Senior Threat Hunter (GCS)

Provides technical expertise on the development and support of all activities, processes, and tools needed to protect information security. Applies extensive, in-depth knowledge, skills, and practices to perform complex assignments.

What is the opportunity?

Do you enjoy cyber security research and innovation, proactive thinking and problem solving, in a challenging and adaptive environment while constantly thinking outside of the box? If so, this opportunity is right for you!

RBC`s Cyber Threat Hunting team is responsible for the proactive identification and detection of sophisticated threat actors and insider threats that might pose a risk to the organization and employees. We are a team of experienced and enthusiastic security experts, researchers, and innovators that are passionate about solving complex cyber security problems, developing novel solutions, and building prototypes in areas where security vendors are one step behind. We engineer tailor-made detections that will reduce risk to our organization, employees, and clients.

We’re looking for an experienced Senior Cyber Threat Hunter who is constantly thinking outside the box, ready to dive deep into the smallest details, is passionate about cybersecurity and has a natural detective sense. The right candidate has experience in both offensive and defensive operations and enjoys innovation and security research.

What will you do?

• Create detection engineering solutions to proactively identify and mitigate sophisticated threat actors (APTs/UNCs) and insider threats
• Analyze, research and reverse engineer Tactics Techniques and Procedures (TTPs) and malware samples to create detections based on industry leading frameworks such as MITRE ATT&CK
• Develop, plan, lead and participate in Purple Team Exercises focusing on and discovering and mitigating emerging threats
• Innovate and create novel solutions including User Behavior Analytics (UBA) models by leveraging Data Science and Machine Learning (ML), bringing cybersecurity and data science closer
• Collaborate and foster relationships with multiple teams including Adversary Emulation (Red Team), Data Science, Threat Intelligence, Security Operation Centre (SOC) and Digital Forensics and Incident Response (DFIR) to drive pragmatic cyber security improvement
• Work closely with our dedicated Development team to create and enhance our threat hunting in-house developed products
• Assist in developing, implementing, and refining our defensive tradecraft and tooling
• Provide bespoke advisory and consultation services to senior executive management and perform as a cyber security SME for emerging threats and investigations
• Work and utilize vast data sources, data lakes and security vendor solutions
• In conjunction with other members of the Global Cyber Security group, you would ensure the ongoing enhancement of the threat hunting methodologies and overall strategy to detect and alert of cyber threats

What do you need to succeed?

Must-have

• 5+ years of Cyber Security operations experience preferably comprised of both defensive and offensive roles
• Strong Innovative and outside of the box thinking mindset
• Strong communication and collaboration skills
• Familiarization with the cyber security Kill Chain phases and MITRE ATT&CK framework TTPs
• Knowledge of offensive security tools, techniques, and procedures
• Solid grasp of cyber security controls/products including both endpoint, network, application, and infrastructure
• Well-rounded knowledge of various cyber security domains, focusing on operational security
• Knowledge of current regional and global threat landscape
• Foundational knowledge of Python and SQL

Nice-to-have

• Cloud knowledge and expertise of leading cloud providers (AWS, GCP, Azure)
• Hands-on experience in malware analysis, reverse engineering, and security research
• Financial industry experience or previous experience working for a cyber security team or security vendor
• Prior experience conducting blue/purple team exercises or penetration testing
• Strong understanding of computing architecture, OS Internals and CPU architectures
• Programming languages such as C++/C#/JavaScript/Assembly
• Digital Forensics skills including memory/network/OS/disk forensics
• Defensive oriented certification such as GIAC GREM, GCFA or other reputable, technical, and defensive/offensive focused certification

What’s in it for you?

We thrive on the challenge to be our best, progressive thinking to keep growing, and working together to deliver trusted advice to help our clients thrive and communities prosper. We care about each other, reaching our potential, making a difference to our communities, and achieving success that is mutual.

• A comprehensive Total Rewards Program including bonuses and flexible benefits, competitive compensation, commissions, and stock where applicable.

• Leaders who support your development through coaching and managing opportunities.

• Ability to make a difference and lasting impact.

• Work in a dynamic, collaborative, progressive, and high-performing team.

• Flexible work/life balance options.

• Opportunities to do challenging work.

• Opportunities to take on progressively greater accountabilities.

• Opportunities to building close relationships with clients.

#LI-Hybrid

#LI-POST

#TECHPJ

Job Skills

Confidentiality, Cybersecurity, Cyber Security Management, Cyber Threat Hunting, Decision Making, Detail-Oriented, Encryption Software, Group Problem Solving, High Impact Communication, Incident Response, Information Security, Information Security Management, Information Technology Security, Security Research

Additional Job Details

330 FRONT ST W:TORONTO

TORONTO

Canada

37.5

Full time

TECHNOLOGY AND OPERATIONS

Regular

Salaried

2024-09-04

2024-10-04