21 Incident Response jobs in Toronto
Information Security Manager (Incident Response)
Toronto, Ontario
Celestica
Posted 4 days ago
Job Viewed
Job Description
Information Security Manager(Incident Response)
**Information Security Manager (Incident Response)**
Functional Area: Information Technology (ITM)
Career Stream: IT Risk & Compliance (RAC)
Role: Manager (MG2)
Job Title: Manager, Information Security 2
Job Code: MG2-ITM-SECR
Job Level: Level 10
Direct/Indirect Indicator: Indirect
**Summary**
The Cybersecurity Manager, specializing in **Incident Response and Forensics** , leverages knowledge of **advanced cyber threats** , attacker methodologies, and security technologies to proactively **identify and neutralize complex threats** within the enterprise environment. This specialist remains informed about emerging technologies and recommends strategic directions. A strong understanding of security best practices, excellent analytical and problem-solving skills, and the ability to work both independently and collaboratively within a team are essential for this role. The Senior Cybersecurity Specialist plays a crucial part in protecting our organization's digital assets and ensuring a robust security posture.
**Detailed Description**
Performs tasks such as, but not limited to, the following:
+ Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and technologies.
+ Takes a primary role in investigating and responding to complex security incidents identified through threat-hunting activities, including containment, eradication, and recovery efforts.
+ Presents incident details and findings to senior management.
+ Based on insights from threat hunting, recommends and drives the implementation of new or enhanced security controls and technologies to mitigate identified vulnerabilities and improve the organization's defense capabilities.
+ Provides technical leadership, guidance, and mentorship to junior threat hunters, fostering their professional development and enhancing the team's overall capabilities.
+ Defines the scope, objectives, and methodologies for threat-hunting engagements based on threat intelligence, business risk, and asset criticality. Oversees the planning, execution, and reporting of threat-hunting activities to ensure the efficient and effective identification of potential threats.
+ Identifies new and alternative approaches for implementing and managing security activities. Provides security consultation and implements appropriate controls to minimize the risk of potential revenue loss, missed business opportunities, or competitive disadvantages resulting from malicious attacks, accidental data corruption, or unauthorized access to sensitive company or customer information assets.
+ Maintains relationships with and consults industry-leading Information Security Associations, companies, and forums to stay updated on the latest technology and process advancements through education. Manages security trends and evaluates their effects on the CLS architecture and the security protection landscape.
+ Provides tier-three subject matter expert (SME) escalation support to the Service Desk for information security issues. This includes maintaining historical information, making adjustments, compiling statistics to enhance performance, and developing performance metrics.
+ Ensures that projects are selected based on key criteria and are diligent in selecting the most valuable projects within resource and budget constraints. Has the capability to request funding for larger projects, document the program,, and present improvements to senior management for approval.
+ Prepares clear and concise reports and presentations for both technical and non-technical audiences, including senior management, that summarize threat-hunting activities, findings, and actionable recommendations.
+ Offers strategic input for the development and maintenance of the organization's security roadmap, informed by insights gained from threat-hunting activities and the evolving threat landscape.
**Knowledge/Skills/Competencies**
+ Knowledge of operating systems (Windows, Unix, macOS), endpoint detection and response (EDR) solutions, antivirus software, and how threats manifest on endpoints is essential. This includes understanding system logs, processes, and file system activities.
+ Proficiency in using SIEM tools (e.g., Sumologic, Microsoft Sentinel) to aggregate, correlate, and analyze security logs and events from various sources is vital for identifying suspicious patterns and anomalies across the environment.
+ Sound Scripting Knowledge(eg: Python, bash, Ruby)
+ Strong understanding of cloud security concepts, platforms (AWS, Azure, GCP).
+ Experience in risk and compliance management and process development in the areas of information technology and security
+ Advanced knowledge of risk mitigation and business controls
+ Excellent communication and business writing skills, as well as the ability to develop executive-level presentations/strategies that include process diagrams and designs
+ Excellent problem resolution and creative problem-solving skills
+ Excellent project management skills and strong knowledge of change management processes
+ Strong customer management skills; ability to clearly articulate the role that IT can play in enhancing customers' activities.
**Physical Demands**
+ Duties of this position are performed in a normal office environment.
+ Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.
+ May require occasional on-call availability and response to security incidents outside of normal business hours.
**Typical Experience**
+ 10+ years of progressive experience in cybersecurity, with a significant focus on threat hunting, incident response for advanced threats, security operations, and digital forensics.
+ Demonstrated history of technical leadership and strategic thinking in security roles.
+ Extensive experience leading and managing complex security investigations and threat hunting engagements.
**Typical Education**
+ Bachelor's Degree in Computer Science, Information Security, or a related field.
+ Must have at least 2 of the below certifications:CompTIA Security+CompTIA Cybersecurity Analyst (CySA+)CompTIA Advanced Security Practitioner (CASP+)GIAC Certified Incident Handler (GCIH)GIAC Certified Forensic Analyst (GCFA)
+ Educational requirements may vary by geography.
