Cybersecurity Specialist, Threat Intelligence

Job Title: Cybersecurity Specialist, Threat Intelligence

Location: Toronto, ON (Remote)

Estimated Duration: Fulltime

Cybersecurity Specialist, Threat Intelligence

The Senior Cyber Security analyst, within Threat Intelligence is a key member of a fast-paced team responsible for defending our technology infrastructure and web assets against a complex cyber threat environment. Working independently and as part of a large Cybersecurity team, this position collaborates with both IT and business areas to ensure that we are best-in-class when it comes to Cybersecurity Operations. 

Responsibilities:

• Help drive and lead the Threat Intelligence program, including developing and planning the strategy to evolve the program
• Review and recommend platforms and technology to enhance Threat Intelligence effectiveness
• As part of a Threat Intelligence team, identify, prioritize, document and communicate potential threats across all banners in the organization
• Model threats that will impact the confidentiality, integrity and availability of the key business applications, outline gaps and improvements in the security stack
• Develop actionable intelligence via technical indicators, reports, rules, signatures, or warnings
• Prepare briefing materials, including ad-hoc executive briefings and specific issue briefings
• Actively participate in various Threat Intelligence communities to stay informed of emerging threats, and share information with others
• Prepare threat assessments for special events and initiatives, and present to senior and executive management
• Providing expert-level support for large scale or complex security incidents

Requirements:

• 4-6 Years of technical experience in a large enterprise environment with demonstrated ability to analyze, model and drive responses to complex security threats.
• 3+ years supporting incident response and/or investigations
• Excellent writing and presentation skills to facilitate communication of vulnerabilities, priorities, and other escalation points to various stakeholders
• Experience using Cyber Kill Chain and MITRE ATT&CK Framework
• Strong understanding of strategic, tactical and operational level threat intelligence
• Experience with Cyber security testing methodologies (I.e. Red team, Blue team, Purple team)
• Experience with threat modelling concepts such as STRIDE, PASTA, etc., and applying these concepts into real world applications in an organization
• Experience with security devices such as SIEM, IDS/IPS, HIDS/HIPS, anomaly detection, Firewall, Antivirus systems, Endpoint Detection & Response tools and their log output

Nice to have skills

• Familiar with Threat Intelligence Platforms
• Certification in Security is preferred (e.g. CISSP, CEH)
• Experience with penetration testing, tools & methodologies
• Experience with industrial taxonomies like Cyber Kill Chain, MiTRE’s ATT&CK, MiTRE’s CAPEC, MiTRE’s CAR, NIST, CIF, SANS and STIX 2.0
• Knowledge of modern development languages (e.g. Java, .NET, C/C++, JavaScript) and scripting languages (Python, Perl, Bash, etc.)