Lead, Cybersecurity (2026-106-CS)

• Lead day-to-day SOC operations, including threat monitoring, detection, triage, and escalation.
• Coordinate incident response activities, including forensic analysis, remediation and post-incident reviews for continuous improvement and resilience.
• Maintain and optimize SIEM, EDR/MDR platforms, and threat intelligence feeds.

• Support compliance with frameworks (e.g., ISO 27001, NIST CSF, CIS Controls) including cybersecurity risk and impact assessments.
• Oversee vulnerability management and patching programs.
• Prepare reports for audits and regulatory requirements.
• Contribute to the design and enforcement of security policies, standards, and procedures across all organizational technology domains.
• Develop and implement solutions to address risks associated with agentic AI, autonomous systems, machine identities, and prevent data loss

• Drive integration of security tools (e.g. SIEM, SOAR, EDR, IAM, Intune MDM, Defender suite).
• Collaborate on Microsoft 365 security roadmap (e.g., Defender, Purview, Fabric).
• Recommend automation and AI-driven enhancements to reduce dwell time.
• Ensure robust IAM practices, including privileged access management, multi-factor authentication and other controls.

• Supervise and mentor security analysts and engineers.
• Develop and enforce security operations playbooks and standard operating procedures.
• Contribute to driving a security culture with appropriate change management and organization-wide awareness, including training for non-technical staff and volunteers.
• Ensure 24/7 coverage through internal team or MSSP partnerships.

• Act as primary contact for security incidents and escalations.
• Manage relationships with external parties such as third-party vendors, including MSSPs
• Design and implement security awareness and training plans, along with metric monitoring and compliance systems.
• Provide executive-level committee engagement and reporting on threat landscape, policies, procedures, KPIs, and security ROI.
• Partner with IT, legal, compliance, data governance, digital solutions, and business units to align security with organizational goals, including privacy.

• Bachelor’s degree in information technology, Computer Science, Cybersecurity, Engineering, or a related technical field or experience.
• 7+ years in cybersecurity roles, with at least 3+ years in a leadership capacity.
• Hands-on experience with SIEM, MDR/XDR, EDR, IAM, and cloud security platforms.
• Familiarity with PIPEDA and PHIPA regulations.

• Microsoft security stack (Defender, Intune, Purview, Fabric) are assets.
• Operating within ISO 27001, NIST CSF, CIS Controls, and related frameworks are assets.
• Working in a non-profit organization and/or social service agency is an asset.
• Experience working in the healthcare, housing, education, childcare, or financial services sectors are assets.
• CISSP, CCSP, CISM, or equivalent preferred; Microsoft Security certifications an asset.
• Strong incident response and threat hunting expertise.
• Ability to lead in a hybrid environment and manage MSSP relationships.
• Strong analytical and problem-solving abilities in a collaborative environment.
• Commitment to our social mission and values.

WoodGreen is an equal opportunity employer. We are committed to providing an inclusive and barrier-free selection process and work environment. If contacted in relation to an employment opportunity, please advise our People & Culture representatives at careers@woodgreen.org of the accommodation measures required. Information received relating to accommodation will be addressed confidentially.

This public job posting uses AI-powered tools to screen, assess, or select applicants.