Cybersecurity Incident Responder

Location: Markham, ON (Hybrid Work Environment)

3 days per week in office

Contract - 6 months, starting July 2025

We're looking for a skilled and proactive cybersecurity professional to join our Cybersecurity Operations team. This role is ideal for someone with hands-on experience managing high-severity (Tier 3) security incidents and a strong background in using advanced incident response tools. The position also involves supporting investigations into internal fraud and financial crimes that involve digital elements. Participation in a rotating on-call schedule is required to ensure rapid response around the clock.

Key Responsibilities

• Lead the response to complex cybersecurity incidents and deliver clear, concise reports to leadership and stakeholders.
• Evaluate and respond to escalated alerts from external security service providers, determining the scope, impact, and appropriate containment and recovery actions.
• Optimize and maintain incident response platforms such as EDR, SIEM, and SOAR by refining configurations and improving detection capabilities.
• Perform deep-dive technical investigations to uncover root causes, attack vectors, and adversary tactics and techniques.
• Remain vigilant during shifts and on-call periods to ensure timely and effective incident handling.
• Collaborate with internal departments such as Privacy, Risk, and Financial Crime to support broader investigations involving cyber threats.
• Adapt quickly to evolving threats and a fast-paced operational environment.

What You Bring

• Minimum of 2 years of direct experience in cybersecurity incident response, ideally within a large enterprise or financial services setting.
• Strong technical foundation in network security, threat analysis, and vulnerability management.
• Proven ability to assess and triage security alerts, determine business impact, and implement effective containment and remediation strategies.
• Hands-on experience with EDR, SIEM, and SOAR tools, including tuning and rule development.
• Expertise in conducting forensic investigations and identifying threat actor behaviors.
• Excellent communication and collaboration skills, with the ability to manage multiple incidents simultaneously.
• Industry-recognized certifications such as CISCP, OSCP, CIH, CHFI, or equivalent (completed or in progress).
• Additional experience in threat hunting, threat intelligence, or digital forensics is a strong asset.

Education & Certifications

• A degree in Computer Science, Computer Engineering, or a related discipline is preferred.
• Cybersecurity certifications focused on incident response are highly desirable.
• Familiarity with the insurance or financial services industry is a plus.