Senior Specialist Cyber Fulfilment – City of Toronto


Full time

City Division: Office of the Chief Information Security Officer

Reports To: Manager Cyber Intelligence & Response

Salary: $110,947.20 to $130,353.60

Work Location: 55 John Street, Toronto

Job Type & Duration: Permanent Full Time

Shift Information: Monday to Friday, 35 hours work week

The City of Toronto is looking for a Senior Specialist Cyber Fulfilment reporting to the Manager Cyber Intelligence & Response in the office of CISO.


To support the execution of the Chief Information Security Officer’s (CISO) mandate, cyber vision and strategy, providing technical and business advice, support and services on Threat Management cyber programs and initiatives to all City divisions, agencies and corporations.

To define, develop and support Threat Management cyber programs and initiatives, engaging with teams across the organization to build alignment on key projects and develop execution roadmaps.

To support end-to-end Cloud security implementation, enablement and operations.

To provide subject matter expertise, strategic advice, senior level guidance and operational support for Cyber Fulfillment area within the Threat Management section.



  • Post-secondary degree in Business or Technology or a related discipline.
  • Over 6 years experience in Application Implementation, Configuration Management and/or Cyber Operations
  • In-Depth security monitoring experience with one or more SIEM technologies (i.e. QRadar, Splunk, Azure Sentinel) and intrusion detection, prevention technologies.
  • Basic knowledge of client-server applications, multi-tier web applications, relational databases, firewalls, VPNs, and enterprise Anti-Virus products.
  • Strong understanding of security incident management, malware management and vulnerability management processes.
  • Experience with API integration and management of security controls with cloud environment.
  • Strong understanding Cloud enviornment’s Security monitoring components (for e.g. Microsoft: Defenders, Sentinel; Amazon CloudWatch, CloudTrail, Event Bridge; GCP: Chronicle Security, Event Threat Detection, Security Command Center, etc.)
  • Extensive experience with web content filtering technology – policy engineering and troubleshooting.
  • Strong understanding of networking principles including TCP/IP, WANs, LANs, and commonly used Internet protocols such as SMTP, HTTP, FTP, POP, LDAP.
  • Extensive experience in Incident Response or relevant cyber security field(s)
  • In-depth experience managing cases with enterprise SIEM systems.
  • In depth knowledge of security vulnerabilities, exploits, malware and digital forensics as they relate to Incident Response.
  • Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
  • Strong knowledge of effective security practices in a large, complex environment and awareness of general security-related training requirements within this environment.
  • Preferred Certifications (any in the list):  CCSP, Azure, AWS or GCP Security Certifications, CISSP, CRISC, OSCP, CEH, GPEN


Find the detailed job responsibilities, qualifications, skills, and other information here.


Additional Comments/Information

A normal workweek is 35 hours, however, unforeseen situations may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment, and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity, and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.


Resume received!