What you will do:
Incident Response Management
Develop, lead, and oversee the end-to-end security incident response process, including
preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
Act as the primary point of contact and coordinator during major security incidents, managing
...
incident communications and escalating as needed.
Establish and maintain incident response playbooks, procedures, and runbooks aligned with
industry frameworks (NIST, ISO 27035, SANS, etc.).
Coordinate with the Security Operations Center (SOC) team, Threat Intelligence, and
Vulnerability Management to proactively detect and respond to potential threats.
Ensure incidents are properly documented, classified, and reported, and lead root cause analysis
(RCA) efforts to identify lessons learned.
Regularly conduct tabletop exercises and simulations to assess and improve the organization’s
incident response readiness.
Advantages
Process Development and Maturity
Continuously enhance and refine the incident response framework to align with evolving threats,
business objectives, and regulatory landscapes.
Develop and maintain comprehensive incident response policies, standards, and guidelines that
address the needs of the business while aligning with global best practices.
Establish key performance indicators (KPIs) and metrics to measure the effectiveness and
efficiency of the incident response program.
Lead initiatives to automate and optimize incident response activities through the integration of
SOAR (Security Orchestration, Automation, and Response) platforms and other tools.
Responsibilities
Leadership and Team Management
Build, mentor, and manage a team of incident responders and analysts, fostering a culture of
continuous learning and collaboration.
Provide ongoing training and development for the team to ensure they are up-to-date with the
latest threat landscapes, tools, and techniques.
Foster strong relationships with third-party incident response providers to ensure additional
support when required.
Security Investigations and Threat Management
Manage and conduct security investigations to determine the cause, scope, and impact of
security breaches.
Oversee evidence gathering to support investigations, ensuring chain of custody and compliance
with legal and regulatory standards.
Work with threat intelligence team to analyze and respond to advanced persistent threats (APTs),
malware outbreaks, ransomware incidents, and other cyberattacks.
Collaborate with external partners, law enforcement, and industry groups to stay informed of
emerging threats and incorporate intelligence into incident response processes.
Qualifications
What you bring:
Bachelor’s degree in computer science, Information Security, or a related field.
5+ years of experience in cybersecurity with at least 3 years in incident response or related roles.
Demonstrated experience leading security incident response teams and managing major
incidents.
Deep understanding of incident response frameworks (NIST 800-61, ISO 27035, MITRE
ATT&CK, etc.) and industry best practices.
Strong knowledge of threat detection, digital forensics, malware analysis, network security, and
endpoint security.
Experience in handling cloud-based incidents (Azure, AWS, GCP) and familiarity with cloud
security principles.
Proficient in SIEM (Security Information and Event Management) tools, EDR/XDR platforms, and
forensic tools.
Strong project management skills and the ability to manage multiple investigations and priorities
simultaneously.
Certifications such as GCIH, GCFA, CISSP, CISM, or CRISC are highly desirable.
Experience in the insurance or financial services sector is a strong asset.
Familiarity with privacy regulations (GDPR, PIPEDA, CCPA) and industry compliance
requirements.
Experience working with executive leadership and Board-level communications during incidents.
Critical thinking and problem-solving under pressure.
Excellent communication skills with the ability to explain technical concepts to non-technical
audiences.
Strong collaboration and interpersonal skills to work effectively across teams and business units.
Detail-oriented with a high level of integrity and professionalism.
Reliability Status security clearance - this is a personnel security status that is required before an
employee can gain access to Protected B information, assets or work sites as outlined by the
Government of Canada website
Summary
Collaboration and Stakeholder Engagement
Act as a liaison between the Security Incident Response Team (SIRT) and business units, IT,
Legal, Compliance, Risk, and external vendors.
Work closely with internal audit, governance, and risk management teams to ensure alignment
with corporate security policies and regulatory requirements.
Communicate effectively with senior leadership during high-severity incidents, providing regular
updates on impact, response activities, and mitigation plans.
Partner with business continuity and disaster recovery teams to ensure seamless integration of
incident response with overall organizational resilience.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
What you will do:
Incident Response Management
Develop, lead, and oversee the end-to-end security incident response process, including
preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
Act as the primary point of contact and coordinator during major security incidents, managing
incident communications and escalating as needed.
Establish and maintain incident response playbooks, procedures, and runbooks aligned with
industry frameworks (NIST, ISO 27035, SANS, etc.).
Coordinate with the Security Operations Center (SOC) team, Threat Intelligence, and
Vulnerability Management to proactively detect and respond to potential threats.
Ensure incidents are properly documented, classified, and reported, and lead root cause analysis
(RCA) efforts to identify lessons learned.
Regularly conduct tabletop exercises and simulations to assess and improve the organization’s
incident response readiness.
Advantages
Process Development and Maturity
Continuously enhance and refine the incident response framework to align with evolving threats,
business objectives, and regulatory landscapes.
...
Develop and maintain comprehensive incident response policies, standards, and guidelines that
address the needs of the business while aligning with global best practices.
Establish key performance indicators (KPIs) and metrics to measure the effectiveness and
efficiency of the incident response program.
Lead initiatives to automate and optimize incident response activities through the integration of
SOAR (Security Orchestration, Automation, and Response) platforms and other tools.
Responsibilities
Leadership and Team Management
Build, mentor, and manage a team of incident responders and analysts, fostering a culture of
continuous learning and collaboration.
Provide ongoing training and development for the team to ensure they are up-to-date with the
latest threat landscapes, tools, and techniques.
Foster strong relationships with third-party incident response providers to ensure additional
support when required.
Security Investigations and Threat Management
Manage and conduct security investigations to determine the cause, scope, and impact of
security breaches.
Oversee evidence gathering to support investigations, ensuring chain of custody and compliance
with legal and regulatory standards.
Work with threat intelligence team to analyze and respond to advanced persistent threats (APTs),
malware outbreaks, ransomware incidents, and other cyberattacks.
Collaborate with external partners, law enforcement, and industry groups to stay informed of
emerging threats and incorporate intelligence into incident response processes.
Qualifications
What you bring:
Bachelor’s degree in computer science, Information Security, or a related field.
5+ years of experience in cybersecurity with at least 3 years in incident response or related roles.
Demonstrated experience leading security incident response teams and managing major
incidents.
Deep understanding of incident response frameworks (NIST 800-61, ISO 27035, MITRE
ATT&CK, etc.) and industry best practices.
Strong knowledge of threat detection, digital forensics, malware analysis, network security, and
endpoint security.
Experience in handling cloud-based incidents (Azure, AWS, GCP) and familiarity with cloud
security principles.
Proficient in SIEM (Security Information and Event Management) tools, EDR/XDR platforms, and
forensic tools.
Strong project management skills and the ability to manage multiple investigations and priorities
simultaneously.
Certifications such as GCIH, GCFA, CISSP, CISM, or CRISC are highly desirable.
Experience in the insurance or financial services sector is a strong asset.
Familiarity with privacy regulations (GDPR, PIPEDA, CCPA) and industry compliance
requirements.
Experience working with executive leadership and Board-level communications during incidents.
Critical thinking and problem-solving under pressure.
Excellent communication skills with the ability to explain technical concepts to non-technical
audiences.
Strong collaboration and interpersonal skills to work effectively across teams and business units.
Detail-oriented with a high level of integrity and professionalism.
Reliability Status security clearance - this is a personnel security status that is required before an
employee can gain access to Protected B information, assets or work sites as outlined by the
Government of Canada website
Summary
Collaboration and Stakeholder Engagement
Act as a liaison between the Security Incident Response Team (SIRT) and business units, IT,
Legal, Compliance, Risk, and external vendors.
Work closely with internal audit, governance, and risk management teams to ensure alignment
with corporate security policies and regulatory requirements.
Communicate effectively with senior leadership during high-severity incidents, providing regular
updates on impact, response activities, and mitigation plans.
Partner with business continuity and disaster recovery teams to ensure seamless integration of
incident response with overall organizational resilience.
Randstad Canada is committed to fostering a workforce reflective of all peoples of Canada. As a result, we are committed to developing and implementing strategies to increase the equity, diversity and inclusion within the workplace by examining our internal policies, practices, and systems throughout the entire lifecycle of our workforce, including its recruitment, retention and advancement for all employees. In addition to our deep commitment to respecting human rights, we are dedicated to positive actions to affect change to ensure everyone has full participation in the workforce free from any barriers, systemic or otherwise, especially equity-seeking groups who are usually underrepresented in Canada's workforce, including those who identify as women or non-binary/gender non-conforming; Indigenous or Aboriginal Peoples; persons with disabilities (visible or invisible) and; members of visible minorities, racialized groups and the LGBTQ2+ community.
Randstad Canada is committed to creating and maintaining an inclusive and accessible workplace for all its candidates and employees by supporting their accessibility and accommodation needs throughout the employment lifecycle. We ask that all job applications please identify any accommodation requirements by sending an email to accessibility@randstad.ca to ensure their ability to fully participate in the interview process.
show more
