×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Incident Response Specialist

Job in Toronto, Ontario, C6A, Canada
Listing for: BMO
Full Time position
Listed on 2026-06-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 60000 - 80000 CAD Yearly CAD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

Why Join BMO’s Threat Response Operations Team?

Join a highly regarded Incident Response team responsible for protecting BMO against evolving cyber threats. As an Incident Response Specialist
, you’ll investigate and respond to complex Level 2 cybersecurity incidents while working alongside experienced professionals across Threat Intelligence, Detection, Incident Management, and GSOC teams. In this role, you’ll investigate escalated cyber incidents, produce high‑quality incident documentation, collaborate across security teams, and contribute to operational readiness and continuous improvement efforts.

This is an excellent opportunity for cybersecurity professionals looking to deepen their expertise in incident response, and enterprise threat operations within a collaborative and high‑impact environment.

What Makes This Opportunity Stand Out
  • Be part of a mature and advanced cyber incident response program within a leading financial institution
  • Work on real-world investigations involving threat containment, mitigation, and forensic analysis
  • Gain exposure to enterprise‑scale cybersecurity operations and advanced EDR tooling
  • Contribute to continuous improvement initiatives that strengthen BMO’s security capabilities
  • Hybrid model with office flexibility across our offices in downtown Toronto, Scarborough, or our Barrie office
Shifts

This role follows a compressed work schedule of 4 days per week, with 10‑hour shifts. This includes weekends and statutory holidays unless vacation time is booked. Shift assignments will be either Sunday–Wednesday or Wednesday–Saturday, based on business needs and determined by the leadership team.

Shift hours: 10:30 AM EST – 8:20 PM EST

Key Technical Skills
  • Security Operations / Incident Response experience — 3–4 years
  • Breach‑class incident response investigation — 3–4 years
  • Digital forensics / forensic analysis — 2–3 years
  • Incident response using EDR tooling (endpoint detection monitoring tools)— 3–4 years
  • Developing and assessing operational process documentation — 3–4 years
  • Live response analysis and development of host activity timelines — 3–4 years
  • Incident response reporting — 2–3 years
Core Responsibilities
  • Monitors, restores service, changes, supports and handles day‑to‑day activities 7/24/365 required to run the mission critical Information Security systems for BMO.
  • Provides responsive customer service in support of cyber security.
  • Monitors & maintains security tools and applications.
  • Collaborates with internal and external stakeholders in order to deliver on business objectives and to support operational activities for Information Security.
  • Identifies opportunities to strengthen the capability of the Information Security organization at BMO, such as sharing expertise to promote technical development and mentoring employees.
  • Recommends approaches or changes to streamline and integrate security processes and systems in the organization, while considering Information Security methodology to improve overall efficiency.
Additional Information
  • Builds effective relationships with internal/external stakeholders.
  • Anticipates and reduces complexity for others.
  • Provides input into the planning and implementation of operational programs.
  • Develops and documents procedures and processes, conforming to the industry best practices and Bank’s security regulations, policies and standards.
  • Assists in the preparation of end‑user materials.
  • Gathers and documents requirements for use in various audits, reports, & projects.
  • Creates activity reports for security tools and applications.
  • Develops an understanding of organizational interactions and complexity to engage with the appropriate matrix areas.
  • Actions service requests, transactions, queries etc. within relevant service level agreements.
  • Coordinates and facilitates incident management activities, including deploying changes to the production environment and engaging third‑party providers contracted to the Bank during an incident.
  • Provides technical Information Security subject matter expertise.
  • Stays abreast of industry technical and business trends through participation in professional associations, practice communities and individual learning.
  • Ensures…
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search