Lead, Cybersecurity Incident Response

About The Position

Requirements

• Bachelor’s degree in computer science, Information Security, or a related field.
• 5+ years of experience in cybersecurity with at least 3 years in incident response or related roles.
• Demonstrated experience leading security incident response teams and managing major incidents.
• Deep understanding of incident response frameworks (NIST 800-61, ISO 27035, MITRE ATT&CK, etc.) and industry best practices.
• Strong knowledge of threat detection, digital forensics, malware analysis, network security, and endpoint security.
• Experience in handling cloud-based incidents (Azure, AWS, GCP) and familiarity with cloud security principles.
• Proficient in SIEM (Security Information and Event Management) tools, EDR/XDR platforms, and forensic tools.
• Strong project management skills and the ability to manage multiple investigations and priorities simultaneously.

Nice To Haves

• Certifications such as GCIH, GCFA, CISSP, CISM, CCISO, or CRISC are highly desirable.
• Experience in the insurance or financial services sector is a strong asset.
• Familiarity with privacy regulations (GDPR, PIPEDA, CCPA) and industry compliance requirements.
• Experience working with executive leadership and Board-level communications during incidents.

Responsibilities

• Develop, lead, and oversee the end-to-end security incident response process, including preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
• Act as the primary point of contact and coordinator during major security incidents, managing incident communications and escalating as needed.
• Establish and maintain incident response playbooks, procedures, and runbooks aligned with industry frameworks (NIST, ISO 27035, SANS, etc.).
• Coordinate with the Security Operations Center (SOC) team, Threat Intelligence, and Vulnerability Management to proactively detect and respond to potential threats.
• Ensure incidents are properly documented, classified, and reported, and lead root cause analysis (RCA) efforts to identify lessons learned.
• Regularly conduct tabletop exercises and simulations to assess and improve the organization’s incident response readiness.
• Manage and conduct security investigations to determine the cause, scope, and impact of security breaches.
• Oversee evidence gathering to support investigations, ensuring chain of custody and compliance with legal and regulatory standards.
• Work with threat intelligence team to analyze and respond to advanced persistent threats (APTs), malware outbreaks, ransomware incidents, and other cyberattacks.
• Collaborate with external partners, law enforcement, and industry groups to stay informed of emerging threats and incorporate intelligence into incident response processes.
• Act as a liaison between the Security Incident Response Team (SIRT) and business units, IT, Legal, Compliance, Risk, and external vendors.
• Work closely with internal audit, governance, and risk management teams to ensure alignment with corporate security policies and regulatory requirements.
• Communicate effectively with senior leadership during high-severity incidents, providing regular updates on impact, response activities, and mitigation plans.
• Partner with business continuity and disaster recovery teams to ensure seamless integration of incident response with overall organizational resilience.
• Continuously enhance and refine the incident response framework to align with evolving threats, business objectives, and regulatory landscapes.
• Develop and maintain comprehensive incident response policies, standards, and guidelines that address the needs of the business while aligning with global best practices.
• Establish key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of the incident response program.
• Lead initiatives to automate and optimize incident response activities through the integration of SOAR (Security Orchestration, Automation, and Response) platforms and other tools.

Benefits

• Career Development: Opportunities for career advancement, access to industry-leading learning programs and up to $2,000 annually towards education reimbursement.
• Health & Wellness: Flexible health and dental benefits, plus a $5,000 mental health benefit to support your well-being.
• Time Off: In addition to regular vacation and personal days, we support community involvement with a volunteer day.
• Financial Security: Company-matching pension plan, share ownership program and additional investment options.
• Rewards and Recognition: Employee recognition programs, service milestone celebrations, employee discounts and more!
• Emphasis on Community: We provide a workplace where employees feel connected and supported through Employee Resource Groups (ERGs), mentorship programs, social clubs and events.