Home > Toronto jobs > Toronto computer/technical jobs

Posted: Friday, October 6, 2017 12:02 AM

Job Type:
Primary Location:
Vaughan, Ontario, Canada
All Available Locations:
External Posting Description 13;

We have an immediate opportunity for Senior Security Analyst : Threat Hunting to join our team Reporting to the SOC manager at our Cyber Intelligence Centre in Vaughan, the incumbent is self:motivated, energetic, driven for success and results oriented. In:depth knowledge of security monitoring, incident handling, security operations processes, threat management, and common industry technologies supports delivery and execution of managed security services. The analyst will also be a key player in building world:class security operations capabilitymthat is aligned with our strategic direction and that helps the firm better deliver on new and existing engagements.

:Analyze activity trends in the clients environment using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts.
:Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities.
:Perform in:depth investigation of events of interest identified during threat hunt activities or security alerts received from various security technologies as per defined investigation and response procedures.
:Conduct threat scenario analysis to develop new use cases with relevant attack vectors, and develop attack scenarios in order to formulate hunting strategies to identify the presence of threats that are going undetected by existing security controls.
:Liaise with appropriate internal stakeholders during the investigation process to determine whether a security incident has occurred, identify the root cause and provide appropriate recommendations for remediation.
:Developing hunt hypotheses based on threat intelligence information, attacker techniques, tactics and procedures (TTPs).
:Work closely with your team to exceed our clients expectations while identifying and mitigating business risks associated with projects.
:Build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations to the client on responding to and remediating related incidents. 13;
External Posting Qualifications 13;
Required Qualifications:
:A Bachelors Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering
:Minimum of 3 years of experience as a SOC analyst, incident responder or threat hunter ideally working in a CIRT
:Direct prior experience with core security technologies such as security information and event monitoring systems (SIEM), firewalls, network and host intrusion prevention and detection systems, proxies, vulnerability scanners, and anti:virus solutions
:Good knowledge of threat hunting methodologies and compromise detection tools
:Strong analytical and investigative skills
:Good working knowledge of one or more of the following topics:
:Common security threats, industry best practices, security technologies
:Operating systems (UNIX, Linux, Windows)
:Must have strong working knowledge of Networking
:Must have experience in DLP, IPS/IDS, Firewalls, Content Filtering, End:Point Protection, DDI
:Penetration testing and ethical hacking
:Malware analysis (dynamic and static)
:Experienced with Regular Expressions (RegEx)

Desirable Qualifications:
:Industry certifications (CISSP, GIAC : GREM/GCIH/GCIA/GCFA) are a strong asset
:Proficiency in scripting languages (Python, shell, etc.)
:Prior experience working with security analytics tools
:Knowledge of analytics and machine learning models 13;
Get your career off to a great start. What impact will you make?
We're always looking for people with the relentless energy to drive and push themselves further to find new avenues and unique w


• Location: Toronto

• Post ID: 88663662 toronto is an interactive computer service that enables access by multiple users and should not be treated as the publisher or speaker of any information provided by another information content provider. © 2017