Incident Response Specialist

Managed Services Toronto, Ontario Ottawa, Canada Vancouver, Canada Calgary, Canada Canada


Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cyber security products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments.

Do you thrive in agile, fast-paced environments?
Are you passionate about protecting company and client information?
Are you one to step up to challenges?
Do you have what it takes to work for a shark?


Role Summary

The Incident Response Specialist will report to the Managing Director, Incident Response. The Specialist is a highly skilled and experienced analyst with a focus on controlling and handling information security incidents, developing and improving incident response processes, tools, and capabilities.

As the lead controller and handler the Specialist will respond to major information security incidents, in client environments. Drawing additional resources from our technical consulting teams, the Specialist will build and lead teams to go onsite with the customer to respond and remediate active threats. As a primary interface to customers in crisis, the Specialist will have excellent communication and organizational skills, to support the efficient and smooth handling of incidents. The Specialist will have strong skills in collaborating and supporting junior incident handlers.  The Specialist may be required to support customers by developing and testing Incident Response plans. 

The Specialist will evaluate, develop, select, document and implement tools, processes, and methods to continuously improve the Incident Response service.

The Specialist will engage, support, and promote all Herjavec Group teams and services. The specialist will maintain a positive relationship with sales teams to support customers with appropriate technical controls and consulting services.


  • Assist with developing, operating, and continuously improving the IRR services
  • Support IRR incidents as a primary incident controller and handler for customer IRR engagements
  • Write engagement closeout reports
  • Train, develop, coach, and supervise junior and ad-hoc responders (controllers and handlers)
  • Maintain and develop relationships with all consulting and technical support leaders and team members
  • Ability to communicate with a customer in a clear and precise manner
  • Maintain and improve capabilities for Incident Response, including researching, selecting, and implementing toolsets and processes.

Desired Skills and Experience

  • College Diploma or University Degree in Information Security or relevant security up-to-date certificates and/or equivalent work experience
  • Demonstrated experience in handling or controlling large and complex information security incidents, including experience in leading incident management and digital forensics processes
  • GIAC Certified Incident Handler certification preferred
  • Specific skills in: FW, malware analysis, packet analysis, log analysis, and security architecture desirable
  • Minimum 5 years’ experience in IT security field

The following will be considered an asset:

  • Certifications such as CISSP, GIAC CIH, OSCP, ITIL, COBiT, or SABSA
  • Working knowledge of NIST SP800-61r2 and ISO 27035
  • Knowledge of ISO information security standard families, particularly ISO 27001 and 27002
  • Security threat and attack countermeasures
  • Practical skills in digital forensics

Non-Technical Skills:

  • Excellent communications skills (active listening, written, oral)
  • Client facing communication (report issues to customer in a timely manner, demonstrate expertise of the overall business unit, develop presentations to highlight results and solutions, etc.)
  • A positive and constructive minded team player
  • Strong troubleshooting, reasoning and problem solving skills
  • Team player with ability to work autonomously