**Notes**
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
**COMPANY OVERVIEW:**
Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.
**Information Security Manager (Incident Response)**
Functional Area: Information Technology (ITM)
Career Stream: IT Risk & Compliance (RAC)
Role: Manager (MG2)
Job Title: Manager, Information Security 2
Job Code: MG2-ITM-SECR
Job Level: Level 10
Direct/Indirect Indicator: Indirect
**Summary**
The Cybersecurity Manager, specializing in **Incident Response and Forensics** , leverages knowledge of **advanced cyber threats** , attacker methodologies, and security technologies to proactively **identify and neutralize complex threats** within the enterprise environment. This specialist remains informed about emerging technologies and recommends strategic directions. A strong understanding of security best practices, excellent analytical and problem-solving skills, and the ability to work both independently and collaboratively within a team are essential for this role. The Senior Cybersecurity Specialist plays a crucial part in protecting our organization's digital assets and ensuring a robust security posture.
**Detailed Description**
Performs tasks such as, but not limited to, the following:
+ Performs strategic assessments to understand the current capabilities and future security needs of the enterprise. Recognizes and evaluates business security risks while defining appropriate risk-mitigating controls and technologies.
+ Takes a primary role in investigating and responding to complex security incidents identified through threat-hunting activities, including containment, eradication, and recovery efforts.
+ Presents incident details and findings to senior management.
+ Based on insights from threat hunting, recommends and drives the implementation of new or enhanced security controls and technologies to mitigate identified vulnerabilities and improve the organization's defense capabilities.
+ Provides technical leadership, guidance, and mentorship to junior threat hunters, fostering their professional development and enhancing the team's overall capabilities.
+ Defines the scope, objectives, and methodologies for threat-hunting engagements based on threat intelligence, business risk, and asset criticality. Oversees the planning, execution, and reporting of threat-hunting activities to ensure the efficient and effective identification of potential threats.
+ Identifies new and alternative approaches for implementing and managing security activities. Provides security consultation and implements appropriate controls to minimize the risk of potential revenue loss, missed business opportunities, or competitive disadvantages resulting from malicious attacks, accidental data corruption, or unauthorized access to sensitive company or customer information assets.
+ Maintains relationships with and consults industry-leading Information Security Associations, companies, and forums to stay updated on the latest technology and process advancements through education. Manages security trends and evaluates their effects on the CLS architecture and the security protection landscape.
+ Provides tier-three subject matter expert (SME) escalation support to the Service Desk for information security issues. This includes maintaining historical information, making adjustments, compiling statistics to enhance performance, and developing performance metrics.
+ Ensures that projects are selected based on key criteria and are diligent in selecting the most valuable projects within resource and budget constraints. Has the capability to request funding for larger projects, document the program,, and present improvements to senior management for approval.
+ Prepares clear and concise reports and presentations for both technical and non-technical audiences, including senior management, that summarize threat-hunting activities, findings, and actionable recommendations.
+ Offers strategic input for the development and maintenance of the organization's security roadmap, informed by insights gained from threat-hunting activities and the evolving threat landscape.
**Knowledge/Skills/Competencies**
+ Knowledge of operating systems (Windows, Unix, macOS), endpoint detection and response (EDR) solutions, antivirus software, and how threats manifest on endpoints is essential. This includes understanding system logs, processes, and file system activities.
+ Proficiency in using SIEM tools (e.g., Sumologic, Microsoft Sentinel) to aggregate, correlate, and analyze security logs and events from various sources is vital for identifying suspicious patterns and anomalies across the environment.
+ Sound Scripting Knowledge(eg: Python, bash, Ruby)
+ Strong understanding of cloud security concepts, platforms (AWS, Azure, GCP).
+ Experience in risk and compliance management and process development in the areas of information technology and security
+ Advanced knowledge of risk mitigation and business controls
+ Excellent communication and business writing skills, as well as the ability to develop executive-level presentations/strategies that include process diagrams and designs
+ Excellent problem resolution and creative problem-solving skills
+ Excellent project management skills and strong knowledge of change management processes
+ Strong customer management skills; ability to clearly articulate the role that IT can play in enhancing customers' activities.
**Physical Demands**
+ Duties of this position are performed in a normal office environment.
+ Duties may require extended periods of sitting and sustained visual concentration on a computer monitor or on numbers and other detailed data. Repetitive manual movements (e.g., data entry, using a computer mouse, using a calculator, etc.) are frequently required.
+ May require occasional on-call availability and response to security incidents outside of normal business hours.
**Typical Experience**
+ 10+ years of progressive experience in cybersecurity, with a significant focus on threat hunting, incident response for advanced threats, security operations, and digital forensics.
+ Demonstrated history of technical leadership and strategic thinking in security roles.
+ Extensive experience leading and managing complex security investigations and threat hunting engagements.
