×
Register Here to Apply for Jobs or Post Jobs. X

Principal Service Manager

Job in Southwestern Ontario, London, Ontario, Canada
Listing for: OpenText
Full Time position
Listed on 2026-07-17
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Management & Operations
Salary/Wage Range or Industry Benchmark: 104320 - 154320 CAD Yearly CAD 104320.00 154320.00 YEAR
Job Description & How to Apply Below
Location: Southwestern Ontario

About Open Text

Open Text is a global leader in information management that empowers businesses to stay ahead of evolving cyber threats. Our Cybersecurity Enterprise portfolio offers innovative solutions that safeguard organizations from malicious attacks, data breaches, and cyber vulnerabilities. By joining our team, you will help develop and implement state‑of‑the‑art security technologies, protecting critical assets and sensitive information for clients worldwide.

Your Impact

The Principal Service Manager is a senior technical practitioner within the MSS SOC and CSIRT function, responsible for leading and delivering incident response engagements across the organization’s multi‑tenant managed security client base. The role provides dedicated capacity for the Incident Response retainer service, ensuring clients receive rapid, expert‑led containment, investigation, and remediation when security incidents occur.

As a Principal Service Manager, You Will
  • Lead Incident Response (IR) retainer engagements, directing containment, eradication, recovery, and incident triage activities across client environments.
  • Investigate security incidents including ransomware, BEC, data exfiltration, insider threats, and APTs through remote and on‑site response engagements.
  • Coordinate incident response efforts with client IT teams, legal counsel, insurers, regulators, and stakeholders in accordance with MSOD requirements.
  • Deliver professional incident reports, root cause analyses, and post‑incident review (PIR) documentation.
  • Maintain chain‑of‑custody procedures for digital evidence and support forensic investigations with legal or regulatory implications.
  • Perform digital forensic investigations across Windows, Linux, macOS, Microsoft 365, Azure AD/Entra , AWS, and Google Workspace environments.
  • Analyze memory, disk, log, network, and cloud audit data to determine incident scope, impact, root cause, and develop IOCs.
  • Utilize EDR tools and threat‑hunting techniques to identify adversary activity, trace lateral movement, and support containment decisions.
  • Serve as an escalation point for SOC analysts, providing mentorship, investigation guidance, and contributing to IR playbooks, runbooks, TTX, and purple team exercises.
  • Communicate incident status, impacts, PIR findings, and strategic recommendations effectively to both technical and executive stakeholders.
What You Need To Succeed
  • 5+ years of progressive cybersecurity experience, including 3+ years in hands‑on Incident Response (IR), DFIR, or senior SOC analyst roles.
  • Proven experience leading incidents through the full IR lifecycle, including preparation, detection, analysis, containment, eradication, recovery, and post‑incident activities.
  • Hands‑on digital forensics expertise across Windows, Linux, macOS, network, and cloud environments.
  • Experience delivering security services within MSSP, SOC, or MDR environments supporting multiple clients concurrently.
  • Strong background producing client‑facing incident reports, post‑incident reviews, and investigative documentation.
  • Proficiency with SIEM platforms (Devo, Splunk, Sentinel), EDR tools (Crowd Strike, Sentinel One, Defender for Endpoint), and case management systems.
  • Deep knowledge of cyber attack life cycles, threat actor TTPs, ransomware, BEC, APT, insider threats, and identity‑based attack techniques.
  • Expertise in forensic artifact analysis, memory forensics, live‑response triage, network forensics, and cloud investigations across Microsoft 365, Azure AD/Entra , AWS, and Google Workspace.
  • Scripting and automation skills using Python, Power Shell, or Bash, with familiarity in SIEM/SOAR platforms, automated response playbooks, malware analysis, and chain‑of‑custody practices.
  • Holds or is actively pursuing industry certifications such as GIAC Certified Incident Handler (GCIH) or GIAC Certified Forensic Analyst (GCFA), with strong communication, leadership, collaboration, and documentation skills.
Compensation

At Open Text, we offer a thoughtfully designed benefits package that supports your physical, emotional, and financial wellbeing. Salary range is $ – $, varying based on education, experience, skills, location, and internal equity.

AI…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary