Details

Posted: 12-Jan-26

Location: Toronto, Ontario, Canada

Type: Full Time

Salary: $85,600 - $135,600

Categories:

Cybersecurity

Currency:

Canada, Dollar (CAD)

Region:

Canada

Salary Details:

The expected compensation for this role is an annualized base salary in the range of $85,600 to $135,600.This range reflects the expected range for new hire base salaries and is subject to change and may be modified in the future. You may also be eligible for a variable incentive depending on organizational, divisional and personal performance. The final total compensation offered will vary depending on your skills, experience and other factors.

Required Education:

4 Year Degree/Bachelor Degree

Additional Information:

Hybrid/Remote is allowed.

Certifications:

CISM
CISM - Certified Information Security Manager

THE ROLE

The Manager, Cybersecurity Operations is responsible for managing day-to-day security operations, ensuring continuous protection of enterprise information assets. This role oversees security monitoring, incident response, threat intelligence, and operational technology/process governance to maintain a resilient security posture.

This role reports to the Senior Director of Cybersecurity within the Technology Data and Delivery team.

This role is based in downtown Toronto in a hybrid work environment, allowing employees the flexibility to work remotely and in-office (minimum two days per week in-office). 

Working Conditions: This role may require after-hours response during major incidents and coordination with third-party providers, regulators, and external investigators.

This posting is for a existing vacancy.

KEY RESPONSIBILITIES

Security Operations Center (SOC) Leadership

• Oversee the MSSP 24/7/365 monitoring capabilities, including the MSSP relationship.
• Work with the MSSP to define and maintain SOC playbooks, runbooks, and triage procedures.
• Collaborate with Technology Operations and Service Management on continual improvement activities.
• Ensure tuning and optimization of SIEM, SOAR, and threat-detection platforms.
• Enforce SLA’s, KPI’s and other OLA’s (e.g., MTTD, MTTR, alert quality etc.).
• Drive continuous improvement and remediate persistent service gaps.
• Oversee the optimization of security tools (SIEM, EDR, email security, DLP Policies etc.).
• Supervise forensic investigations and root cause analysis.

Incident Response & Crisis Management

• With MSSP and MSP, lead containment, eradication, recovery, and post-incident reviews for cybersecurity events.
• Maintain and improve the Cyber Incident Response Plan, communication protocols, and escalation workflows.
• Coordinate closely with the members of the CISRP, other key internal stakeholders and external parties such as forensics partners, law enforcement, etc.
• Ensure after-action reporting, root-cause analysis, and lessons-learned processes are executed consistently.

Threat Intelligence & Threat Hunting

• Manage threat-intelligence sources and integrate intelligence into detection and response workflows.
• Oversee proactive threat-hunting operations aligned with the organization’s threat profile.
• Produce executive-level threat briefings and strategic insights.

Policy, Standards, and Compliance Support

• Ensure appropriate policies and standards are in place.
• Support audits (internal/external), penetration tests, or other compliance initiatives.
• Provide evidence and reporting related to SOC operations.
• Ensure Cybersecurity Operations align with the NIST Cybersecurity Framework.
• Support ongoing cybersecurity risk posture reviews

Reporting & Metrics

• Produce operational dashboards, KPI/KRI reporting, and executive summaries.
• Track SOC performance, incident trends, threat landscape changes, and maturity metrics.
• Use data-driven insights to guide improvements and decisions.

Strategic Initiatives

• Work with the broader cyber team to drive annual strategic planning and project initiatives as required.

QUALIFICATIONS & EXPERIENCE

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related discipline.
• 7–10+ years of experience in cybersecurity, with at least 3–5 years in operational leadership roles.
• Demonstrated experience managing SOC teams, incident response programs, or MSSP operations.
• Expert knowledge of SIEM, SOAR, EDR/XDR, IDS/IPS, vulnerability management, and cloud security platforms.
• Familiarity with cloud environments (Azure, GCP) and associated security controls.
• Experience with penetration testing, threat risk analysis and threat-hunting methodologies.
• Willingness and demonstrated ability to adopt and effectively use AI tools such as Microsoft Copilot and ChatGPT
• CISSP and/or CISM are considered assets but are not required.
• ITIL certification is an asset for operational governance.

ATTRIBUTES

• Strategic and analytical thinker with ability to manage complex operational environments.
• Excellent communicator capable of delivering high-quality briefings to senior leadership. 
• Strong crisis-management skills and calm decision-making under pressure.
• Ability to build collaborative relationships across the Technology teams, and other business partners.
• Demonstrated leadership in maturing operational processes and driving continuous improvement.