Manager, Cyber Incident Response Team

The Manager – CIRT is a key member of a fast-paced Cyber Threat Management team that is responsible for defending Canadian Tire’s technology infrastructure and assets against a complex cyber threat environment. Working independently and as part of a large Cybersecurity team, this position collaborates with both IT and business areas to ensure that Canadian Tire is best-in-class when it comes to Cybersecurity Operations.

Our Cybersecurity team plays a critical role in our evolution to connected retail, as we transform to serve customers on the platforms they want to be served. Our commitment to being a world-class digital organization involves expanding our use of cutting-edge technologies across our 13 company banners, to securely bring our digital strategy to life in-store, online, and through mobile devices. Ultimately, we’re improving customer experiences, driving traffic, and boosting loyalty from our 9 million credit card members. The payoff? We handled over 600 million website visits and securely processed over $500 million in e-commerce sales in the last year.

Canadian Tire's Cybersecurity team is a tight-knit community of architects, leaders, project managers, purveyors of governance, and integrators. We welcome members from a variety of backgrounds, with perspectives from the military and police organizations to software and product development.

What you’ll do

• Manage the crisis response during crisis situations, lead analyses, response, and mitigation activities

• Lead, mentor, and develop a team of incident responders, ensuring clear expectations, growth, and consistent execution

• Oversee the day-to-day operation of monitoring, detecting, and responding to threats

• Maintain and evolve the development of incident response playbooks, team processes, training, and tabletop exercises

• Support forensic investigations, log reviews, cloud investigations, and root-cause analysis as an escalation point

• Participate in the on-call rotation, serving as an incident manager or responder during major or complex incidents

• Develop crisis exercises and training to prepare stakeholders for their responsibilities in mitigating risks during a crisis event

• Develop and lead threat detection rules and correlations to meet the expectations of business requirements

• Lead implementation activities and capabilities for an early detection of signals and intelligence

• Track and report on incident trends, operational metrics, and program maturity

• Oversee execution across detection, triage, containment, remediation, and post-incident learning

• Communicate effectively with stakeholders at all levels during incidents and throughout follow-up reporting

• Report and present findings and recommendation to key stakeholders

What you bring

• 5+ years experience working in or leading a SOC/CIRT teams, with 2+ years as a people manager

• Familiarity with how adversaries use AI for reconnaissance, phishing, malware generation, and evasion

• Ability to identify indicators of AI‑generated attacks (e.g., synthetic phishing, automated credential‑stuffing, AI‑assisted obfuscation)

• Awareness of emerging AI‑enabled threat actor TTPs

• Ability to fulfill regular on-call responsibilities, as part of a team, for urgent incident response activities

• Experienced and subject matter expertise in building and operating threat detection and incident response process and procedures

• Experience with frameworks and taxonomies like NIST, MITRE’s ATT&CK and Cyber Kill-Chain, SANS, MITRE’s CAPEC

• Industry certifications (CISSP/GIAC suite/EC-Council) are a strong asset

• Ongoing understanding of new threat vectors and attack techniques

• Must be able to identify and understand trends; able to synthesize and translate results into actionable items

• Strong problem-solving capabilities, ability to reason logically, looking at issues from multiple perspectives at a micro and macro level

• Ability to manage competing priorities and deliver results

• Develop briefing documents for senior management as it relates to the security posture

• Experience in working in a security environment (ticket management, incident management, severity categorization, use case monitoring, etc.)

• Desire to expand knowledge area and mentor others

• May require off-hours support (as needed)

​

We’re always looking for great talent! In addition to competitive pay, we offer:

• Comprehensive benefits and retirement programs

• Performance incentives, Continuing Education Programs

• Other perks to support your well-being

• Career growth opportunities and product discounts

Our typical hiring range is between $79,000 and $131,000 per annum. Salary decisions are also dependent on other factors such as your experience, job-related knowledge, skills and competencies, market location, industry benchmarks, internal equity and other role-specific requirements. We're committed to attracting top talent. For critical roles, the compensation offering will be reviewed to ensure alignment with market rate and conditions and the unique value you bring to the role.#LI-AG2

This posting represents an existing vacancy within our organization.