At KUBRA, we’re looking for a Security Manager to take ownership of our Security Operations function and play a key role in strengthening and evolving our security posture across the organization!
This role involves strategic decision making, leading system implementations, and driving the adoption and testing of security processes and procedures that enhance the resilience of our infrastructure and IT systems.
You will be responsible for protecting KUBRA’s data assets from security threats, vulnerabilities, and emerging risks, while working closely with technology and business stakeholders to ensure security is embedded into everything we build and operate.
How You’ll Contribute
Lead the implementation and maintenance of Cybersecurity programs and projects.
Security Standards: Develop and implement security operations standards, procedures, and guidelines as needed.
Strategic Planning: Create and update security plans to address evolving threats and risks.
Team Leadership: Lead and manage the Security Operations team, providing guidance, training, and mentorship.
Recruitment: Oversee the recruitment and development of security operations analysts.
Goal Achievement: Lead the team in achieving established goals and departmental objectives.
Performance Management: Accomplish staff results by communicating job expectations; planning, monitoring, and appraising job results; coaching, counseling, and disciplining employees; developing, coordinating, and enforcing systems, policies, procedures, and productivity standards.
Culture: Foster an environment that emphasizes trust, open communication, creative thinking, and cohesive team effort.
Security Strategy and Planning:
Develop and implement security operations standards, procedures, and guidelines as needed
Create and update security plans to address evolving threats and risks.
Assess the operational security risks of third-party tools and integrations within the security stack to support vendor risk management responsibilities.
Incident Response:
Manage the 24/7 monitoring of security alerts and incidents.
Develop and implement incident response plans and procedures.
Establish and maintain an incident response plan to address security breaches and emergencies.
Coordinate and lead the response to security incidents, collaborating with relevant stakeholders.
Conduct or oversee investigations into security incidents, violations, or breaches.
Collaborate with law enforcement or external agencies as needed.
Oversee digital forensics investigations to support HR, Legal, and external law enforcement requirements during serious breaches or internal policy violations.
Vulnerability Management:
Design, implement, and operate a comprehensive Risk-Based Vulnerability Management Program covering Infrastructure, Applications, and CI/CD Pipelines.
Drive the classification of vulnerabilities based on contextual risk (e.g., exploitability, asset criticality) rather than just CVSS scores, prioritizing remediation efforts effectively.
Establish and lead a Security Champions Program to foster security culture within development and engineering teams, ensuring security advocates are embedded across the organization.
Security Tools and Technology Management:
Establish and lead a Security Champions Program to foster security culture within development and engineering teams, ensuring security advocates are embedded across the organization.
Oversee the deployment and maintenance of security technologies within the SOC, such as SIEM (Security Information and Event Management) systems, intrusion detection/prevention systems, and other relevant tools.
Management of security technologies, such as firewalls, surveillance systems, access control systems, and intrusion detection systems.
Identity and Access Management (IAM):
Oversee the Identity and Access Management (IAM) and Identity Governance and Administration (IGA) programs, ensuring proper lifecycle management, access reviews, and least-privilege enforcement.
Threat Intelligence:
Stay current on the latest cyber threats and vulnerabilities.
Integrate threat intelligence into SOC processes to proactively identify potential risks.
Continuous Monitoring and Analysis:
Implement continuous monitoring of network and system activities.
Analyze security alerts and log data to identify patterns and trends.
Reporting and Documentation:
Prepare and deliver regular reports on Security Operations activities, incident trends, and key performance indicators (KPIs).
Maintain documentation of incidents, responses, and lessons learned.
Compliance:
Ensure compliance with relevant regulations and industry standards such as PCI DSS, NIST, ISO and other frameworks.
Tabletop Exercise Programs:
Conduct regular tabletop exercises to test and improve incident response capabilities.
Facilitate Purple Team exercises to validate detection logic and improve defensive posture against specific TTPs (Tactics, Techniques, and Procedures).
Budget Management:
Manage the budget for the Security Operations team, ensuring cost-effective use of resources.
Provide input for the acquisition of new tools and technologies.
Performance Metrics:
Define and track key performance metrics to measure the effectiveness of Security operations.
Implement improvements based on performance analysis.
