Cybersecurity Specialist, Threat Hunt

Cybersecurity Specialist, Threat Hunt
Location: Toronto, ON (Remote)
Full Time Permanent
Client: Canadian Tire
About Us
Canadian Tire Corporation, Limited (“CTC”) is one of Canada’s most admired and trusted companies. With more than 90 Owned Brands, 1,700 retail locations, financial services, exemplary e-commerce capabilities, and exciting market-leading merchandising strategies. We dream big and work as one to innovate with purpose for our customers at every level of our business, investing in new technologies and products, and doubling down on top talent to drive the company forward. We offer competitive salaries and wages to CTC employees, as well as store discounts, supported learning through our Triangle Learning Academy, Canadian Tire Profit Sharing, and retirement and savings programs for eligible employees. As part of our enhanced flex benefits program, we offer mental health benefits in the amount of $5,000 per year for benefits-eligible employees and their families, including total well-being, and mental health tools and resources for all employees. Join us in helping to make life in Canada better through living and working our Core Values: we are innovators and entrepreneurs at our core, outcomes drive us, inclusion is a must, we are stronger together and we take personal responsibility. It is an especially exciting time to join CTC and its family of companies where career opportunities are wide-ranging! Join us, where there's a place for you here.

The Senior Cyber Security Analyst, within Threat Hunting, is a key member of a fast-paced team responsible for proactively detecting and responding to advanced threats targeting our technology infrastructure and web assets. Working independently and as part of a large Cybersecurity team, this position collaborates with both IT and business areas to ensure that we are is best-in-class when it comes to Cybersecurity Operations.

Responsibilities

• Lead and evolve the Threat Hunting program, including strategy development and execution
• Proactively hunt for signs of malicious activity across endpoints, networks, and cloud environments using advanced analytics and threat intelligence
• Involved primarily in Threat Intelligence workstream, in addition to hunting for signs of malicious activity across endpoints, networks, and cloud environments
• Develop hypotheses based on threat intelligence, attack trends, and environmental context, and test them through data analysis and investigation
• Identify gaps in visibility and detection capabilities, and recommend enhancements to tooling and telemetry
• Perform deep-dive investigations into suspicious activity, leveraging threat intelligence, behavioral analytics, and forensic techniques
• Collaborate with Incident Response and Threat Intelligence teams to enrich hunts and investigations
• Support and direct third party hunt team on quarterly hunts
• Develop and maintain hunt playbooks and procedures to ensure repeatability and continuous improvement
• Prepare and deliver detailed reports and executive briefings on hunt findings, threat trends, and mitigation recommendations
• Engage with external threat hunting and intelligence communities to stay ahead of emerging threats

Required Skills:

• 4-6 years of technical experience in a large enterprise environment with demonstrated ability to proactively detect and respond to complex security threats
• 3+ years supporting threat hunting, incident response, or security investigations
• Strong understanding of attacker tactics, techniques, and procedures (TTPs), and experience applying frameworks like MITRE ATT&CK
• Experience with endpoint and network telemetry, log analysis, and behavioral analytics
• Excellent writing and presentation skills to communicate findings, risks, and recommendations to technical and non-technical audiences
• Experience with threat modeling and hypothesis-driven hunting approaches
• Hands-on experience with SIEM, EDR, NDR, and other detection and response technologies
• Ability to correlate data across multiple sources to identify patterns and anomalies

Nice to have skills

• Familiarity with Threat Hunting Platforms and automation tools
• Certification in Security is preferred (e.g. GCFA, GCTI, CISSP, CEH)
• Experience with scripting and automation (Python, PowerShell, etc.) to support hunt operations
• Knowledge of industrial taxonomies like MITRE ATT&CK, Cyber Kill Chain, CAPEC, and STIX
• Experience with cloud environments (AWS, Azure, GCP) and hunting in cloud-native telemetry

Our Commitment to Diversity, Inclusion and Belonging 
 We are committed to fostering an environment where belonging thrives, and diversity, inclusion and equity are infused into everything we do. We believe in building an organizational culture where people are consistently treated with dignity while respecting individual religion, nationality, gender, race, age, perceived ability, spoken language, sexual orientation, and identification. We are united in our purpose of being here to help make life in Canada better.
 
Accommodations  
 We stand firm in our Core Value that inclusion is a must. We welcome and encourage candidates from equity-seeking groups such as people who identify as racialized, Indigenous, 2SLGBTQIA+, women, people with disabilities, and beyond. Should you require any accommodation in applying for this role, or throughout the interview process, please make them known when contacted and we will work with you to help meet your needs.