**Typical Education**
+ Bachelor's Degree in Computer Science, Information Security, or a related field.
+ Must have at least 2 of the below certifications:CompTIA Security+CompTIA Cybersecurity Analyst (CySA+)CompTIA Advanced Security Practitioner (CASP+)GIAC Certified Incident Handler (GCIH)GIAC Certified Forensic Analyst (GCFA)
+ Educational requirements may vary by geography.
**Notes**
This job description is not intended to be an exhaustive list of all duties and responsibilities of the position. Employees are held accountable for all duties of the job. Job duties and the % of time identified for any function are subject to change at any time.
Celestica is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, pregnancy, genetic information, disability, status as a protected veteran, or any other protected category under applicable federal, state, and local laws.
At Celestica we are committed to fostering an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. Special arrangements can be made for candidates who need it throughout the hiring process. Please indicate your needs and we will work with you to meet them.
**COMPANY OVERVIEW:**
Celestica (NYSE, TSX: CLS) enables the world's best brands. Through our recognized customer-centric approach, we partner with leading companies in Aerospace and Defense, Communications, Enterprise, HealthTech, Industrial, Capital Equipment and Energy to deliver solutions for their most complex challenges. As a leader in design, manufacturing, hardware platform and supply chain solutions, Celestica brings global expertise and insight at every stage of product development - from drawing board to full-scale production and after-market services for products from advanced medical devices, to highly engineered aviation systems, to next-generation hardware platform solutions for the Cloud. Headquartered in Toronto, with talented teams spanning 40+ locations in 13 countries across the Americas, Europe and Asia, we imagine, develop and deliver a better future with our customers.
Celestica would like to thank all applicants, however, only qualified applicants will be contacted.
Celestica does not accept unsolicited resumes from recruitment agencies or fee based recruitment services.
This advertiser has chosen not to accept applicants from your region.
0
Consultant - Incident Response | Remote, CAN
Toronto, Ontario
Optiv
Posted 4 days ago
Job Viewed
Job Description
_This position will be fully remote and can be hired anywhere in Canada._
An Enterprise Incident Management (EIM) Consultant is a highly skilled incident responder capable of performing complex investigations while maintaining a business focus and meeting client requirements. This position will work both independently and as part of a team to perform digital investigations including: Zero Day Exploitation, Business Email Compromise, Unauthorized Access, Sensitive Data Exposure, Insider Threat, Malware Analysis, and Threat Hunting. An EIM Consultant also contributes to the development and continuous improvement of the EIM practice through various team and industry contributions.
**How you'll make an impact:**
+ Ability to combine multiple separate findings to identify complex attacks and incidents
+ Ability to manually collect relevant data sources during an incident.
+ Ability to identify, describe and report threat vectors and forensic artifacts
+ Proficiency with commercial and open-source security tools required (EnCase, FTK, XWays, Splunk, ELK, EZ Tools etc.)
+ Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required (Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.
+ Familiarity with Endpoint Detection and Response (EDR) products, such as SentinelOne, Carbon Black, CrowdStrike, etc.
+ Passion for creating tools and automation to make common tasks more efficient preferred.
+ Knowledge of programming and scripting for development of security tools preferred.
+ Demonstrated ability to create comprehensive incident reports required.
+ Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction.
+ Ability to convey complex technical security concepts to technical and non-technical audiences including executives required.
+ Ability to work both independently as well as on teams required.
+ Willingness to collaborate and share knowledge with team members required.
+ Proven ability to review and revise reports written by peers required.
+ Demonstrated effective time management skills, ability to balance multiple projects simultaneously and the ability to take on large and complex projects with little or no supervision required.
**What we're re looking for:**
+ Bachelor's degree and approximately 2-5 years of related work experience.
+ Approximately 2-5 years of technical architecture experience
+ Prior experience performing Incident Response, including experience in Containment and Isolation, Forensics, Root Cause Analysis, and/or Elimination and Remediation to enterprise-level organizations.
+ Ability to travel 25-40% of the time to client sites.
+ This position requires the ability to respond onsite in a 24/7/365 environment; must be willing to work evening, overnight, and weekend/holiday hours
+ Preferred certifications include: GIAC Certified Forensics Examiner (GCFE), GIAC Certified Incident Handler (GCIH),EC-Council Certified Incident Handler (ECIH), and Certified Computer Forensics Examiner (CCFE)
+ #LN-GN1
**What you can expect from Optiv**
+ A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups ( .
+ Work/life balance
+ Professional training resources
+ Creative problem-solving and the ability to tackle unique, complex projects
+ Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
+ The ability and technology necessary to productively work remotely/from home (where applicable)
**EEO Statement**
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.
Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv's selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice ( . If you sign up to receive notifications of job postings, you may unsubscribe at any time.