Strengths That Shine in This Role
8-10+ years of relevant experience in information security
2-3+ years of experience leading security teams
Working knowledge of Identity and Access management, SIEM management, Incident management and vulnerability management concepts
Working knowledge of Information Security best practices and standards such as COBIT, SSAE18, ISO 27000 Series, PCI DSS, SOX etc.
Excellent writing and verbal communication skills, interpersonal and presentation skills and proven ability to influence and communicate effectively with all levels of staff.
Comprehensive knowledge or experience of information security principles, including risk assessment, intrusion detection, Security Incident and Event Management (SIEM) tools, threat and vulnerability management
Detailed knowledge or experience of application and network-based penetration testing tools and methodologies
Experience of incident response and security incident event management solutions, UEBA, EDR etc
Successful track record of effective project coordination, prioritization, collaboration, organization, and timely project delivery
Ability to understand and evaluate risk in relation to IT Security and communicate this to Stakeholders
Experience of working within an information security, cyber security environment or Security Operations Centre
Strong technical background with excellent knowledge of cyber security, computer networks and operating systems including firewalls, IDS/IPS, Active Directory, endpoint protection, Windows Server, networks and cloud services
Analytical background with the ability to analyze and interpret large and complex data sets and articulate observations, conclusions and recommendations
Good understanding of current legislation and regulations pertaining to IT security
Skills That Matter in This Role
Leadership:
Time tested ‘people management’ skills, with an ability to apply critical thinking and proactive demonstration of solutions while dealing with day-to-day problem solving.
Remain informed on evolving industry standards and practices, toward an ability to show forward thinking with new and innovative approaches to security while meeting overarching business objectives.
Project Management:
Evaluate proposed projects and new vendors in support of risk management responsibilities.
Manage operational business impacts as well as technical components of a technology program or project.
Budget Planning:
Participate in the annual expense and capital budgeting processes & cycles where applicable.
Employee Management:
Ability to manage/oversee both internal or external resources.
Ability to identify and nurture talent within assigned team.
Why You’ll Love Working Here
Thrive in an award-winning culture that champions growth, embraces diversity, and fosters inclusion for all. See our awards →
Earn annual performance-based bonuses recognizing your contributions
Enjoy generous benefit coverage with low premiums, plus a Healthcare Spending Account and Wellness Spending Account
Invest in your future with RRSP matching
Take time to recharge with paid vacation and sick days, and enjoy a paid day off for your birthday
Make a difference with two paid volunteer days to support causes you care about
Keep learning with free access to LinkedIn Learning and our education reimbursement program for continued development
Feel appreciated through our employee recognition programs
Support your mental health with a free premium Headspace membership
Stay refreshed with unlimited access to fully stocked beverage stations
Save more with exclusive Perkopolis retail discounts
KUBRA is an equal opportunity employer dedicated to building an inclusive and diverse workforce. We will provide accommodations during the recruitment process upon request by emailing
[email protected]. Information received relating to accommodation will be addressed confidentially. We thank all applicants for their interest; however, only candidates under consideration will be contacted.
#GTA2025
#LI-AA1
While we value the skills and experiences listed in our job requirements, we also recognize that talent comes in many forms, and welcome applications from candidates who meet most but not all specified requirements. If you possess a strong desire to learn and grow in a dynamic work environment, apply now!
KUBRA is a fast-growing company that delivers customer communications solutions to some of the largest utility, insurance, and government entities across North America. KUBRA offers billing and payments, mapping, mobile apps, proactive communications, and artificial intelligence solutions for customers. With more than 1.5 billion customer interactions annually, KUBRA services reach over 40% of households in the U.S. and Canada. KUBRA is an operating subsidiary of Hearst.
Our office is small enough to allow creative individuals to flourish, yet large enough to provide long-term stability. We place a tremendous amount of responsibility on our team members to be productive, focused and self-motivated. We offer a casual work environment, competitive compensation and a stellar benefits program.
KUBRA does not typically provide immigration-related assistance, including employment-based work visa (e.g. H-1B) sponsorship, work permit applications and extensions, permanent residence (green card) sponsorship, LMIA applications or permanent residency nominations. Candidates must ensure they have legal authorization to work in the U.S/ Canada. All sponsorship determinations are case by case based on business need.
