Incident Response Manager – Cyber Security Operations

On behalf of our public sector client, Affinity is looking for an Incident Response Manager to work in the Cyber Security Operations to play a leadership role within a specialized incident response and agile product team. The role will lead the team in responding effectively to cybersecurity incidents. The Incident Response Manager ensures the team is equipped to administer and monitor critical security tools and technologies, respond effectively to security incidents, and promote best practices across the organization.

Responsibilities:

• Serve as the Incident Manager for cybersecurity incidents, including participation in crisis management processes during major incidents.

• Develop, maintain, and coordinate incident response processes and playbooks using team-managed technologies and capabilities.

• Lead and facilitate Agile ceremonies (e.g., sprint planning, stand-ups, retrospectives, reviews) for the SecOps team.

• Manage the relationship with the Managed Security Service Provider (MSSP), ensuring SLAs and performance metrics are met.

• Collaborate with internal stakeholders, vendors, and cross-functional teams to drive security initiatives and resolve blockers.

• Prioritize and manage the product backlog, write user stories, and ensure clear communication of goals and deliverables.

• Provide regular updates to executive sponsors, directors, and other stakeholders on team progress and incident trends.

• Support the planning, evaluation, and implementation of security tools and technologies.

• Other tasks as reasonably required by the organization’s Project Manager.

Qualifications:

• Post-secondary degree in Business Administration, Information Technology, or a related field.

• 10+ years of relevant experience, including leadership roles in Security Operations or Cyber Incident Response.

• Proven experience managing a Security Operations Center (SOC) or equivalent team.

• Strong background in cyber security operations, including threat detection, incident response, and vulnerability management.

• Demonstrated experience with Agile methodologies and tools (e.g., Jira, Confluence).

• Strong communication, negotiation, and stakeholder management skills.

• Ability to build and maintain trust-based relationships across technical and non-technical teams.

• Company has an existing (at time of submission) and ongoing contract with Candidate.

Preferred Skills

• Experience with SIEM, SOAR, EDR, and threat intelligence platforms.

• Familiarity with MITRE ATT&CK, NIST CSF, or other security frameworks.

• Certifications such as CISSP, CISM, CISA, or Certified Scrum Product Owner (CSPO).

• Experience leading security tool evaluations and implementations.

• Experience with defining or tracking security operations metrics or KPIs.

• Strong organizational and planning skills with a track record of delivering results in a fast-paced environment.

• Ability to mentor and coach team members and foster a culture of continuous improvement.

Affinity Earn:

Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/

About Affinity:

Affinity Group is a technology and business consulting and services company. We believe in creating long term relationships between clients and consultants that foster a mutually beneficial partnership. Affinity is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All employment is decided on the basis of qualifications, merit and business need.

For more information on Affinity, please visit www.affinity-group.ca

Job Number: 12438