Lead, Security Operation

Position SummaryThe Lead, Security Operations is a hands‑on security leadership role responsible for overseeing the day-to-day operation and continuous improvement of the organization’s security posture. Operating within a small internal team and in partnership with outsourced SOC and security service providers, this role provides internal leadership, coordination, and subject-matter expertise across security monitoring, incident response oversight, vendor management, security tooling, internal processes, and staff awareness. This individual acts as the primary internal point of contact for operational security matters, ensuring that threats are monitored, policies are enforced, and the business receives responsive, knowledgeable support on security-related questions and initiatives.
Key Responsibilities Security Operations & Monitoring

• Oversee day-to-day security operations across the organization, coordinating closely with outsourced SOC and incident response partners.
• Review SOC alerts, escalations, and incident reports to ensure timeliness, accuracy, and appropriate remediation.
• Maintain and tune SIEM, EDR, vulnerability management, and other security tools to ensure optimal coverage.
• Track and report on security KPIs, operational metrics, and incident trends.

Incident Response Oversight

• Serve as the primary internal escalation point for security incidents.
• Coordinate and direct third-party incident responders and forensic teams when required.
• Lead internal response activities including communication, containment, eradication, and recovery efforts.
• Conduct post-incident reviews and ensure lessons learned are integrated into processes and tooling.

Vendor & Partner Management

• Manage relationships with external SOC, MSSP, and security product vendors.
• Evaluate vendor performance, SLAs, and contract deliverables.
• Participate in vendor selection, onboarding, and periodic performance reviews.
• Ensure synergy and alignment between internal processes and external service delivery.

Security Tooling & Technology Management

• Work closely in collaboration with Internal IT teams to administer security tools including SIEM, EDR, PAM, vulnerability scanners, identity security tools, and others as applicable.
• Identify and recommend improvements to the security technology stack.
• Work in collaboration with IT departments to ensure tools are deployed, maintained, patched, and configured in accordance with best practices.

Internal Processes, Policy Enforcement & Governance

• Develop, maintain, and improve security operational procedures (SOPs, playbooks, workflows).
• Support enforcement and adoption of corporate security policies and standards.
• Collaborate with Compliance to align operations with regulatory and audit requirements.
• Conduct internal security reviews, risk assessments, and gap analyses.

Security Awareness & Training

• Coordinate security awareness programs with other people leaders within the organization.
• Track training participation, evaluate program effectiveness, and recommend improvements.
• Provide guidance and coaching to employees on secure practices.

Internal Support & Business Partnering

• Act as the primary point of contact for internal teams seeking guidance on security processes, tools, or best practices.
• Participate in project reviews to ensure appropriate security considerations are integrated early.
• Provide consultancy to IT, DevOps, Cloud, and business units on operational security matters.

People Leadership (if applicable)

• Provide leadership and mentorship to the Security Operations Analyst.
• Help define roles, responsibilities, and growth paths within a small operational security function.
• Foster a culture of accountability, continuous improvement, and operational excellence.

Qualifications Required

• 5–8+ years of security operations experience (SOC, incident response, blue team, security engineering, etc.).
• Strong understanding of security monitoring, detection engineering concepts, and security tooling.
• Hands-on experience with SIEMs, EDR platforms, identity security, and vulnerability management tools.
• Demonstrated ability to manage vendor relationships and outsourced SOC or MSSP providers.
• Experience handling and coordinating security incidents in partnership with internal and external stakeholders.
• Strong communication skills with the ability to translate technical topics for non-technical audiences.
• Knowledge and experience of industry audits and certifications (SOC2, ISO27001, PCI)
• Ability to work independently, prioritize effectively, and run a reliable operational function in a small-team environment.

Preferred

• Experience in on-premise cloud technologies (Vmware, Nutanix, Openstack)
• Familiarity with modern security frameworks (NIST CSF, CIS Controls, ISO 27001).
• Relevant industry accreditations such as CISSP, CISM, GCIH, GSOC, CompTIA Security+ or CySA+
• Experience contributing to the design of security policies and procedures.

Key Competencies

• Operational leadership: Able to own and drive security operations end-to-end.
• Collaboration: Works effectively with internal teams and external partners.
• Analytical mindset: Strong problem-solving and investigative skills.
• Adaptability: Comfortable working in a lean environment with evolving needs.
• Communication excellence: Clear, calm, and professional at all levels of the organization.

Why Join Qu

• Be part of a once-in-a-career opportunity to shape Canada’s newest independent and data sovereign data centre and cloud services platform.
• Work with a passionate leadership team committed to building a high-performing, customer-centric culture.
• Competitive compensation, benefits, and significant opportunity for career growth as the company expands its product suite.

At Qu, we are committed to building an inclusive, equitable, and accessible workplace where all employees feel respected and supported. We welcome applications from people of all backgrounds.We are also committed to providing accommodation throughout the recruitment and selection process. If you require accommodation, please let us know and we will work with you to meet your needs, in accordance with applicable human rights and accessibility legislation.