Team Lead, IT Risk & Security Operations
The Canadian Real Estate Association | L'Association canadienne de l'immobilier
Date: 1 day ago
City: Ottawa, Ontario
Contract type: Full time
Position Overview
The Team Lead, IT Risk & Security Operations will provide leadership and direction to REALTOR.ca Canada Inc.’s IT security operations team, driving proactive risk mitigation, threat detection, and incident response efforts. This role blends hands-on technical expertise with strategic oversight to ensure the security of RCI’s infrastructure, networks, applications, end-users, and data.
The Team Lead will be responsible for defining and executing a multi-year security roadmap aligned with business goals, emerging threats, and compliance standards. They will oversee the development of security policies, frameworks, and operational procedures, and collaborate with cross-functional teams to embed security best practices across the organization.
The ideal candidate is an experienced cybersecurity and risk management professional with strong leadership capabilities, strategic thinking, and a passion for continuous improvement in a dynamic environment.
Reports to: Director, IT Operations
Type of Position: Full-Time
Core Competencies
Leadership & Strategic Oversight
The Team Lead, IT Risk & Security Operations will provide leadership and direction to REALTOR.ca Canada Inc.’s IT security operations team, driving proactive risk mitigation, threat detection, and incident response efforts. This role blends hands-on technical expertise with strategic oversight to ensure the security of RCI’s infrastructure, networks, applications, end-users, and data.
The Team Lead will be responsible for defining and executing a multi-year security roadmap aligned with business goals, emerging threats, and compliance standards. They will oversee the development of security policies, frameworks, and operational procedures, and collaborate with cross-functional teams to embed security best practices across the organization.
The ideal candidate is an experienced cybersecurity and risk management professional with strong leadership capabilities, strategic thinking, and a passion for continuous improvement in a dynamic environment.
Reports to: Director, IT Operations
Type of Position: Full-Time
Core Competencies
- Leadership & Collaboration: Proven ability to drive vision, planning, and execution of IT risk and security initiatives.
- Strategic Thinking: Skilled in aligning operational activities with long-term business and security objectives.
- Communication: Capable of translating technical concepts for a broad range of stakeholders.
- Analytical & Decisive: Strong judgment in threat assessment and incident decision-making.
- Continuous Improvement: Emphasis on automation, integration, and process optimization.
Leadership & Strategic Oversight
- Develop and execute a multi-year security operations roadmap aligned with organizational objectives, threat intelligence, and evolving compliance requirements.
- Plan and lead strategic and operational security initiatives, ensuring milestones, timelines, and KPIs are clearly defined and achieved.
- Integrate security priorities into broader IT and digital transformation strategies in partnership with leadership.
- Assess capability gaps and recommend tools, training, and process improvements to mature the organization’s security posture.
- Lead, mentor, and support the IT security operations team; provide regular performance feedback and promote professional development.
- Foster a collaborative, high-performance culture that emphasizes innovation, accountability, and agility.
- Optimize resource allocation and spending to maintain efficient and effective security operations.
- Oversee real-time monitoring and analysis of security events using SIEM, SOAR, and related technologies.
- Manage the full incident response lifecycle, from detection to containment, recovery, and post-incident analysis.
- Maintain and enhance incident response playbooks and escalation protocols.
- Conduct regular tabletop exercises and simulations to test team readiness and improve response capabilities.
- Lead ongoing risk assessments to identify, prioritize, and mitigate risks to IT assets and operations.
- Implement security controls in alignment with frameworks such as NIST, ISO 27001, and CIS Controls.
- Coordinate internal and external audits and ensure compliance with regulatory and organizational security requirements.
- Oversee vulnerability management, penetration testing, and secure configuration assessments.
- Lead reviews of security architecture and configurations for firewalls, endpoint protection, IAM, and cloud environments.
- Drive automation and continuous improvement across security operations workflows, tools, and reporting.
- Develop and deliver executive-level reports and dashboards on security posture, incident trends, risk exposure, and control effectiveness.
- Define and track key performance indicators (KPIs) and service level agreements (SLAs) to measure and improve team performance.
- Act as a security liaison across business units to ensure alignment and integration of security measures into organizational processes.
- Champion a culture of security awareness, ownership, and accountability throughout the organization.
- Deep understanding of cybersecurity principles, threat landscapes, and risk management practices.
- Expertise in security technologies including SIEM, SOAR, IDS/IPS, EDR/XDR, PAM/PIM, IAM, and firewalls.
- Experience with secure architecture in cloud and hybrid environments.
- Strong capability in leading incident response, vulnerability management, and compliance programs.
- In-depth knowledge of network architecture and protocols, including routing, switching, segmentation, and traffic analysis (e.g., TCP/IP, BGP, OSPF, STP, VLANs, VPNs).
- Experience configuring, managing, and securing enterprise network devices, including routers, switches, firewalls and wireless access points.
- Hands-on experience with network hardware from vendors such as Cisco, Palo Alto, or equivalent.
- Strong understanding of (ZTNA) and (NGFW) technologies, including private access, advanced filtering, intrusion prevention, and threat intelligence integrations.
- Proficient in network monitoring, diagnostics, and performance tools such as Wireshark, SolarWinds, PRTG, or Nagios.
- Experience with segmentation, network access control, and secure remote access solutions.
- Ability to troubleshoot complex network issues across hybrid environments (on-prem, cloud, and remote endpoints).
- Proficiency in scripting (e.g., Python, PowerShell)
- Ability to manage both technical and leadership responsibilities effectively.
- University or college degree in Information Technology, Cybersecurity, or a related field.
- Minimum of 10 years in risk management and security operations, including at least 3 years in a leadership or team lead role.
- Professional certifications such as CISSP, CISM, or CCSP are highly desirable.
- Ability to work independently and manage multiple competing priorities.
- Availability for after-hours support or incident response as needed.
See more jobs in Ottawa, ON