Team Lead, Information Security Operations

Company Summary

Come work for a company that’s committed to the success of each and every employee. A place where innovators and collaborators come together and build on each other’s talents. Where diversity is welcomed  and celebrated.

FCT provides industry-leading title insurance, default solutions and other real estate related products and services to legal, lending, valuation and real estate professionals across Canada. With FCT, you will have the opportunity to build a meaningful career. Join us as we continue to do exciting work and make a big impact on our colleagues, customers and communities.

Job Summary

We are continually searching for great talent; individuals who possess a deep commitment to the customers and markets we serve. If you would like to join a company that is committed to the success of each employee and offers challenge, purpose and the opportunity to grow both personally and professionally in a team-oriented environment, you'll enjoy a career with us! We understand that fostering a diverse and inclusive environment is critical for the success of our business, and we actively work towards it every day. 

As the Team Lead, Information Security Operations, you will provide technical and operational leadership for security monitoring, detection, and incident response capabilities. You will serve as the primary escalation point for security incidents, guide and mentor SOC analysts, and ensure consistent, high-quality investigation and response outcomes.

This role is accountable for effectively driving detection and monitoring maturity across the environment, ensuring threats are detected early, alerts are actionable, and investigations are supported by reliable and sufficient security telemetry. You will continuously assess detection coverage against the evolving threat landscape, validate logging and visibility across systems, and lead improvements that strengthen the organization’s overall security posture.

You will also act as a trusted security advisor across enterprise initiatives, audits, and risk discussions, balancing hands-on incident leadership with strategic oversight to support the confidentiality, integrity, and availability of sensitive information.

HERE’S HOW YOU’LL CONTRIBUTE:

• Lead day‑to‑day SOC operations and act as the primary escalation point for complex and high‑severity security incidents in a hybrid environment (On Prem and Cloud), ensuring timely and effective response.

• Drive and continuously improve detection capabilities to ensure high‑fidelity, actionable alerts aligned to enterprise risk and the evolving threat landscape.

• Proactively assess threat intelligence and emerging attack techniques, identifying where new or enhanced detections are required.

• Govern security logging and telemetry standards, ensuring logs are onboarded, sufficient, and fit for purpose to support effective detection, investigation, and response.

• Optimize and manage security tools and platforms, including tuning detections, improving signal quality, and enabling the team to effectively leverage technology for investigations and response.

• Act as a security subject matter expert across enterprise initiatives, collaborating with business and technical teams to embed security controls, assess risks, and ensure alignment with organizational policies and frameworks.

• Lead post‑incident reviews and translate lessons learned into improved detections, playbooks, and monitoring outcomes.

HERE’S WHAT YOU’LL BRING:

• Bachelor’s degree in computer science, Information Technology, or a related field, with 5–8 years of experience in Security Operations or a similar capacity, including experience leading SOC functions, mentoring analysts, and supporting high‑severity incident response.

• Proven experience responding to security incidents in hybrid environment (On Prem and Microsoft Azure) including investigations involving Entra ID (Azure AD), Microsoft Sentinel, Defender for Cloud, identity compromise, cloud workload threats, and misconfigurations

• Strong understanding of security monitoring and detection capabilities across SIEM, EDR/XDR, SOAR, UEBA, and network‑ and host‑based detection, with the ability to assess logging sufficiency, signal quality, and detection coverage to support effective investigations.

• Solid understanding of attacker techniques, vulnerabilities, and exploitation methods, with a proactive, problem‑solving mindset to identify detection gaps, anticipate emerging threats, and continuously improve SOC effectiveness.

• Demonstrated ability to operate effectively in high‑pressure environments, rapidly synthesize information, and make sound decisions, with a strong commitment to continuous learning, mentoring analysts, and maturing SOC processes, playbooks, and operations.

• Strong deductive reasoning, critical thinking, problem-solving, and prioritization skills.

• One or more senior security certifications such as CISSP, GIAC certifications (e.g., GCIH, GCED, GCIA, or GCIR) and Microsoft security certifications such as SC‑200 or AZ‑500, or a demonstrated commitment to achieving them.

• Solid understanding of frameworks, standards, and assessments such as ISO 27001, SOC 2, PCI, NIST.

 

 

Total Direct Compensation:

137,200 to 167,900

Any pay range is in $CAD. The stated pay range reflects the total expected compensation for this role (e.g., base pay plus any expected incentives or allowances, where applicable)

 

 

HERE’S WHAT SETS US APART: 

Through mentoring, innovative tools, and a variety of programs that engage and reward, we empower each employee to be great and drive results.

• Comprehensive benefits that include Employee and Family Assistance Program (EFAP) and Wellness Essentials

• Group retirement savings plan with company match

• Paid holidays and generous paid time off

• Hybrid work arrangements

• Paid volunteer opportunities and charitable donation matching

• Employee recognition programs that include referral incentives

• Potential for performance-based incentives 

• The opportunity to participate in our stock purchase plan

• And more!

*As per terms of the employment agreement

The Great Place to Work® Institute has named FCT one of Canada’s Top 50 Best Workplaces, Best Workplaces in Canada for Financial Services & Insurance, Best Workplaces in Canada for Women, Best Workplaces in Canada for Inclusion and Best Workplaces in Canada for Mental Wellness. We’re also one of Achievers 50 Most Engaged Workplaces™ in North America.

By joining us, you will not only be part of an award-winning organization, you will be part of a workforce that is engaged and empowered to succeed.

Thank you for considering FCT. We look forward to meeting you.

In accordance with the Ontario Human Rights Code and the Accessibility for Ontarians with Disabilities Act, a request for accommodation will be accepted as part of FCT’s hiring process.

To avoid any delays in the recruitment process, if you require accommodation to apply, please provide your accommodation needs in advance. You may also be required to submit adequate medical/other documentation to Human Resources to support your request for accommodation.

FCT is an equal opportunity employer and is committed to an active nondiscrimination program. All recruitment, hiring, placements, transfers, promotions, training, compensation, benefits, discipline, and other terms and conditions of employment will be on the basis of the qualifications of the individual regardless of race, colour, place of origin, ethnic origin, citizenship, handicap (including mental and physical disability), sex, sexual orientation, gender identity and expression, creed (religion), marital status, family status (being in a parent/child relationship), age, or any other basis prohibited by the applicable provincial or federal human rights legislation.