Cybersecurity Incident Response Team Lead

1 month ago

Greater Toronto Area, Canada Demand For HR Full time

We are seeking a Cybersecurity Incident Response Manager to join our Cybersecurity department, where you will act as a Cybersecurity Incident Response manager and advisor. This role involves managing a team of Cybersecurity analysts, liaising with various teams, business partners, and technical teams, and acting as a liaison between Global SOC, Data Loss Prevention, Compliance, Threat Intelligence, Vulnerability and Risk Management, Governance, Identity and Access Management, Systems and Network Engineering, Software Development, 3rd Party Vendors/Suppliers, HR, and Legal teams.

The ideal candidate has a broad knowledge of information security systems and solid skills in Incident Response, Networking, Programming, and System Administration. They should have a background in many domains of IT, but a strong ability and curiosity about learning and championing Cybersecurity and a passion for professional development. This role is ideal for someone who loves being Technical, but wants to take on a leadership role.

This position reports to Sr. Manager Cybersecurity Operations.

Responsibilities
  1. Managing a team of Incident responders and Threat Hunters
  2. Defining and maintaining Information Security Incident Management Process and build procedure documents for incidents handling
  3. Performing forensics investigation based on logs and other data. Validate containment and remediation measures, Perform Root Cause Analysis (RCA) as vital efficiently.
  4. Managing, maintaining and improving Incident Response capabilities to detect, proactively hunt for and respond to sophisticated cyberattacks
  5. Coordinating, monitoring, and supporting general activities related to cases, investigations and risk mitigation and analysis
  6. Coordinating, communicating, sharing information, and working closely with various business units and teams within the company
  7. Periodically conducting tabletop exercises to test the readiness of IR function
  8. Working closely with Cybersecurity Engineering team on new monitoring rules implementation, playbooks, and other manual tasks' automation proficiently
  9. Researching emerging threats to gain insight and understanding of the evolving threat landscape and its to the company
  10. Ensuring continuous improvement of the Cybersecurity posture
Qualifications
  1. 5+ years of hands-on experience in Cybersecurity, InfoSec, Security Engineering, Network Engineering with emphasis in Incident Response, Threat Hunting, and Cyber Security Operations
  2. Knowledge in some of the following Cybersecurity domains:
  3. Securing infrastructure in public clouds (AWS, Azure, GCP, etc.) Required
  4. SIEM, Log Management, Network Security & Monitoring Required
  5. SOAR and playbooks automation Required
  6. Intrusion Detection and Prevention Required
  7. Data Loss Prevention Required
  8. Endpoint detection protection and response Required
  9. Cryptographic services
  10. Computer Forensics
  11. Vulnerability Management
  12. SOAR and playbooks automation
  13. IAM/PAM
  14. Threat Intelligence and UEBA
  15. Excellent problems solving skills, ability to coordinate with different local and global teams
  16. Ability to move quickly in a fast-paced and fluid environment, as well as influence peers and partners to prioritize issues as needed
  17. High proficiency in creating and presenting incident summary reports
  18. Familiarity with security frameworks such as NIST, PCI and CIS
  19. Ability to plan, organize and prioritize tasks to complete within established time frames
  20. Ability to work independently without direct supervision, self-motivated, and meet tight timelines
  21. Outstanding technical skills, knowledge of network protocols and network communication principles, understanding of vulnerabilities and remediation techniques
  22. Excellent written, verbal, and interpersonal skills
  23. Continuous improvement demeanor
  24. Professional and courteous in all interactions
  25. Able to influence, innovate and drive Cybersecurity standard methodologies
  26. University Degree in Computer Science/Engineering, Information Security/Technology or in a related technical field
  27. At least one standard industry certification such as GSEC, CISA/CISM/ CISSP/CSCS/CEH or equivalent certifications or willingness to obtain within 12 months
  28. The role will be based out of one of our Client's offices: Markham, Toronto or Oakville.

Demand For HR is an equal opportunity Recruiting Firm. We do not discriminate against gender, race, persons with disabilities or ethnical background. We thank all applicants for your interest in the roles Demand For HR is recruiting for.

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Greater Toronto Area, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Greater Toronto Area, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Greater Toronto Area, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Team Lead

    4 weeks ago

    Old Toronto, Canada ISA Cybersecurity Inc Full time

    About the Role:The Cybersecurity Team Lead is responsible for driving excellence in customer service and technical support within ISA Cybersecurity Inc. The role oversees a dynamic team of analysts, who are on the forefront of incident response, utilizing the latest network security technology while providing Computer Network Defense and Information...

  • Cybersecurity Incident Response Manager

    2 months ago

    Greater Toronto Area, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity, Vulnerability, and Incident Analyst

    5 months ago

    Greater Toronto Area, Canada AutoTrader.ca Full time

    Summary A cybersecurity and vulnerability analyst is responsible for identifying, analyzing, and mitigating cyber threats and vulnerabilities that affect the organization's information systems and assets. The analyst also performs security audits, risk assessments, and compliance reviews to ensure that the organization follows the best practices and...

