Share these opportunities

Security Analyst - Threat Hunting, CIC Vaughan

Apply now

Apply for Job

Date Posted: Jul 3, 2019

Reference Code: 44873-en_US

Job Type:  Permanent 
Primary Location: Vaughan, Ontario, Canada 
All Available Locations: Vaughan 

External Posting Description

We have an immediate opportunity for Security Analyst – Threat Hunting to join our team!  Reporting to the SOC Manager at our Cyber Intelligence Centre in Vaughan, the incumbent is self-motivated, energetic, driven for success and results oriented.  In-depth knowledge of security monitoring, incident handling, security operations processes, threat management, and common industry technologies, supports delivery and execution of managed security services.  The analyst will also be a key player in building world-class security operations capabilities that align with our strategic direction and position the Firm to deliver on new and existing engagements.

Your role as junior staff member at Deloitte:

  • Understand our purpose and values; explore opportunities for impact
  • Demonstrate a strong commitment to personal learning and development; act as a brand ambassador to help attract top-talent
  • Understand expectations and demonstrate personal accountability for keeping performance on-track
  • Actively focus on developing effective communication and relationship-building skills
  • Understand how your daily work contributes to the priorities of the team, the business, and the firm

Responsibilities:

  • Analyze activity trends in Client environments using a mix of tools and analytical methodologies to hunt for threats not otherwise detected by configured security alerts.
  • Contribute to the tuning and development of SIEM use cases and other security control configurations to enhance threat detection capabilities.
  • Perform in-depth investigation of events of interest identified during threat hunt activities or security alerts received from various security technologies as per defined investigation and response procedures.
  • Build Hunt threat profiles based on various Intelligence gathering techniques.
  • Conduct threat scenario analysis to develop new use cases with relevant attack vectors, and develop attack scenarios in order to formulate hunting strategies to identify the presence of threats that are going undetected by existing security controls.
  • Liaise with appropriate internal stakeholders during the investigation process to determine whether a security incident has occurred, identify the root cause and provide appropriate recommendations for remediation.
  • Work closely with your team to exceed our Client expectations while identifying and mitigating business risks associated with projects.
  • Build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations to the client on responding to and remediating related incidents.
  • Create threat hunting monthly reports for Clients and attend meetings.
  • Maintain an up-to-date Threat hunting document repository.
  • Provide cyber threat hunting workshops internally and externally.
External Posting Qualifications

Required Qualifications:

  • A Bachelor's Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Bachelor of Technology
  • Minimum of 3 years working experience in Cyber Intelligence or as a threat hunter ideally working within a CIRT.
  • Direct prior experience with core security technologies such as security information and event monitoring systems (SIEM), vulnerability scanners, anti-virus solutions and EDRs
  • Strong knowledge of threat intelligence and threat hunting
  • Strong analytical and investigative skills.
  • Knowledge of technical security controls and mitigations
  • 24x7 on-call availability for high severity incidents
  • Good working knowledge of one or more of the following topics:
  • Common security threats, industry best practices, security technologies
  • Good working knowledge of advanced endpoint analytics
  • Experience with a Cyber Kill Chain
  • Must have experience in DLP, IPS/IDS, Firewalls, Content Filtering, End-Point Protection, DDI, Maltego, Power BI
  • Knowledge on Digital forensics and malware reverse engineering
  • Penetration testing and ethical hacking
  • Malware analysis (dynamic and static)
  • Experienced with Bro, Elasticsearch, Logstash, and Kibana.
  • Experienced with Regular Expressions (RegEx)

Desirable Qualifications:

  • Proficiency in scripting languages (Python, shell, etc.)
  • Prior experience working as a SOC analyst
  • Law Enforcement or Services Background
  • Knowledge of analytics and machine learning models
  • Industry certifications (CISSP, GIAC – GPEN, GCFE, GSE) are a strong asset

 

Why Deloitte?

Launch your career with The One Firm where you can make a greater impact than you ever thought possible. With endless opportunities at every turn, and a culture built to support and drive our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, and lead.

At Deloitte, we understand that everyone, and their career goals, are different. As a firm, we help create the conditions and opportunities that will enable our people to thrive – both professionally and personally. We do this by making three commitments to our people:

  • You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.
  • You can work your way: We give you the means to work how you want, and we have innovative spaces and the mindset to help you be wildly successful.
  • You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

Apply now and let us show you how to push your career to the next level at Deloitte. The One Firm. For You.

Deloitte is an inclusive employer dedicated to building a diverse workforce.  We encourage applications from all qualified candidates and will accommodate applicants’ needs under the respective provincial human rights codes throughout all stages of the recruitment and selection process. Please advise the Recruiter to ensure your accessibility needs are accommodated throughout this process.  Information received relating to accommodation will be addressed confidentially.

We thank all applicants in advance for their interest; however, only those candidates selected for an interview will be contacted

44873

 

Apply now

Apply for Job

Find similar jobs: