Senior Specialist, Threat Intelligence

78305
Permanent/Direct Hire
4 days ago

 

Job Title Senior Specialist Threat Intelligence
Division Office of the Chief Information Security Officer
Reports To Manager Cyber Intelligence & Offensive Security
   
   
Job Type Permanent Full Time
Shift Information Monday to Friday, 35 hours work week

JOB SUMMARY:
To support the execution of the Chief Information Security Officer’s (CISO) mandate, cyber vision and strategy, providing technical and business advice, support and services on Threat Management cyber programs and initiatives to all City divisions, agencies and corporations.
To define, develop and support Threat Management cyber programs and initiatives, engaging with teams across the organization to build alignment on key projects and develop execution roadmaps.
To provide subject matter expertise, strategic advice, senior level guidance and operational support for Threat Intelligence area within the Threat Management section.

MAJOR RESPONSIBILITIES:

  • Leads the development, deployment and management of cyber threat intelligence capabilities and methods and creates models and analytics to detect abnormal activities within the infrastructure.
  • Provides expertise and understanding of the threat landscape to mitigate risk and understand threats that might impact.
  • Provides expert knowledge of Threat Intelligence processes and technologies including VM, SIEM, SOC, threat hunting, incident response, and cloud security.
  • Finds new and creative ways to detect new threats as well as existing threats by matching the tactics, techniques and procedures of known threat actors.
  • Builds knowledge of and stays current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations on responding to and remediating related incidents, including the development of proactive analytics use cases.
  • Develop a deep understanding of business critical information assets and business processes to effectively identify, assess, and prioritize threat intelligence that poses the highest potential risk to key functions.
  • Assesses the relevance and usefulness of security data, conducts gap analyses on the data, and specifies configuration requirements for tools and controls to ensure that indicators of attacks/misuses are recorded properly in security technology stack.

QUALIFICATIONS/CERTIFICATIONS:

  • Post-secondary degree in Business or Technology or a related discipline.
  • Over 6 years experience in Threat Intelligence
  • In-Depth knowledge of cyber investigation or threat intelligence.
  • Extensive experience with intelligence analysis processes, including Open Source Intelligence (OSINT) and closed source intelligence gathering, source verification, data fusion, link analysis, and threat actor analysis, is required.
  • Extensive experience working in a Security Operations Centre (SOC) or Computer Emergency Response Team (CERT/CIRT).
  • Excellent  understanding of the current vulnerabilities, response, and mitigation strategies used in cyber security is required.
  • Excellent  ability to research and characterize security threats to include identification and classification of threat indicators is required.
  • Investigative and analytical problem solving skills demonstrated by previous risk analysis and intelligence development experience are required.
  • Excellent current and working knowledge of Information Security best-practices, methodologies, and techniques.
  • Strong knowledge of effective security practices in a large, complex environment and awareness of general security-related training requirements within this environment.
  • Preferred Certifications (any in the list): CISSP, CRISC, C|TIA, CRTIA, GPEN, GCTI

SKILLS:

  • Ability to work in transformative programs.
  • Ability to lead efficient communication between all project stakeholders, including internal teams and clients.
  • Ability to achieve business objectives through influencing and effectively working with key stakeholders.
  • Excellent written & verbal communication skills (comfortable & confident communicating at all levels including business partners, leadership and vendors.
  • Excellent problem-solving skills with capability to identify solutions to unusual and complex problems.
  • Keen attention to detail and strong organizational skills.
  • Highly organized, proactive, self-motivated team player who takes initiative and is able to work independently.
  • Ability to work in a fast-paced environment managing multiple priorities with proven time management skills.
  • Strong analytical skills and ability to prioritise and multitask.
  • Ability to prioritize and effectively manage competing priorities and projects.
  • Ability to manage multiple initiatives while adhering to strict deadlines.
  • Able to work extremely well under pressure while maintaining a high level of professionalism.
  • Self-motivated person with desire to go above and beyond tasks.
  • Transferable skills, like communication and decision-making, are equally important.
  • Ability to think on their feet and show good judgment are especially valuable in this field. Security professionals should always be ready to react to cyber-related incidents quickly.

ADDITIONAL COMMENTS/INFORMATION:
A normal work week is 35 hours, however, unforeseen situation may require extended hours of work with little or no prior notice. In case of a cyber incident or breach, rotation shift, continuous extended hours may be required with little or no prior notice.
               
*Subject to a police check, background check, psychological assessment and/or any other checks on a regular basis as the Office of the CISO handles highly sensitive and confidential information.

Equity, Diversity and Inclusion

The client is an equal opportunity employer, dedicated to creating a workplace culture of inclusiveness that reflects the diverse residents that we serve. Learn more about the client’s commitment to employment equity.

ACCOMMODATION

The client is committed to creating an accessible and inclusive organization. We are committed to providing barrier-free and accessible employment practices in compliance with the Accessibility for Ontarians with Disabilities Act (AODA). Should you require Code-protected accommodation through any stage of the recruitment process, please make them known when contacted and we will work with you to meet your needs. Disability-related accommodation during the application process is available upon request. Learn more about the client’s Hiring Policies and Accommodation Process.