Cybersecurity Jobs List logo

Cybersecurity Jobs List

  1. Home
  2. Jobs
  3. Canada
  4. Ontario
  5. Toronto
  6. Cybersecurity
  7. Manager, Cybersecurity Operations
CG
Canada Goosecanadagoose.com

Manager, Cybersecurity Operations

C$102K – C$141K YearlyToronto, Ontario, Canada (Hybrid)Full-time3d ago

Location:

Toronto

Address:

100 Queens Quay East Toronto, Ontario M5E 1V3 Canada

Job Title:

Manager, Cybersecurity Operations

Canada Goose isn't like anything else. We've built something great, something special - an iconic lifestyle brand with an inspirational and authentic story. At the heart of it is our promise to inspire and enable all people to thrive in the world outside. To Live in the Open. At Canada Goose, you're part of a movement that belongs to something bigger. One that seeks out the restorative power of nature and is driven by a purpose to keep the planet cold and the people on it warm. We endure any condition, observe every detail, and are building a community that believes in living bravely and coming together to support game-changing people.

Here, opportunities are everywhere - to try something new, to learn, to do meaningful and impactful work, and they're yours for the taking.

Position Overview:

The Cybersecurity Operations Manager provides tactical oversight of the organization’s defensive posture. Serving also as the primary Incident Response (IR) Commander, this position orchestrates crisis management while managing the daily cadence of the Security Operations Center (SOC) to ensure rapid detection and remediation. The role balances deep technical execution, including threat intelligence and forensic postmortems, with the professional presence required to drive cyber strategy, align with frameworks like NIST CSF and MITRE ATT&CK, and cultivate a vigilant security culture across the enterprise.

What You’ll Do

  • SOC Leadership & Performance: Oversee daily security operations and personnel, ensuring high fidelity alerting and streamlined triage processes. You will be responsible for optimizing the SIEM, EDR, and SOAR stack to significantly reduce Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) through advanced correlation rules and automated response workflows.
  • Technical Practitioner: Maintain a 'hands-on' approach to security operations, assisting the team in deep-dive analysis of complex threats and directly contributing to the engineering of our security stack.
  • Reporting & Metrics: Responsible for communicating operational health through data driven dashboards, tracking KPIs and analyst workload. As well as presenting quarterly updates to leadership.
  • IR Command: Act as the primary Incident Response Commander during critical incidents, orchestrating the full lifecycle of containment and recovery. Update robust playbooks and a comprehensive Incident Response Plan (IRP), ensuring enterprise-wide readiness through regular simulation exercises and maintaining high-clarity communication channels with response teams and key cross-functional stakeholders.
  • DevSecOps Integration: Partner with Engineering and DevOps to integrate security controls and best practices directly into CI/CD pipelines.
  • Hardening & Best Practices: Support enterprise hardening efforts by collaborating cross-functionally to define baseline security configurations and implementing industry best practices across workstations, servers, and cloud infrastructure.
  • Threat Intelligence: Ingest and analyze global threat data to lead proactive hunting and harden the perimeter against emerging TTPs.
  • User Training: Manage the delivery of a modern security awareness program and phishing simulation platform, ensuring all employees are equipped to recognize and report sophisticated social engineering threats.

Let's Talk About You

  • Education & Certification: Degree in Cybersecurity, Computer Science, or equivalent experience. Active CISSP or CISM is required. (GCIH, GCFA, or CCSP are highly valued).
  • Experience: 7+ years of progressive Cybersecurity experience, with at least 3+ years of formal leadership managing a SOC or Cyber Ops team.
  • Incident Management: Expert at managing the full incident lifecycle, from initial detection through strategic remediation and post-incident reporting. Ability to lead cross-functional teams under high-pressure conditions, translating complex technical risks for non-technical stakeholders.
  • Mentorship: Ability to coach, mentor, and elevate technical talent, fostering a high-performance team culture.
  • Frameworks: Operationalizing the NIST CSF and MITRE ATT&CK frameworks to drive defensive strategy, with a working knowledge of aligning security operations to global compliance standards such as SOC2, GDPR, and ISO 27001
  • Tech Stack Expertise: Comprehensive knowledge of the Microsoft security ecosystem (M365/Azure, Microsoft Sentinel, Purview, Azure Defender). Proficiency in KQL (Kusto Query Language) and developing custom detection logic within Sentinel.

Working Conditions

  • Hybrid
  • Due to the nature of the role, you will serve as a primary escalation point for critical security events. This includes being available for on-call duties to act as the Incident Response Commander during after-hours & weekends as needed.

What’s in it For You?

  • A company built on Canadian roots and heritage

  • Your work is recognized with a comprehensive and competitive Total Rewards Program

  • Opportunities for career growth through numerous internal and external programs

  • Recognize and be recognized by your peers with our Goose Rewards & ICON Rewards

  • Be a part of CG Gives. Donation matching and paid volunteer time to help the organizations you care about

  • Access to tools and resources to support physical and mental health, embracing change and connecting with colleagues

  • Inspiring leaders and colleagues who will lift you up and help you grow

Salary Range:

$102,000.00 - $141,000.00 / year

About the salary range: We’re committed to being open and fair about pay. The range provided is intended as a guideline and does not represent a guaranteed offer. When we make an offer, we consider the responsibilities of the position, market data, and internal equity to ensure consistency across our team. Your actual offer will depend on your experience, skills, and alignment with the role.

Vacancy status: This posting represents an active vacancy for which we are currently hiring.

At Canada Goose, we believe that belonging goes beyond mere inclusion. It’s about being part of a community that values, supports, and empowers you. We thrive when we can be our authentic selves. Our community is built on empathy and the understanding that every individual’s experience is unique, and every voice is important. We also recognize that communities are ever evolving, and that our work is never done. At Canada Goose, belonging is more than just an ideal—it’s the key to unlocking our collective potential, taking us further together.

Canada Goose is an equal opportunity employer and is committed to providing employment accommodation in accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act.

There are multiple ways to interview with us! If you require any interview accommodation for your interview, please e-mail us at HR@canadagoose.com.

Categories

Cybersecurity
Security Operations
Incident Response
Information Security
Security Management

Skills

Cybersecurity
Security Operations Center (SOC)
SIEM
EDR
SOAR
Incident Response
DevSecOps
Threat Intelligence
Microsoft Sentinel
Microsoft Purview
Azure Defender
KQL
NIST CSF
MITRE ATT&CK
ISO 27001