Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Head of Cyber Defence & Incident Response

Full-time

Quadient



At Quadient , we support businesses of all sizes in their digital transformation and growth journey, unlocking operational efficiency with reliable, secure, and sustainable automation processes.

Our success in delivering innovation and business growth is inspired by the connections our diverse teams create every day, with our clients and each other.

It’s these connections that make Quadient such an exceptional place to grow your career, develop your skills and make a real impact – help our future-focused business lead the way in powering secure and sustainable business connections through digital and physical channels.

Job Description

  • Location: Qaudient offices, Markham Ontario, Canada or Eastern USA (EST Time zone)
  • The Head of Cyber Defence and Incident Response owns the organisation’s cyber defence capability across a hybrid environment (mix of on‑prem and cloud platforms), ensuring effective monitoring, detection, response and recovery.
  • Reports directly to the CISO and leads cyber defence operations (including the MSSP) and cybersecurity incident response across the organisation. This fits within the context of the broader organizational Crisis Management plan owned outside Technology.
  • A key focus is optimising security tooling (e.g., SIEM, SOAR, EDR/XDR, NDR, email security, vulnerability scanning) and driving strong vulnerability and threat management, using threat intelligence to prioritise defensive improvements.

Key Responsibilities

  • Own the incident response lifecycle (prepare, detect, analyse, contain, eradicate, recover), ensuring playbooks, tooling, and decision-making processes are in place and exercised.
  • Lead and coordinate response to security incidents, acting as incident commander where required, including stakeholder communications, forensic triage, and recovery coordination.
  • Manage the MSSP relationship end‑to‑end: service definition, SLAs/KPIs, escalation paths, continuous improvement plans, quality assurance, and commercial governance.
  • Optimise security monitoring and response tooling working across technology teams (e.g., SIEM, SOAR, EDR/XDR, NDR, email security) including use‑case coverage, alert quality, automation, logging strategy, and operational runbooks.
  • Own the vulnerability management programme (on‑prem and cloud), including scanning coverage, prioritisation, remediation SLAs, exception handling, verification, and executive reporting.
  • Drive threat management by operationalising threat intelligence (internal and external) into defensive priorities: detection use cases, hardening actions, control uplift and proactive hunting themes.
  • Lead continuous improvement of the defence stack: rationalise tools, tune detections, improve signal quality, reduce noise, and expand automation to accelerate triage and response.
  • Establish and run a threat hunting programme using hypothesis‑driven approaches, telemetry coverage mapping, and lessons learned from incidents and red-team activity.
  • Run regular tabletop exercises and simulations (including ransomware and cloud compromise scenarios), ensuring roles, escalation paths, and technical procedures are validated and improved.Own incident response governance: severity model, on‑call and escalation processes, evidence handling, case management, and alignment to legal/regulatory obligations.
  • Define and report cyber defence metrics (e.g., MTTD/MTTR, alert volumes and precision, incident trends, vuln remediation performance, control coverage), presenting insights and recommendations to senior leadership.
  • Lead post-incident reviews and root cause analysis, ensuring lessons learned translate into measurable improvements (detections, hardening, identity controls, backups, segmentation, and training).
  • Support business continuity and crisis management processes during cyber events, contributing to executive updates and coordinated communications with Legal/Privacy and other stakeholders.
  • Maintain and improve incident response documentation and readiness (playbooks, runbooks, contact trees), and ensure training is delivered for technical responders and business stakehol
  • Communicate cyber risk and active incidents clearly to technical and non‑technical audiences, including concise executive briefings and after‑action summaries.

Qualifications

  • Strong experience leading cyber defence/SOC and incident response, including major incident coordination, investigation, containment and recovery.
  • Hands-on understanding of detection and response tooling and concepts (SIEM, SOAR, EDR/XDR, NDR, email security, log pipelines), including tuning, use-case engineering and operational workflows.
  • Proven experience managing an MSSP or outsourced SOC capability, including SLAs/KPIs, service governance, escalations, and continuous improvement.
  • Strong experience running vulnerability management and threat management programmes, including prioritisation based on exploitability, exposure, and business impact.
  • Knowledge of incident response processes, digital forensics fundamentals, evidence handling, and working with legal/privacy and external forensic partners.
  • Experience defending hybrid environments (on‑prem and cloud), including identity signals, network telemetry, endpoint visibility, and cloud-native security monitoring.
  • Ability to operate under pressure and lead cross-functional teams through high-severity incidents, communicating clearly and making timely risk-based decisions.
  • Fluent in English – excellent written and verbal communication skills, including producing clear architecture guidance, standards, and security design documentation.

