implementation of new or enhanced security controls and technologies.Provides technical leadership, guidance, and mentorship to junior threat hunters.Defines scope, objectives, and methodologies for threat-hunting engagements; oversees planning, execution, and reporting of threat-hunting activities.Identifies new approaches for implementing and managing security activities; provides security consultation and implements controls to minimize risk of revenue loss or other business impact from attacks or data issues.Maintains relationships with Information Security associations and forums to stay updated on technology and process advancements; evaluates their impact on the CLS architecture.Provides tier-3 SME escalation support to the Service Desk for information security issues, including maintaining history, adjustments, statistics, and performance metrics.Ensures projects are selected based on key criteria within resource and budget constraints; may request funding for larger projects and present improvements to senior management for approval.Prepares clear reports and presentations for technical and non-technical audiences that summarize threat-hunting activities, findings, and recommendations.Offers strategic input for the security roadmap, informed by threat-hunting insights and evolving threat landscape.Knowledge, Skills & CompetenciesKnowledge of operating systems (Windows, Unix, macOS), endpoint detection and response (EDR), antivirus, and how threats manifest on endpoints; understanding of system logs, processes, and file system activities.Proficiency with SIEM tools (e.g., Sumo Logic, Microsoft Sentinel) to aggregate, correlate, and analyze security logs and events.Scripting knowledge (e.g., Python, Bash, Ruby).Strong understanding of cloud security concepts and platforms (AWS, Azure, GCP).Experience in risk and compliance management and process development in IT and security.Advanced knowledge of risk mitigation and business controls.Excellent communication and business writing skills; ability to develop executive-level presentations and strategies with process diagrams.Excellent problem resolution and creative problem-solving skills.Excellent project management skills and knowledge of change management processes.Strong customer management skills; ability to articulate IT\'s role in enhancing customers’ activities.Physical DemandsDuties are performed in a normal office environment.Extended periods of sitting and concentration on a computer; repetitive manual movements may be required.Occasional on-call availability and response to security incidents outside normal hours.Typical Experience10+ years in cybersecurity with a focus on threat hunting, incident response for advanced threats, security operations, and digital forensics.Demonstrated technical leadership and strategic thinking in security roles.Extensive experience leading and managing complex security investigations and threat-hunting engagements.Typical EducationBachelor\'s Degree in Computer Science, Information Security, or a related field.Must have at least 2 of the following certifications: CompTIA Security+, CySA+, CASP+, GIAC GCIH, GIAC GCFA.Educational requirements may vary by geography.NotesThis job description is not exhaustive; duties may change. Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, protected veteran status, or any other protected category under applicable laws. Special arrangements can be made for candidates who need it during the hiring process. Indicate your needs and we will work with you.Company OverviewCelestica (NYSE, TSX: CLS) enables the world’s best brands. We partner with leading companies across various industries to deliver solutions from design to after-market services. Headquartered in Toronto, Celestica has 40+ locations in 13 countries. We are committed to fostering an inclusive, accessible environment. #J-18808-Ljbffr