Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Head of Cyber Defence & Incident Response

Full-time

Quadient



At Quadient , we support businesses of all sizes in their digital transformation and growth journey, unlocking operational efficiency with reliable, secure, and sustainable automation processes.

Our success in delivering innovation and business growth is inspired by the connections our diverse teams create every day, with our clients and each other.

It’s these connections that make Quadient such an exceptional place to grow your career, develop your skills and make a real impact – help our future-focused business lead the way in powering secure and sustainable business connections through digital and physical channels.

Job Description

  • Location: Qaudient offices, Markham Ontario, Canada or Eastern USA (EST Time zone)
  • The Head of Cyber Defence and Incident Response owns the organisation’s cyber defence capability across a hybrid environment (mix of on‑prem and cloud platforms), ensuring effective monitoring, detection, response and recovery.
  • Reports directly to the CISO and leads cyber defence operations (including the MSSP) and cybersecurity incident response across the organisation. This fits within the context of the broader organizational Crisis Management plan owned outside Technology.
  • A key focus is optimising security tooling (e.g., SIEM, SOAR, EDR/XDR, NDR, email security, vulnerability scanning) and driving strong vulnerability and threat management, using threat intelligence to prioritise defensive improvements.

Key Responsibilities

  • Own the incident response lifecycle (prepare, detect, analyse, contain, eradicate, recover), ensuring playbooks, tooling, and decision-making processes are in place and exercised.
  • Lead and coordinate response to security incidents, acting as incident commander where required, including stakeholder communications, forensic triage, and recovery coordination.
  • Manage the MSSP relationship end‑to‑end: service definition, SLAs/KPIs, escalation paths, continuous improvement plans, quality assurance, and commercial governance.
  • Optimise security monitoring and response tooling working across technology teams (e.g., SIEM, SOAR, EDR/XDR, NDR, email security) including use‑case coverage, alert quality, automation, logging strategy, and operational runbooks.
  • Own the vulnerability management programme (on‑prem and cloud), including scanning coverage, prioritisation, remediation SLAs, exception handling, verification, and executive reporting.
  • Drive threat management by operationalising threat intelligence (internal and external) into defensive priorities: detection use cases, hardening actions, control uplift and proactive hunting themes.
  • Lead continuous improvement of the defence stack: rationalise tools, tune detections, improve signal quality, reduce noise, and expand automation to accelerate triage and response.
  • Establish and run a threat hunting programme using hypothesis‑driven approaches, telemetry coverage mapping, and lessons learned from incidents and red-team activity.
  • Run regular tabletop exercises and simulations (including ransomware and cloud compromise scenarios), ensuring roles, escalation paths, and technical procedures are validated and improved.Own incident response governance: severity model, on‑call and escalation processes, evidence handling, case management, and alignment to legal/regulatory obligations.
  • Define and report cyber defence metrics (e.g., MTTD/MTTR, alert volumes and precision, incident trends, vuln remediation performance, control coverage), presenting insights and recommendations to senior leadership.
  • Lead post-incident reviews and root cause analysis, ensuring lessons learned translate into measurable improvements (detections, hardening, identity controls, backups, segmentation, and training).
  • Support business continuity and crisis management processes during cyber events, contributing to executive updates and coordinated communications with Legal/Privacy and other stakeholders.
  • Maintain and improve incident response documentation and readiness (playbooks, runbooks, contact trees), and ensure training is delivered for technical responders and business stakehol
  • Communicate cyber risk and active incidents clearly to technical and non‑technical audiences, including concise executive briefings and after‑action summaries.

Qualifications

  • Strong experience leading cyber defence/SOC and incident response, including major incident coordination, investigation, containment and recovery.
  • Hands-on understanding of detection and response tooling and concepts (SIEM, SOAR, EDR/XDR, NDR, email security, log pipelines), including tuning, use-case engineering and operational workflows.
  • Proven experience managing an MSSP or outsourced SOC capability, including SLAs/KPIs, service governance, escalations, and continuous improvement.
  • Strong experience running vulnerability management and threat management programmes, including prioritisation based on exploitability, exposure, and business impact.
  • Knowledge of incident response processes, digital forensics fundamentals, evidence handling, and working with legal/privacy and external forensic partners.
  • Experience defending hybrid environments (on‑prem and cloud), including identity signals, network telemetry, endpoint visibility, and cloud-native security monitoring.
  • Ability to operate under pressure and lead cross-functional teams through high-severity incidents, communicating clearly and making timely risk-based decisions.
  • Fluent in English – excellent written and verbal communication skills, including producing clear architecture guidance, standards, and security design documentation.