Desirable

  • Certifications such as GCIH, GCIA, GNFA, CISSP, CISM, or equivalent experience in incident response and security operations.
  • Experience with threat hunting, purple teaming, and using MITRE ATT&CK to structure detections, gaps analysis, and defensive improvements.
  • Experience with security operations in cloud platforms and common tools (e.g., Microsoft Defender, Sentinel, Splunk, CrowdStrike, Palo Alto, AWS/Azure security services) and integrating telemetry across environments.
  • Calm under pressure , able to lead effectively during incidents and make timely decisions with incomplete information.
  • Highly collaborative, able to coordinate across IT, engineering, legal/privacy, and business leaders during investigations and recovery.
  • Operationally rigorous with strong attention to detail, documentation and evidence quality (case notes, timelines, lessons learned).
  • Continuous improvement mindset—drives measurable outcomes through tooling optimisation, process refinement, and coaching teams to improve security hygiene.

Additional Information



See Full

Job description

Rewards & Benefits

  • Flexible Work: Embrace a hybrid work model blending office and remote setup for a balanced lifestyle.
  • Endless Learning: Access global opportunities for growth through our 24/7 online learning platform.
  • Inclusive Community: Join our Empowered Communities and engage in our Philanthropy program.
  • Comprehensive Rewards: Enjoy competitive Total Rewards covering wellness, work/life balance, and more, including a generous referral scheme.
  • Caring for Wellbeing: Access our complimentary employee assistance program for mental health support.

Smart Work at Quadient 
At Quadient, our Smart Work approach fosters connection, collaboration, and innovation while offering flexibility based on role requirements. Whether on-site, hybrid, or remote, our work environments are designed to support productivity and engagement. Hybrid employees balance remote and in-office work, on-site roles contribute daily to our vibrant workplace culture, and remote employees stay connected through virtual collaboration and in-person events. No matter where you work, you’ll be part of a dynamic, people-first community that drives success together. 

Be yourself at Quadient   
Our values define how we work as a team: Empowerment, Passion, Inspiration and Community. They inspire us to be EPIC. Together. What makes Quadient different is how different we are. We’re a team of individuals with one goal but many perspectives. When you connect with Quadient, you become part of a community that cares - in a culture that embraces differences and values every voice.

We will consider any reasonable modifications to the interview process. If you require any assistance with the application process, please email us at View email address on jobs.smartrecruiters.com

Quadient is an Equal Employment Opportunity Employer. *: We firmly believe in zero discrimination in employment on any basis, including race, color, religion, sex, national origin, age, disability, veteran or military status, genetic information, citizenship status, and any other characteristics protected by local, state, or federal law. 

People. Connected. 

Vacancy posted 20 days ago
Similar jobs that could be interesting for youBased on the Head of Cyber Defence & Incident Response in United States vacancy
  • About us Common Room is the customer intelligence platform that captures every buying signal, giving companies superpowers with AI enrichment and automation to reach the right person with the right context at the right time.  Despite an explosion of buyer signals, companies...
    Suggested
    Remote job
    Long term contract
    Local area
    Work from home
    Home office

    Common Room

    United States
    more than 2 months ago
  •  ...Infrastructure as Code (IaC) Strengthen observability, monitoring, and incident response practices Occasionally jump in to resolve critical...  ...Empathetic toward creators and end users Calm and clear-headed during high-traffic events or critical incidents Benefits... 
    Suggested
    Long term contract
    Full time
    Remote work
    Worldwide
    Flexible hours

    Circa Logica Group

    United States
    26 days ago
  •  ...Monarch is hiring a Senior Security Engineer, Detection and Response to join our Security team within Foundations — the first dedicated...  ...maintain detections and build alerting pipelines that feed triage and incident response Investigate and respond to security incidents... 
    Suggested
    Full time
    Internship
    Work at office
    Immediate start
    Remote work
    Work from home
    Weekend work

    Monarch Money

    United States
    13 days ago
  • $220.27k - $255.35k per year

     ...Team and Role: Quora's Security team is responsible for protecting the company's most...  ...critical assets Investigate security incidents end-to-end — including malware analysis,...  ...reconstruction — and build runbooks to scale response capabilities Partner with IT to... 
    Suggested
    Full time
    Remote work
    Monday to friday