An Enterprise Incident Management (EIM) Consultant is a highly skilled incident responder capable of performing complex investigations while maintaining a business focus and meeting client requirements. This position will work both independently and as part of a team to perform digital investigations including: Zero Day Exploitation, Business Email Compromise, Unauthorized Access, Sensitive Data Exposure, Insider Threat, Malware Analysis, and Threat Hunting. An EIM Consultant also contributes to the development and continuous improvement of the EIM practice through various team and industry contributions.
**How you'll make an impact:**
+ Ability to combine multiple separate findings to identify complex attacks and incidents
+ Ability to manually collect relevant data sources during an incident.
+ Ability to identify, describe and report threat vectors and forensic artifacts
+ Proficiency with commercial and open-source security tools required (EnCase, FTK, XWays, Splunk, ELK, EZ Tools etc.)
+ Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required (Linux, Windows, Cisco, Oracle, Active Directory, JBoss, .NET, etc.) required.
+ Familiarity with Endpoint Detection and Response (EDR) products, such as SentinelOne, Carbon Black, CrowdStrike, etc.
+ Passion for creating tools and automation to make common tasks more efficient preferred.
+ Knowledge of programming and scripting for development of security tools preferred.
+ Demonstrated ability to create comprehensive incident reports required.
+ Must be able to work well with customers and self-manage through difficult situations, focus on client satisfaction.
+ Ability to convey complex technical security concepts to technical and non-technical audiences including executives required.
+ Ability to work both independently as well as on teams required.
+ Willingness to collaborate and share knowledge with team members required.
+ Proven ability to review and revise reports written by peers required.
+ Demonstrated effective time management skills, ability to balance multiple projects simultaneously and the ability to take on large and complex projects with little or no supervision required.
**What we're re looking for:**
+ Bachelor's degree and approximately 2-5 years of related work experience.
+ Approximately 2-5 years of technical architecture experience
+ Prior experience performing Incident Response, including experience in Containment and Isolation, Forensics, Root Cause Analysis, and/or Elimination and Remediation to enterprise-level organizations.
+ Ability to travel 25-40% of the time to client sites.
+ This position requires the ability to respond onsite in a 24/7/365 environment; must be willing to work evening, overnight, and weekend/holiday hours
+ Preferred certifications include: GIAC Certified Forensics Examiner (GCFE), GIAC Certified Incident Handler (GCIH),EC-Council Certified Incident Handler (ECIH), and Certified Computer Forensics Examiner (CCFE)
+ #LN-GN1
**What you can expect from Optiv**
+ A company committed to championing Diversity, Equality, and Inclusion through our Employee Resource Groups ( .
+ Work/life balance
+ Professional training resources
+ Creative problem-solving and the ability to tackle unique, complex projects
+ Volunteer Opportunities. "Optiv Chips In" encourages employees to volunteer and engage with their teams and communities.
+ The ability and technology necessary to productively work remotely/from home (where applicable)
**EEO Statement**
Optiv is an equal opportunity employer. All qualified applicants for employment will be considered without regard to race, color, religion, sex, gender identity or expression, sexual orientation, pregnancy, age 40 and over, marital status, genetic information, national origin, status as an individual with a disability, military or veteran status, or any other basis protected by federal, state, or local law.
Optiv respects your privacy. By providing your information through this page or applying for a job at Optiv, you acknowledge that Optiv will collect, use, and process your information, which may include personal information and sensitive personal information, in connection with Optiv's selection and recruitment activities. For additional details on how Optiv uses and protects your personal information in the application process, click here to view our Applicant Privacy Notice ( . If you sign up to receive notifications of job postings, you may unsubscribe at any time.
This advertiser has chosen not to accept applicants from your region.
1
Security Analyst
Toronto, Ontario
Charter Telecom
Posted today
Job Viewed
Job Description
Job Description
Job Description
Position Title : Security Analyst
Location : Regina, SK
Overview :
Charter is currently seeking one (1) experienced Security Analyst to join our team starting October 2025. The ideal candidate will have 5+yrs of recent experience in cybersecurity and/or network security in an enterprise IT environment. Previous experience in incident response, detect, investigate, and mitigate security threats is required. Strong experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS) and utilizing security tools (i.e. SIEM: Sentinel, antivirus, vulnerability scanners). Experience in risk assessment, risk management, and implementing effective security solutions is an asset. Location: Regina, SK (Onsite). Term: 24 months. Strong possibility of extension.
Responsibilities :
- Manage and respond to security incident tickets via ServiceNow.
- Analyze the potential impact of new threats and communicate risks to relevant business units.
- Create and maintain security reports, i.e., Risk Management Decision Item (RMDI), incident reports, HR investigations, and lost/stolen reports.
- Perform root cause analysis of the incident and take prompt actions.
- Analyze cyber security incidents to solve issues and suggest improvement.
- Create detailed reports and documentation of all incidents and procedures to the stakeholders on a routine basis.
- Support the execution and monitor of phishing simulation exercises, including user targeting, response tracking, and reporting.