Desirable

  • Certifications such as GCIH, GCIA, GNFA, CISSP, CISM, or equivalent experience in incident response and security operations.
  • Experience with threat hunting, purple teaming, and using MITRE ATT&CK to structure detections, gaps analysis, and defensive improvements.
  • Experience with security operations in cloud platforms and common tools (e.g., Microsoft Defender, Sentinel, Splunk, CrowdStrike, Palo Alto, AWS/Azure security services) and integrating telemetry across environments.
  • Calm under pressure , able to lead effectively during incidents and make timely decisions with incomplete information.
  • Highly collaborative, able to coordinate across IT, engineering, legal/privacy, and business leaders during investigations and recovery.
  • Operationally rigorous with strong attention to detail, documentation and evidence quality (case notes, timelines, lessons learned).
  • Continuous improvement mindset—drives measurable outcomes through tooling optimisation, process refinement, and coaching teams to improve security hygiene.

Additional Information



See Full

Job description

Rewards & Benefits

  • Flexible Work: Embrace a hybrid work model blending office and remote setup for a balanced lifestyle.
  • Endless Learning: Access global opportunities for growth through our 24/7 online learning platform.
  • Inclusive Community: Join our Empowered Communities and engage in our Philanthropy program.
  • Comprehensive Rewards: Enjoy competitive Total Rewards covering wellness, work/life balance, and more, including a generous referral scheme.
  • Caring for Wellbeing: Access our complimentary employee assistance program for mental health support.

Smart Work at Quadient 
At Quadient, our Smart Work approach fosters connection, collaboration, and innovation while offering flexibility based on role requirements. Whether on-site, hybrid, or remote, our work environments are designed to support productivity and engagement. Hybrid employees balance remote and in-office work, on-site roles contribute daily to our vibrant workplace culture, and remote employees stay connected through virtual collaboration and in-person events. No matter where you work, you’ll be part of a dynamic, people-first community that drives success together. 

Be yourself at Quadient   
Our values define how we work as a team: Empowerment, Passion, Inspiration and Community. They inspire us to be EPIC. Together. What makes Quadient different is how different we are. We’re a team of individuals with one goal but many perspectives. When you connect with Quadient, you become part of a community that cares - in a culture that embraces differences and values every voice.

We will consider any reasonable modifications to the interview process. If you require any assistance with the application process, please email us at View email address on jobs.smartrecruiters.com

Quadient is an Equal Employment Opportunity Employer. *: We firmly believe in zero discrimination in employment on any basis, including race, color, religion, sex, national origin, age, disability, veteran or military status, genetic information, citizenship status, and any other characteristics protected by local, state, or federal law. 

People. Connected. 

Vacancy posted 20 days ago
Similar jobs that could be interesting for youBased on the Head of Cyber Defence & Incident Response in United States vacancy
  • About us Common Room is the customer intelligence platform that captures every buying signal, giving companies superpowers with AI enrichment and automation to reach the right person with the right context at the right time.  Despite an explosion of buyer signals, companies...
    Suggested
    Remote job
    Long term contract
    Local area
    Work from home
    Home office

    Common Room

    United States
    more than 2 months ago
  • $150k - $240k per year

     ...engineers, you will have the opportunity to tackle complex problems head-on and collectively pave the way for the discoveries of vital...  ...and contribute to building a sustainable world. This role be responsible for: Deep engagement with exploration geologists and data... 
    Suggested
    Full time
    Internship
    Remote work

    KoBold Metals

    United States
    6 days ago
  •  ...Monarch is hiring a Senior Security Engineer, Detection and Response to join our Security team within Foundations — the first dedicated...  ...maintain detections and build alerting pipelines that feed triage and incident response Investigate and respond to security incidents... 
    Suggested
    Full time
    Internship
    Work at office
    Immediate start
    Remote work
    Work from home
    Weekend work

    Monarch Money

    United States
    13 days ago
  • $170k - $215k per year

     ...scientists and geologists, you will tackle complex scientific problems head-on and collectively pave the way for discoveries of vital...  ...exploration and contribute to building a sustainable world. Responsibilities Architect, implement, and maintain foundational scientific... 
    Suggested
    Full time
    Internship
    Remote work

    KoBold Metals

    United States
    6 days ago
  •  ...Manager for Observability, you will lead a team of five engineers responsible for shaping the future of visibility and efficiency at Figma....  ...systems, instrumentation best practices, SLO design, and incident response workflows ~ Experience driving cost transparency and... 
    Suggested
    Full time
    Remote work
    Work from home

    Figma

    United States
    10 days ago
  •  ...drive: Higher compliance and competency Fewer injuries and incidents Better readiness for rare/high-risk events Faster...  ...building executive conviction and site-level adoption. Key Responsibilities: Manage the full sales cycle: prospecting, discovery, solution... 
    Remote work

    CGS Immersive

    United States
    10 days ago
  •  ...browser and mobile; requires deep experience with performance testing (load, stress, endurance, interference), observability, and incident response. You’ll partner across Product, Platform, Performance Program and Product Support. Join us to keep Figma snappy quick! This is... 
    Full time
    Manual labor
    Remote work
    Work from home

    Figma

    United States
    14 days ago
  • $130k - $145k per year

     ...safeguarding systems, data, and people. In this role, your primary responsibility will be to strengthen our security posture across the...  ...play a key role in security monitoring, access management, incident response, and audit readiness, while partnering with internal teams to... 
    Remote job

    Qualified

    United States
    more than 2 months ago
  •  ...issues, and care deeply about what happens after code merges. Responsibilities Design and build multi-agent AI systems in Python that...  ...High ownership: you deploy your own code, investigate your own incidents, and close the loop between what you shipped and how it performs... 

    Telnyx

    United States
    20 days ago
  •  ...States.  What you’ll do at Figma: Lead and develop engineers responsible for Figma's core database infrastructure, including sharded...  ...and operational excellence of Figma's data tier — drive incident response, postmortem culture, and proactive investment in system resilience... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    19 days ago
  •  ...interview into a compliant, defensible decision workflow. Key Responsibilities: Manage end-to-end enterprise sales, from targeting accounts...  ...-versed in the TA/HR market, engaging buyers such as CHROs, Heads of Talent, TA Ops, HRIT, Compliance, and InfoSec professionals.... 
    Permanent employment
    Full time
    Remote work

    CGS Immersive

    United States
    4 days ago
  •  ...from it. At Invert, adopting AI isn’t optional — it’s a shared responsibility and a growth opportunity. We look for people who are curious, adaptable...  ...they have already participated in previous interviews). # Head of Engineering Chat: 30-minute meet-and-greet with our Head of... 
    Remote job

    Invert

    United States
    more than 2 months ago
  • $160k - $180k per year

     ...products and ensure they meet user needs effectively. Your Responsibilities Develop customer-focused applications by building new features...  ...sharing thoughts and input; we value open communication over a heads-down environment. Experience working with Agile... 
    Remote job
    Immediate start

    Qualified

    United States
    more than 2 months ago
  •  ...Debug and resolve production issues across services and multiple layers of the stack, reducing mean time to resolution for critical incidents We’d love to hear from you if you have: ~4+ years of experience building infrastructure components and services at scale in a cloud... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    10 days ago
  •  ...and Balderton, we're building the payments layer the world's best companies rely on. What will you be doing? Partnering with the NA Head of Sales and GTM leadership to design and operationalise the North America GTM engine — territory planning, book-building, target... 
    Internship
    Remote work
    Home office

    Operations

    United States
    a month ago
  • $140k per year

     ...conversations, articulating the strategic impact of Array’s platform. Collaborate with senior client stakeholders (e.g., CIOs, CTOs, Heads of Product) to translate their goals into compelling solution architectures. Conduct technical discovery to map customer... 
    Remote job
    Full time
    Summer work
    Work at office
    Immediate start

    Array

    United States
    more than 2 months ago
  •  ...working on high-visibility enterprise security and compliance programs (SOC 2, FedRAMP, encryption key management) Infrastructure incident management and analysis experience Experience working with external enterprise partners on technical programs (e.g., Apple, AWS, Google... 
    Full time
    Remote work
    Work from home

    Figma

    United States
    24 days ago
  • $200k - $276k per year

     ...individual contribution with strategic thinking and mentorship responsibilities. You'll be responsible for architecting and implementing...  ...for critical data systems including monitoring, alerting, and incident response Implement comprehensive data quality frameworks and... 
    Remote job
    Long term contract
    Worldwide
    Home office