    Quora

    United States
    16 days ago
  •  ...Manager for Observability, you will lead a team of five engineers responsible for shaping the future of visibility and efficiency at Figma....  ...systems, instrumentation best practices, SLO design, and incident response workflows ~ Experience driving cost transparency and... 
    Suggested
    Full time
    Remote work
    Work from home

    Figma

    United States
    9 days ago
  •  ...drive: Higher compliance and competency Fewer injuries and incidents Better readiness for rare/high-risk events Faster...  ...building executive conviction and site-level adoption. Key Responsibilities: Manage the full sales cycle: prospecting, discovery, solution... 
    Remote work

    CGS Immersive

    United States
    9 days ago
  •  ...browser and mobile; requires deep experience with performance testing (load, stress, endurance, interference), observability, and incident response. You’ll partner across Product, Platform, Performance Program and Product Support. Join us to keep Figma snappy quick! This is... 
    Full time
    Manual labor
    Remote work
    Work from home

    Figma

    United States
    13 days ago
  • $130k - $145k per year

     ...safeguarding systems, data, and people. In this role, your primary responsibility will be to strengthen our security posture across the...  ...play a key role in security monitoring, access management, incident response, and audit readiness, while partnering with internal teams to... 
    Remote job

    Qualified

    United States
    more than 2 months ago
  •  ...States.  What you’ll do at Figma: Lead and develop engineers responsible for Figma's core database infrastructure, including sharded...  ...and operational excellence of Figma's data tier — drive incident response, postmortem culture, and proactive investment in system resilience... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    18 days ago
  •  ...issues, and care deeply about what happens after code merges. Responsibilities Design and build multi-agent AI systems in Python that...  ...High ownership: you deploy your own code, investigate your own incidents, and close the loop between what you shipped and how it performs... 

    Telnyx

    United States
    19 days ago
  •  ...interview into a compliant, defensible decision workflow. Key Responsibilities: Manage end-to-end enterprise sales, from targeting accounts...  ...-versed in the TA/HR market, engaging buyers such as CHROs, Heads of Talent, TA Ops, HRIT, Compliance, and InfoSec professionals.... 
    Permanent employment
    Full time
    Remote work

    CGS Immersive

    United States
    3 days ago
  •  ...frameworks, programs, and incentives that drive long-term engagement and performance across our partner network. This role reports to the Head of Partnerships and is remote, with a preference for candidates based in Toronto, Los Angeles, New York, or Seattle. Some flexibility... 
    Long term contract
    Work at office
    Local area
    Immediate start
    Remote work
    Work from home
    Worldwide
    Flexible hours

    AfterShip

    United States
    16 hours ago
  • $185k - $225k per year

     ...systems that manage real capital in live crypto markets. Responsibilities Design, implement, and operate scalable distributed systems...  ..., and operational correctness. Participate in incident response, debugging production issues and driving root-cause fixes.... 
    Contract work
    Work at office
    Remote work
    Work from home

    SevenStar HR

    United States
    a month ago
  • $160k - $180k per year

     ...products and ensure they meet user needs effectively. Your Responsibilities Develop customer-focused applications by building new features...  ...sharing thoughts and input; we value open communication over a heads-down environment. Experience working with Agile... 
    Remote job
    Immediate start

    Qualified

    United States
    more than 2 months ago
  •  ...from it. At Invert, adopting AI isn’t optional — it’s a shared responsibility and a growth opportunity. We look for people who are curious, adaptable...  ...they have already participated in previous interviews). # Head of Engineering Chat: 30-minute meet-and-greet with our Head of... 
    Remote job

    Invert

    United States
    more than 2 months ago
  •  ...Debug and resolve production issues across services and multiple layers of the stack, reducing mean time to resolution for critical incidents We’d love to hear from you if you have: ~4+ years of experience building infrastructure components and services at scale in a cloud... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    9 days ago
  •  ...and Balderton, we're building the payments layer the world's best companies rely on. What will you be doing? Partnering with the NA Head of Sales and GTM leadership to design and operationalise the North America GTM engine — territory planning, book-building, target... 
    Internship
    Remote work
    Home office

    Operations

    United States
    a month ago
  •  ...working on high-visibility enterprise security and compliance programs (SOC 2, FedRAMP, encryption key management) Infrastructure incident management and analysis experience Experience working with external enterprise partners on technical programs (e.g., Apple, AWS, Google... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    23 days ago
  • $140k per year

     ...conversations, articulating the strategic impact of Array’s platform. Collaborate with senior client stakeholders (e.g., CIOs, CTOs, Heads of Product) to translate their goals into compelling solution architectures. Conduct technical discovery to map customer... 
    Remote job
    Full time
    Summer work
    Work at office
    Immediate start

    Array

    United States
    more than 2 months ago
  • $200k - $276k per year

     ...individual contribution with strategic thinking and mentorship responsibilities. You'll be responsible for architecting and implementing...  ...for critical data systems including monitoring, alerting, and incident response Implement comprehensive data quality frameworks and... 
    Remote job
    Long term contract
    Worldwide
    Home office

    Docker, Inc

    United States
    more than 2 months ago
  •  ...the codebase easier to work in over time Identify and address reliability, performance, or scalability issues before they become incidents Contribute to reducing tech debt in a way that's practical, not theoretical   Develop engineers around you Act as a technical... 
    Full time
    Self employment
    Remote work
    Flexible hours

    FEG Outsourcing Administrativo

    United States
    21 days ago
  •  ...technical reliability expertise, and a collaborative mindset to lead a diverse team and manage complex vendor relationships. RESPONSIBILITIES Lead and coach a multidisciplinary team , fostering collaboration and servant leadership. Drive strategic alignment across departments... 
    Long term contract
    Full time

    TorontoJobs.ca Recruitment Division

    United States
    3 hours ago
  •  ...SUMMARY Overall responsibility for the management and operation of the Utility systems for manufacturer in the north Richmond, Virginia area including boilers, steam turbines, filtered water & wastewater treatment plants, and landfill. The objective of the role is to provide... 
    Full time
    Contract work
    For contractors

    TorontoJobs.ca Recruitment Division

    United States
    3 hours ago
  •  ...channels. Engineering at StackAdapt As a Director, Engineering at StackAdapt, you will be directly involved in leading teams responsible for building and evolving the backend systems that power our advertising platform. You will work with large-scale distributed systems... 
    Long term contract
    Temporary work
    Local area
    Remote work
    Work from home
    Home office
    Flexible hours

    StackAdapt

    United States
    11 days ago
  •  ...first step forward and explore a career with Dal-Tile. Job Objective The Manager Administrative is an entry-level leader responsible for the training and leading associates in customer service, warehouse duties, coordinating truck deliveries, and ensuring the smooth... 
    Work at office
    Flexible hours

    Mohawk Industries

    United States
    12 days ago
  •  ...applications technologies, including JavaScript frameworks (ReactJS / Webpack) as well as Microsoft technologies (C#, Azure, .NET, SQL)  Responsibilities and Deliverables   ~ Design and develop new features and solutions that support customer use cases in existing and new software... 
    Full time
    Local area

    Fortive

    United States
    9 days ago
  •  ...results-driven Account Executive to build strong client relationships, manage the full sales cycle, and drive revenue growth. Key Responsibilities: Identify and qualify new business opportunities through prospecting and networking. Present product or service solutions... 
    Work at office
    Remote work

    Merge API Integration Sandbox

    United States
    12 days ago
  •  ...clearly to stakeholders ~ Proactive and adaptable, with the ability to prioritize across multiple projects and recalibrate advice in response to shifting priorities, legal developments, and risk tolerance ~ You don't need to be an expert in everything, but you should have... 
    Full time
    Remote work
    Work from home
    Shift work

    Figma

    United States
    13 days ago
  • $125k - $235k per year

     ...tools to solve scientific problems. As one of the early members of this team, you will help build these tools from the ground up. Responsibilities of this position include: Technical execution Design, develop, and deploy new mineral exploration data collection... 
    Long term contract
    Full time
    Temporary work
    Internship
    Remote work
    Worldwide

    KoBold Metals

    United States
    16 days ago
  •  ...This is a hands-on leadership role — you will code, design systems, and set the technical direction for critical initiatives. Key Responsibilities Lead and mentor a team of software engineers, setting technical standards and best practices Architect and deliver scalable... 
    Full time
    Local area

    Fortive

    United States
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Head of Cyber Defence & Incident Response. Be the first to apply!