- Respond to and resolve Privilege Access Management (PAM) related activities and service requests within defined Service Level Agreements (SLAs).
Qualifications and Experience :
- Experience working in the IT sector within the cybersecurity or networking fields within the past five (5) years
- Experience in network security and protocols (TCP/IP, VPN, firewalls, IDS/IPS).
- Experience utilizing security tools and platforms (i.e., SIEM systems like Sentinel, antivirus, vulnerability scanners).
- Experience in operating systems and platforms (Windows, Linux).
- Experience in incident response, detect, investigate, and mitigate security threats.
- Experience in risk assessment and management techniques for evaluating risks and implementing effective security solutions.
- Experience in compliance and regulations, i.e., ISO 27001 and NIST security frameworks, privacy legislation, etc.
- Experience in scripting and automation (e.g. Python, PowerShell, Bash).
- Experience in penetration testing and ethical hacking is considered an asset.
- Education: Bachelor's Degree in a related field and active Networking/cybersecurity certifications (i.e., Network+, Security+, CISSP, CEH, GSEC) is considered an asset.
- Excellent communication (written and verbal) in English is required.
- Must be authorized to work in Canada.
Note : Must be legally eligible to work in Canada. Unfortunately, we are not able to sponsor candidates.
Our Company :
Charter is an award-winning Canadian IT Solutions and Managed Services Provider founded in 1997 in Victoria, BC, Canada. With offices nationwide, Charter offers innovative IT solutions, managed services, project delivery, and consulting. Our mission is to align people, processes, and technologies to enhance communication, boost performance, and modernize businesses. Using a business architecture methodology and human-centered design, we drive successful digital transformations, unlock new opportunities, and promote growth. We empower our clients to focus on core operations with our comprehensive support.
Let Charter drive your business outcomes Forward, Together.
This advertiser has chosen not to accept applicants from your region.
2
Information Security Analyst
Toronto, Ontario
Cognizant
Posted 11 days ago
Job Viewed
Job Description
**Job description -** **Attestation Info Security Analyst**
**Collaboration:** Work with cross functional teams to support Identity Governance solutions that integrate Provisioning, Authentication, and Authorization process.
**Incident Resolution:** Troubleshoot IAM related issues independently or collaboratively while adhering to service standards.
Assist in data cleanup and analysis to support day to day operations of IGA platform.
**Continuous Improvement:** Participate and lead initiatives that optimize IAM workflows and implementing new technologies.
Use data driven insights to recommend improvements to Identity Governance processes.
**Access Review:** Conduct periodic reviews of user access rights and permissions to ensure compliance with organizational policies.
**Reporting:** Independently resolve reporting requests by generating detailed reports on IAM metrics, including access trends, and access review decisions.
Collect, analyze, and interpret Access Management data and present information in business-friendly language.
Experience in responding to Audit and Compliance inquiries by gathering evidence to support control requirements.
**Collaboration:** Collaborate with application and business owners to reconcile roles and entitlements based on business needs.
Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
**Collaboration:** Work with cross functional teams to support Identity Governance solutions that integrate Provisioning, Authentication, and Authorization process.
**Incident Resolution:** Troubleshoot IAM related issues independently or collaboratively while adhering to service standards.
Assist in data cleanup and analysis to support day to day operations of IGA platform.
**Continuous Improvement:** Participate and lead initiatives that optimize IAM workflows and implementing new technologies.
Use data driven insights to recommend improvements to Identity Governance processes.
**Access Review:** Conduct periodic reviews of user access rights and permissions to ensure compliance with organizational policies.
**Reporting:** Independently resolve reporting requests by generating detailed reports on IAM metrics, including access trends, and access review decisions.
Collect, analyze, and interpret Access Management data and present information in business-friendly language.
Experience in responding to Audit and Compliance inquiries by gathering evidence to support control requirements.
**Collaboration:** Collaborate with application and business owners to reconcile roles and entitlements based on business needs.
Cognizant is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to sex, gender identity, sexual orientation, race, color, religion, national origin, disability, protected Veteran status, age, or any other characteristic protected by law.
This advertiser has chosen not to accept applicants from your region.
3
Security Analyst - Firewalls
Toronto, Ontario
Cypfer
Posted today
Job Viewed
Job Description
Job Description
Job Description
Salary:
About Us:
CYPFER is a true first-responder Cybersecurity organization enabling clients to return to business rapidly, the right way, following a cyber-attack. We are a global market leader in ransomware post-breach remediation and cyber-attack first response. We deliver results that far surpass market statistics for cyber-extortion and ransomware events. Our team of cybersecurity professionals works with prominent global insurance carriers, leading law firms, and Fortune 1000 businesses.
Do you enjoy cyber security research and innovation, proactive thinking and problem solving, in a challenging and adaptive environment while consistently thinking outside of the box? If so, this opportunity is right for you!