  • Cybersecurity and Incident Response Leader

    2 weeks ago

    Old Toronto, Canada Charles River Associates Full time

    Cybersecurity and Incident Response LeaderWe are seeking a seasoned Cybersecurity and Incident Response Leader to join our team at Charles River Associates. This individual will be responsible for leading security and privacy investigations, performing forensic analysis of digital information, and supervising project teams.Key ResponsibilitiesLead security...

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Toronto, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Toronto, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Incident Response Specialist

    1 month ago

    Toronto, Ontario, Canada Scotiabank Full time

    Is this role right for you?As a Cybersecurity Incident Response Specialist, you will respond to account-level attacks targeting Scotiabank’s products and digital properties in Canada, following our incident protocol, incident communication matrix, service-level commitments, and associated playbooks.You will regularly review and incorporate lessons learned...

  • Cybersecurity Manager for Incident Response

    4 weeks ago

    Toronto, Ontario, Canada Aon Full time

    Aon Cyber is a leading team in the market that offers clients a wide range of services throughout the cyber life cycle.As a Cybersecurity Manager for Incident Response, you will be responsible for managing high-profile and sophisticated cases as a first responder.You will lead your team to respond to breaches, nation-state attacks, ransomware, and reverse...

  • Cybersecurity Incident Response Manager

    4 weeks ago

    Toronto, ON, Canada Demand For HR Full time

    Our client is looking for a Cybersecurity Incident Response Manager to join and be part of their Cybersecurity department. In this role you will act as a Cybersecurity Incident Response manager and advisor. You will be joining and managing a team of Cybersecurity analysts and collaboratively act as a liaison between various teams, business partners and...

  • Cybersecurity Incident Response Leadership Role

    4 weeks ago

    Toronto, Ontario, Canada CYGNVS Full time

    Explore a career opportunity at CYGNVS, where you will contribute to our growing incident response platform serving over 2,500 organizations. We seek exceptional professionals with expertise in cybersecurity.The Cybersecurity Incident Response Leadership Role involves:Demonstrating the technical and business value of CYGNVS' solution capabilities to...

  • Principal/cybersecurity & Incident Response

    4 weeks ago

    Toronto, Canada bioStrategies Group Full time

    **About Charles River Associates** CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations. Our two main services -...

  • Principal/cybersecurity & Incident Response

    4 weeks ago

    Toronto, Canada Charles River Associates Full time

    **About Charles River Associates** CRA is a leading global consulting firm that provides independent economic and financial analysis behind litigation matters, guides businesses through critical strategy and operational issues to become more profitable, and advises governments on the economic impact of policies and regulations. Our two main services -...

  • Marketing Coordinator Co-op

    1 month ago

    Toronto, Canada ISA Cybersecurity Full time

    **Job Purpose**: **About Us**: We are proud to be recognized as a top employer for multiple years in a row, we currently hold the distinctions of Canada’s Top Small and Medium Employers 2024, Greater Toronto’s Top Employers 2024 and are Certified Great Place to Work 2024-2025. At ISA Cybersecurity, our mission is to help clients achieve their privacy...

  • Cybersecurity Threat Manager for Financial Institution

    2 weeks ago

    Greater Toronto Area, Canada Intercast Full time

    At Intercast, we're seeking an experienced Cybersecurity Threat Manager to lead and manage our Security Operations team. This role is a key part of helping our financial industry clients strengthen their security posture.About the RoleThe ideal candidate will have expertise in directing Threat and Vulnerability Management programs, conducting...

  • Lead, Cybersecurity Programs

    3 months ago

    Toronto, Canada Porter Airlines Inc. Full time

    Job Summary: Reporting directly to the Director, Cybersecurity, the Lead, Cybersecurity Programs at Porter is tasked with validating and implementing the controls used to secure the company's digital frontier. This role encompasses working within and enforcing a comprehensive cybersecurity strategy, anchored in the rigorous standards set by the NIST...

  • Lead, Cybersecurity Programs

    3 months ago

    Toronto, Canada Porter Airlines Full time

    Job Summary Reporting directly to the Director, Cybersecurity, the Lead, Cybersecurity Programs at Porter is tasked with validating and implementing the controls used to secure the company's digital frontier. This role encompasses working within and enforcing a comprehensive cybersecurity strategy, anchored in the rigorous standards set by the NIST...

  • Cybersecurity Expert

    2 weeks ago

    Old Toronto, Canada TD Full time

    About the RoleWe are seeking a highly skilled Cybersecurity Expert to join our team in Digital Forensics and Incident Response. In this critical role, you will be responsible for leading the investigation of complex cyber incidents, analyzing digital evidence, and providing expert advice to stakeholders.ResponsibilitiesLead digital forensic investigations,...