Manager, Security Incident Response

 

Permanent Full Time 

-

 

 

We are seeking an experienced Security Incident Response Manager to lead and manage our security incident response function. This role is critical to protecting our business, data, and clients by ensuring rapid, effective, and efficient responses to cybersecurity incidents and threats. The ideal candidate will have deep expertise in the incident response lifecycle, strong leadership skills, and the ability to collaborate across various departments and stakeholders.

 

As part of our Information Security team, you will manage a team of analysts, lead high-profile investigations, and develop and implement response plans for diverse security incidents. Your work will directly contribute to minimizing risks, safeguarding sensitive information, and enhancing the overall cybersecurity posture of our organization.

 

What you will do:

Incident Response Management

• Develop, lead, and oversee the end-to-end security incident response process, including preparation, detection, analysis, containment, eradication, recovery, and post-incident review.
• Act as the primary point of contact and coordinator during major security incidents, managing incident communications and escalating as needed.
• Establish and maintain incident response playbooks, procedures, and runbooks aligned with industry frameworks (NIST, ISO 27035, SANS, etc.).
• Coordinate with the Security Operations Center (SOC) team, Threat Intelligence, and Vulnerability Management to proactively detect and respond to potential threats.
• Ensure incidents are properly documented, classified, and reported, and lead root cause analysis (RCA) efforts to identify lessons learned.
• Regularly conduct tabletop exercises and simulations to assess and improve the organization’s incident response readiness.

 

Security Investigations and Threat Management

• Manage and conduct security investigations to determine the cause, scope, and impact of security breaches.
• Oversee evidence gathering to support investigations, ensuring chain of custody and compliance with legal and regulatory standards.
• Work with threat intelligence team to analyze and respond to advanced persistent threats (APTs), malware outbreaks, ransomware incidents, and other cyberattacks.
• Collaborate with external partners, law enforcement, and industry groups to stay informed of emerging threats and incorporate intelligence into incident response processes.

 

Collaboration and Stakeholder Engagement

• Act as a liaison between the Security Incident Response Team (SIRT) and business units, IT, Legal, Compliance, Risk, and external vendors.
• Work closely with internal audit, governance, and risk management teams to ensure alignment with corporate security policies and regulatory requirements.
• Communicate effectively with senior leadership during high-severity incidents, providing regular updates on impact, response activities, and mitigation plans.
• Partner with business continuity and disaster recovery teams to ensure seamless integration of incident response with overall organizational resilience.

 

Process Development and Maturity

• Continuously enhance and refine the incident response framework to align with evolving threats, business objectives, and regulatory landscapes.
• Develop and maintain comprehensive incident response policies, standards, and guidelines that address the needs of the business while aligning with global best practices.
• Establish key performance indicators (KPIs) and metrics to measure the effectiveness and efficiency of the incident response program.
• Lead initiatives to automate and optimize incident response activities through the integration of SOAR (Security Orchestration, Automation, and Response) platforms and other tools.

 

Leadership and Team Management

• Build, mentor, and manage a team of incident responders and analysts, fostering a culture of continuous learning and collaboration.
• Provide ongoing training and development for the team to ensure they are up-to-date with the latest threat landscapes, tools, and techniques.
• Foster strong relationships with third-party incident response providers to ensure additional support when required.

 

What you bring:

• Bachelor’s degree in computer science, Information Security, or a related field.
• 5+ years of experience in cybersecurity with at least 3 years in incident response or related roles.
• Demonstrated experience leading security incident response teams and managing major incidents.
• Deep understanding of incident response frameworks (NIST 800-61, ISO 27035, MITRE ATT&CK, etc.) and industry best practices.
• Strong knowledge of threat detection, digital forensics, malware analysis, network security, and endpoint security.
• Experience in handling cloud-based incidents (Azure, AWS, GCP) and familiarity with cloud security principles.
• Proficient in SIEM (Security Information and Event Management) tools, EDR/XDR platforms, and forensic tools.
• Strong project management skills and the ability to manage multiple investigations and priorities simultaneously.

• Certifications such as GCIH, GCFA, CISSP, CISM, or CRISC are highly desirable.
• Experience in the insurance or financial services sector is a strong asset.
• Familiarity with privacy regulations (GDPR, PIPEDA, CCPA) and industry compliance requirements.
• Experience working with executive leadership and Board-level communications during incidents.

• Critical thinking and problem-solving under pressure.
• Excellent communication skills with the ability to explain technical concepts to non-technical audiences.
• Strong collaboration and interpersonal skills to work effectively across teams and business units.
• Detail-oriented with a high level of integrity and professionalism.
• Reliability Status security clearance - this is a personnel security status that is required before an employee can gain access to Protected B information, assets or work sites as outlined by the Government of Canada  website

-

The base salary for this position is between  $84,900.00 - $141,400.00 annually.  This represents base salary only and does not represent other variable compensation components of our total compensation ( i.e. annual bonus, commission etc).  If you are selected to move forward in our recruitment process, your recruiter will be able to discuss additional details of our total rewards program with you.

 

Career opportunities will be open a minimum of 5 business days from the date of posting, closing dates will vary depending on the search activity. All applications received will be reviewed on a rolling basis.

 

Be your best at Canada Life- Apply today!

 

Being a part of Canada Life means you have a voice. This is a place where your unique background, perspectives and talents are valued, and shape our future success.

 

You can be your best here. You’re part of a diverse and inclusive workplace where your career and well-being are championed. You’ll have the opportunity to excel in your way, finding new and better ways to deliver exceptional customer and advisor experiences.

 

Together, as part of a great team, you’ll deliver on our shared purpose to improve the well-being of Canadians. It’s our driving force. Become part of a strong and successful company that’s trusted by millions of Canadians to do the right thing.

 

Canada Life serves the financial security needs of more than 13 million people across Canada, with additional operations in Europe and the United States. As members of the Power Financial Corporation group of companies, we’re one of Canada’s leading insurers with interests in life insurance, health insurance, investment and retirement savings. We offer a broad portfolio of financial and benefit plan solutions for individuals, families, businesses and organizations. 

 

We are committed to providing an inclusive, accessible environment, where all employees and customers feel valued, respected and supported. We are dedicated to building a workforce that reflects the diversity of the communities in which we live, and to creating an environment where every employee has the opportunity to reach their potential. 

 

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Canada Life policies. To request a reasonable accommodation in the application process, contact talentacquisitioncanada@canadalife.com.

 

Canada Life would like to thank all applicants, however only those who qualify for an interview will be contacted.

 

#LI-Hybrid