Threat Intelligence & Fulfillment Manager – City of Toronto


Full time

City Division: Office of the CISO

Work Location: Metro Hall, 55 John Street

Job Type & Duration: Full Time, Permanent

Salary: $128,728.60 to $151,278.40

Shift Information: Monday to Friday, 40 Hours per Week

Affiliation: Non-Union

Number of Positions Open: 1

Posting Closing: October 28, 2020

The City of Toronto is looking for a Threat Intelligence & Fulfillment Manager reporting to the Director Threat Management in the office of CISO.


To provide senior-level strategic and tactical guidance to the Director Threat Management, as well as the Chief Information Security Officer (CISO) in the execution of its mandate to establish and maintain a City-wide cyber program to ensure the City is adequately protected.

To provide leadership, guidance, and manage the design, integration, and implementation of cyber solutions that support the organization and the CISO’s strategic objectives.

To develop and manage the creation, execution, and maintenance of a security operations center (SOC). To contribute to the ongoing strategy and development of cyber operations across all segments of the organization.

To proactively and iteratively detect, isolate, and neutralize advanced threats that evade automated security solutions. To lead the hunting and discovery of previously unidentified and emerging threats through malware and network analysis to protect the City.

To administer the unit’s financial and administrative responsibilities including the operating budget process, monitoring spending, and revenues, and directing the unit’s cyber information technology program services, communications, human resources planning and decisions, quality assurance, and staff training.

To collaborate with other segments of the organization to manage City-wide cyber initiatives.


  • Post-secondary degree in Business or Technology or a related discipline.
  • Over 7 years of senior-level experience in Information Security
  • Prior experience leading in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
  • Extensive knowledge in IT Information Security, Risk Management or Operational Risk Management
  • Extensive knowledge of security industry standards and best practices such as ISO 27001 and NIST standards.
  • Extensive understanding of security risks, threats, and vulnerabilities and the judgment to assess and articulate risk effectively.
  • Strong knowledge of threat hunting and research role.
  • Extensive experience in intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor.
  • Demonstrable understanding of the current vulnerabilities, response, and mitigation strategies used in cybersecurity.
  • Demonstrable ability to research and characterize security threats to include identification and classification of threat indicators.
  • Investigative and analytical problem-solving skills demonstrated by previous risk analysis and intelligence development experience are required.
  • Knowledge of security industry standards and best practices such as ISO 27001 and NIST standards.
  • Preferred Certifications (any in the list): CISSP, CRISC, ISSMP, CISM


Find the detailed job responsibilities, qualifications, skills, and other information here.


Additional Comments/Information

A normal workweek is 40 hours, however, unforeseen situations may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.

*Subject to a police check, background check, psychological assessment, and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity, and Inclusion
The City is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the City’s commitment to employment equity.

The City of Toronto is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the City’s Hiring Policies and Accommodation Process.


Resume received!