    Docker, Inc

    United States
    more than 2 months ago
  •  ...SUMMARY Overall responsibility for the management and operation of the Utility systems for manufacturer in the north Richmond, Virginia area including boilers, steam turbines, filtered water & wastewater treatment plants, and landfill. The objective of the role is to provide... 
    Full time
    Contract work
    For contractors

    TorontoJobs.ca Recruitment Division

    United States
    7 hours ago
  •  ...technical reliability expertise, and a collaborative mindset to lead a diverse team and manage complex vendor relationships. RESPONSIBILITIES Lead and coach a multidisciplinary team , fostering collaboration and servant leadership. Drive strategic alignment across departments... 
    Long term contract
    Full time

    TorontoJobs.ca Recruitment Division

    United States
    7 hours ago
  •  ...results-driven Account Executive to build strong client relationships, manage the full sales cycle, and drive revenue growth. Key Responsibilities: Identify and qualify new business opportunities through prospecting and networking. Present product or service solutions... 
    Work at office
    Remote work

    Merge API Integration Sandbox

    United States
    13 days ago
  •  ...channels. Engineering at StackAdapt As a Director, Engineering at StackAdapt, you will be directly involved in leading teams responsible for building and evolving the backend systems that power our advertising platform. You will work with large-scale distributed systems... 
    Long term contract
    Temporary work
    Local area
    Remote work
    Work from home
    Home office
    Flexible hours

    StackAdapt

    United States
    12 days ago
  •  ...first step forward and explore a career with Dal-Tile. Job Objective The Manager Administrative is an entry-level leader responsible for the training and leading associates in customer service, warehouse duties, coordinating truck deliveries, and ensuring the smooth... 
    Work at office
    Flexible hours

    Mohawk Industries

    United States
    12 days ago
  •  ...clearly to stakeholders ~ Proactive and adaptable, with the ability to prioritize across multiple projects and recalibrate advice in response to shifting priorities, legal developments, and risk tolerance ~ You don't need to be an expert in everything, but you should have... 
    Full time
    Remote work
    Work from home
    Shift work

    Figma

    United States
    14 days ago
  •  ...live load pattern for each structural member that that causes the worst load effect on each member; ~ Identify the maximum structural response for different live load cases. ~ Perform load rating for different types of bridges under the guidance of AASHTO LRFD, AASHTO MBE,... 
    Long term contract
    Full time
    For contractors

    TorontoJobs.ca Recruitment Division

    United States
    7 hours ago
  • $125k - $235k per year

     ...tools to solve scientific problems. As one of the early members of this team, you will help build these tools from the ground up. Responsibilities of this position include: Technical execution Design, develop, and deploy new mineral exploration data collection... 
    Long term contract
    Full time
    Temporary work
    Internship
    Remote work
    Worldwide

    KoBold Metals

    United States
    16 days ago
  • $160k - $240k per year

     ...Breakthrough Energy Ventures, BOND Capital, and Standard Investments; and natural resources companies Equinor, BHP, and Mitsubishi. Responsibilities: Build intuitive and elegant user experiences to empower fellow KoBolders with backgrounds in geology, geophysics,... 
    Full time
    Remote work

    KoBold Metals

    United States
    4 days ago
  • $64k - $80k per year

     ...compensation, commissions (if applicable), discretionary bonuses, short- and long-term incentives, and company-sponsored benefits. Responsibilities: Provides interior design advice and product expertise, facilitates tile and stone selection, and project development/support,... 
    Long term contract
    Temporary work
    Local area
    Weekend work
    Afternoon shift

    Mohawk Industries

    United States
    5 days ago
  •  ...model-evaluation review without losing the thread. Primary Responsibilities Set strategy. Own the multi-year data strategy supporting...  ...270/271) and prior-auth (278) integrations live with sub-second response Salesforce (TailorCare-captured) clinical operational data... 
    Internship
    Remote work
    Shift work

    TailorCare

    United States
    8 days ago
  • $125k - $150k per year

     ...technical and communication skills. You will work with companies that range from small startups to large technology unicorns.  Responsibilities Lead end-to-end API onboarding and implementation for new customers, guiding technical teams through setup, testing, and go-live... 
    Full time
    Contract work
    Internship
    Remote work
    Home office

    Canopy Connect

    United States
    4 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Head of Cyber Defence & Incident Response. Be the first to apply!