The Analyst Managed Security Services provides first-level technical client support and upholds defined service level agreements (SLA) and customer service excellence for one or more of three particular disciplines: Network Security, Information Security, and/or Endpoint Security. The Analyst focuses on developing their knowledge and technical expertise.
What you will do:
- 24x7 Support 80% job weight
o Monitors and resolves first-level security support requests. Escalates second-level support to senior team members
o Collects and disseminates information to clients during and post-incident
o Identifies, records, and escalates service performance trends, anomalies, and SLA breaches to senior leadership
o Updating the knowledge base articles
o Applies Trusted Advisor techniques to build up client trust and influence loyalty
- Professional Development 20% job weight
o Attends training sessions or shadowing activities, and obtains industry related certifications as determined by Manager
o Participate notably in assigned self-paced trainings
What we expect of you:
- Bachelor's degree (B.A./B.S.) or 3-year diploma in Engineering, Computer Science, or a Technology related field, OR
- 4 years of Information Technology experience, to include 1 year in supporting information technology/systems
- Beginner level certification in a Managed Security Services discipline is a plus, including but not limited to:
o Check Point: CCSA, Cisco; CCNA-Security (ASA-Firepower / FTD); Palo Alto: PCNSE (Prisma SASE/SD-WAN), Fortinet: FCP (previous NSE 4)
- Call handling/ticket experience is a plus
- The position is part of a 7-day per week, 24 hour per day managed services operations. To provide the required coverage, must be willing to work weekends, holidays, and overtime.
- Foster a positive team environment by being approachable and assisting teammates.
- Actively engage in coaching and continuous learning to enhance technical skills.
- Understanding of IT infrastructure and Information Systems design, including hardware, software and services used in an enterprise.
- Investigate and resolve technical issues using established procedures.
- Demonstrate strong verbal and written communication skills.
- Apply critical thinking and problem-solving abilities to address challenges.
- Manage time effectively and maintain organizational skills.
- Proficiency with productivity tools such as word processing, spreadsheet, diagram creation, presentation and email processing applications.
- Demonstrated ability to learn and adapt to new technologies and products.
- We thank you for your interest in joining the CYPFER team! While we welcome all applicants, only those who are selected for an interview will be contacted.
- CYPFER is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.
This advertiser has chosen not to accept applicants from your region.
4
Senior Information Security Analyst
Toronto, Ontario
TD Bank
Posted 10 days ago
Job Viewed
Job Description
**Work Location:**
Toronto, Ontario, Canada
**Hours:**
37.5
**Line of Business:**
Technology Solutions
**Pay Details:**
$76,800 - $115,200 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
**Job Description:**
**Job Description**
Reporting to the Senior Manager of the Enterprise Protect (EP) Technology Controls Office (TCO), the Senior Analyst will work alongside a team of strong 1B risk professionals and technology stakeholders in managing Global Security & Defense's (GSD) risk & controls portfolio. Through building strong relationships and developing a thorough understanding of the organization's objectives and strategy, the successful candidate will act as a trusted risk partner, balancing technology and business acumen to guide the teams as they navigate through complex risk domains and regulatory requirements. A key component of the role is to foster and effectively manage relationships with Risk & Control Partners and executives across all lines of defense (such as Technology & Cybersecurity, Compliance, Operational Risk, Audit).
**Responsibilities:**
+ Managing, monitoring, reporting and communication of technology and cybersecurity risks as well as regulatory, audit and self-identified issues.
+ Provide our GSD stakeholders with oversight and guidance over remediation activities for Audit, Regulatory, Operational Risk Management (ORM) issues and other tech and cyber risk issues
+ Supporting and consulting GSD stakeholders in preparation for and throughout audits and exams, and in understanding potential issues, composing management responses and appropriate remediation activities
+ Working with Internal and External Auditors, Legal & Compliance, to ensure appropriate oversight of IT and cyber risks
+ Participate in the execution of Operational Risk Management and Compliance programs involving multiple stakeholders across the organization.
+ Participate in establishing robust and flexible processes for internal and external regulatory and risk operational reporting and status reporting, including regulatory requirements across multiple jurisdictions
+ Understanding and keeping current on technology and cybersecurity trends as well as evolving audit, regulatory and compliance requirements
+ Manage stakeholder and executive relationships as they pertain to Program deliverables; influence and challenge individuals at all levels of the organization to effectively manage risk and proactively drive milestone progress and delivery dates
+ Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against TDBG's business
+ Contribute to the definition, development, and oversight of a global security management strategy and framework
**Job Requirements**
+ University Degree.
+ 5-7 years of relevant experience.
+ Excellent stakeholder management, communication (written and verbal), and organizational skills, including the ability to present topics in business terms to both technology and business staff including executives.
+ Ability and commitment to serve as a subject matter expert on business-specific, cross-functional and enterprise initiatives.
+ Agile mindset with a passion for innovation and challenging the status quo
+ Knowledge of business and technology standards.
+ Information Security Certification / Accreditation an asset.
#LI-TECH
**Who We Are:**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more ( Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
**Language Requirement (Quebec only):**
Sans Objet
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.
Toronto, Ontario, Canada
**Hours:**
37.5
**Line of Business:**
Technology Solutions
**Pay Details:**
$76,800 - $115,200 CAD
TD is committed to providing fair and equitable compensation opportunities to all colleagues. Growth opportunities and skill development are defining features of the colleague experience at TD. Our compensation policies and practices have been designed to allow colleagues to progress through the salary range over time as they progress in their role. The base pay actually offered may vary based upon the candidate's skills and experience, job-related knowledge, geographic location, and other specific business and organizational needs.
As a candidate, you are encouraged to ask compensation related questions and have an open dialogue with your recruiter who can provide you more specific details for this role.
**Job Description:**
**Job Description**
Reporting to the Senior Manager of the Enterprise Protect (EP) Technology Controls Office (TCO), the Senior Analyst will work alongside a team of strong 1B risk professionals and technology stakeholders in managing Global Security & Defense's (GSD) risk & controls portfolio. Through building strong relationships and developing a thorough understanding of the organization's objectives and strategy, the successful candidate will act as a trusted risk partner, balancing technology and business acumen to guide the teams as they navigate through complex risk domains and regulatory requirements. A key component of the role is to foster and effectively manage relationships with Risk & Control Partners and executives across all lines of defense (such as Technology & Cybersecurity, Compliance, Operational Risk, Audit).
**Responsibilities:**
+ Managing, monitoring, reporting and communication of technology and cybersecurity risks as well as regulatory, audit and self-identified issues.
+ Provide our GSD stakeholders with oversight and guidance over remediation activities for Audit, Regulatory, Operational Risk Management (ORM) issues and other tech and cyber risk issues
+ Supporting and consulting GSD stakeholders in preparation for and throughout audits and exams, and in understanding potential issues, composing management responses and appropriate remediation activities
+ Working with Internal and External Auditors, Legal & Compliance, to ensure appropriate oversight of IT and cyber risks
+ Participate in the execution of Operational Risk Management and Compliance programs involving multiple stakeholders across the organization.
+ Participate in establishing robust and flexible processes for internal and external regulatory and risk operational reporting and status reporting, including regulatory requirements across multiple jurisdictions
+ Understanding and keeping current on technology and cybersecurity trends as well as evolving audit, regulatory and compliance requirements
+ Manage stakeholder and executive relationships as they pertain to Program deliverables; influence and challenge individuals at all levels of the organization to effectively manage risk and proactively drive milestone progress and delivery dates
+ Ensure technology, processes, and governance are in place to monitor, detect, prevent, and react to both current and emerging technology / security threats against TDBG's business
+ Contribute to the definition, development, and oversight of a global security management strategy and framework
**Job Requirements**
+ University Degree.
+ 5-7 years of relevant experience.
+ Excellent stakeholder management, communication (written and verbal), and organizational skills, including the ability to present topics in business terms to both technology and business staff including executives.
+ Ability and commitment to serve as a subject matter expert on business-specific, cross-functional and enterprise initiatives.
+ Agile mindset with a passion for innovation and challenging the status quo
+ Knowledge of business and technology standards.
+ Information Security Certification / Accreditation an asset.
#LI-TECH
**Who We Are:**
TD is one of the world's leading global financial institutions and is the fifth largest bank in North America by branches/stores. Every day, we deliver legendary customer experiences to over 27 million households and businesses in Canada, the United States and around the world. More than 95,000 TD colleagues bring their skills, talent, and creativity to the Bank, those we serve, and the economies we support. We are guided by our vision to Be the Better Bank and our purpose to enrich the lives of our customers, communities and colleagues.
TD is deeply committed to being a leader in customer experience, that is why we believe that all colleagues, no matter where they work, are customer facing. As we build our business and deliver on our strategy, we are innovating to enhance the customer experience and build capabilities to shape the future of banking. Whether you've got years of banking experience or are just starting your career in financial services, we can help you realize your potential. Through regular leadership and development conversations to mentorship and training programs, we're here to support you towards your goals. As an organization, we keep growing - and so will you.
**Our Total Rewards Package**
Our Total Rewards package reflects the investments we make in our colleagues to help them and their families achieve their financial, physical, and mental well-being goals. Total Rewards at TD includes a base salary, variable compensation, and several other key plans such as health and well-being benefits, savings and retirement programs, paid time off, banking benefits and discounts, career development, and reward and recognition programs. Learn more ( Information:**
We're delighted that you're considering building a career with TD. Through regular development conversations, training programs, and a competitive benefits plan, we're committed to providing the support our colleagues need to thrive both at work and at home.
Please be advised that this job opportunity is subject to provincial regulation for employment purposes. It is imperative to acknowledge that each province or territory within the jurisdiction of Canada may have its own set of regulations, requirements.
**Colleague Development**
If you're interested in a specific career path or are looking to build certain skills, we want to help you succeed. You'll have regular career, development, and performance conversations with your manager, as well as access to an online learning platform and a variety of mentoring programs to help you unlock future opportunities. Whether you have a passion for helping customers and want to expand your experience, or you want to coach and inspire your colleagues, there are many different career paths within our organization at TD - and we're committed to helping you identify opportunities that support your goals.
**Training & Onboarding**
We will provide training and onboarding sessions to ensure that you've got everything you need to succeed in your new role.
**Interview Process**
We'll reach out to candidates of interest to schedule an interview. We do our best to communicate outcomes to all applicants by email or phone call.
**Accommodation**
Your accessibility is important to us. Please let us know if you'd like accommodations (including accessible meeting rooms, captioning for virtual interviews, etc.) to help us remove barriers so that you can participate throughout the interview process.
We look forward to hearing from you!
**Language Requirement (Quebec only):**
Sans Objet
Federal law prohibits job discrimination based on race, color, sex, sexual orientation, gender identity, national origin, religion, age, equal pay, disability and genetic information.
This advertiser has chosen not to accept applicants from your region.
5
Security Analyst - Threat Hunter
Toronto, Ontario
Cypfer
Posted today
Job Viewed
Job Description
Job Description
Job Description
Salary:
CYPFER is a true first-responder Cybersecurity organization enabling clients to return to business rapidly, the right way, following a cyber-attack. We are a global market leader in ransomware post-breach remediation and cyber-attack first response. We deliver results that far surpass market statistics for cyber-extortion and ransomware events. Our team of cybersecurity professionals works with prominent global insurance carriers, leading law firms, and Fortune 1000 businesses.
Do you enjoy cyber security research and innovation, proactive thinking and problem solving, in a challenging and adaptive environment while consistently thinking outside of the box? If so, this opportunity is right for you!
Were looking for an experienced Security Analyst -Threat Hunterto fill a technical role on the team, who is constantly thinking outside the box, ready to dive deep into the smallest details, is passionate about cybersecurity and has a natural detective sense. The right candidate has experience in both offensive and defensive operations and enjoys innovation and security research.
What will you do?
- Create detection engineering solutions to proactively identify and mitigate sophisticated threat actors (APTs/UNCs) and insider threats
- Analyze, research and reverse engineer Tactics Techniques and Procedures (TTPs) and malware samples to create detections based on industry leading frameworks such as MITRE ATT&CK
- Develop, plan, lead and participate in Purple Team Exercises focusing on and discovering and mitigating emerging threats
- Innovate and create novel solutions including User Behavior Analytics (UBA) models by leveraging Data Science and Machine Learning (ML), bringing cybersecurity and data science closer
- Collaborate and foster relationships with multiple teams including Adversary Emulation (Red Team), Data Science, Threat Intelligence, Security Operation Centre (SOC) and Digital Forensics and Incident Response (DFIR) to drive pragmatic cyber security improvement
- Work closely with our dedicated Development team to create and enhance our threat hunting in-house developed products
- Develop, implement, and refine our defensive tradecraft and tooling
- Provide bespoke advisory and consultation services to senior executive management and perform as a cyber security SME for emerging threats and investigations
- Work and utilize vast data sources, data lakes and security vendor solutions
- In conjunction with other members of the Global Security group, you would ensure the ongoing enhancement of the threat hunting methodologies and overall strategy to detect and alert of cyber threats
What do you need to succeed?
Must-have:
- 5+ years of Cyber Security operations experience preferably comprised of both defensive and offensive roles
- Familiarization with the cyber security Kill Chain phases and MITRE ATT&CK framework TTPs
- Knowledge of offensive security tools, techniques, procedures and security domains focusing on operational security
- Solid grasp of cyber security controls/products including both endpoint, network, application, and infrastructure
- Knowledge of current regional and global threat landscape
- Strong knowledge of Python
Nice-to-have:
- Hands-on experience in malware analysis, reverse engineering, and security research
- Prior experience conducting blue/purple team exercises or penetration testing
- Digital Forensics skills including memory/network/OS/disk forensics
- Defensive oriented certification such as GIAC GREM, GCFA or other reputable, technical, and defensive/offensive focused certification
- Cloud knowledge and expertise of leading cloud providers (AWS, GCP, Azure)
- Programming languages such as C++/C#/JavaScript/Assembly
- Hands-on experience working with LLM and RAG technologies
CYPFER is an equal opportunity employer. If you need any accommodations or adjustments throughout the interview process and beyond, please let us know. We celebrate our inclusive work environment and welcome members of all backgrounds and perspectives to apply.
We thank you for your interest in joining the CYPFER team! While we welcome all applicants, only those who are selected for an interview will be contacted.
This advertiser has chosen not to accept applicants from your region.
Be The First To Know
About the latest Incident response Jobs in Toronto !
6