Security Threat Hunting Specialist 0394-2210

Toronto - Canada

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

HM Note: This hybrid contract role is one (1) day in office. Candidates resumes must include first and last name. Candidates can work in Toronto or Orillia offices

Description

Responsibilities:

Conducts penetration tests vulnerability assessments code reviews threat hunting network vulnerability assessments and red team exercises in all environments or applications related to the OPP and OPS province wide I and amp;IT infrastructure and information resources.
Defines evaluates and assesses security requirements and safeguards for systems environments and IT projects.
Ensures the incorporation of IT security and contingency measures in the development and secure deployment of systems.
Advises on the identification analysis and resolution of specific security factors risks vulnerabilities; protection of personal privacy issues; and appropriate industry and international security standards.
Carry out information and information technology (I and amp;IT) security projects and tasks in the Ontario Provincial Police as assigned by the OPP Chief Security Office and/or cluster I and amp;IT management.

General Skills:

Strong understanding and expertise in security architecture application and network security testing.
Experience in vulnerability assessment/penetration testing of web applications by identifying analyzing and exploiting common vulnerabilities contained in web applications by using manual techniques and automated tools appropriate for enterprise use.
Experience with vulnerability assessment methodologies tools and techniques used to conduct network vulnerability assessments threat hunting red team exercises and penetration testing.
Knowledge of techniques to secure information assets and the planning design and implementation of security technologies safeguards and controls.
Proven techniques to discover gaps or weaknesses in security architecture to identify and mitigate known security threats bugs vulnerabilities and/or inherent weaknesses.
Knowledge and understanding of relevant legislation and corporate directives related to the security and confidentiality of information (e.g. Freedom of Information and Protection of Privacy Act) in order to identify and assess areas of concern and risk.
Solid knowledge of current security and contingency technology and techniques (e.g. digital signature encryption access controls firewalls authentication virus protection etc. ); and a proven working knowledge of security audit procedures and protocols.
Experience in establishing secure environments at a network operating system or application level.
Experience with implementing security on complex and distributed systems in a high sensitive law enforcement environment.
Experience in writing reports documenting risks and making recommendations for a diverse audience including executive/non-technical management level and technical resources.
Awareness of emerging IT trends and directions especially as related to security privacy and compliance in a public sector environment.
Excellent analytical problem-solving and decision-making skills; written and verbal communication skills; interpersonal and negotiation skills.
A team player with a track record for meeting deadlines managing competing priorities and client relationship management experience.

Desirable and nbsp;Skills:

Experience with multiple operating systems (such as Windows and Linux) multiple programming languages (such and Java) multiple architecture development methodologies and common network services and protocols.
Experience in Penetration Testing Red Team Exercises and Threat Hunting methods along with hands on experience with relevant tools tactics techniques and procedures.
Knowledge and understanding of Information Management principles concepts tactics techniques and procedures.
Experience in Incident Response (IR) business recovery and Disaster Recovery (DR) planning.
Experience in performing threat and risk assessment.
Experience in Public Key Infrastructure (PKI) development and operation.
Experience in secure design frameworks principles and methodologies as part of systems development projects in an agile fast paced technology driven public safety/law enforcement business operation.
Experience in Intrusion Detection Systems (IDS) intrusion Protection Systems (IPS) and Security Information and Event Management (SIEM) systems.
Experience in mitigation tools for malicious software.
Experience in network monitoring threat hunting and related tools. tactics techniques and procedures.
Experience in incident response and forensic investigation tools techniques and procedures.
Experience with source code review (DAST SAST) log collection and analysis.
Knowledge and understanding of Information Management principles concepts policies and practices.

Deliverables

Conduct penetration tests code reviews and vulnerability assessments for OPP systems and applications.
Lead threat hunting and red team exercises to simulate cyber-attacks and identify vulnerabilities.
Define and assess security architecture requirements across systems and projects.
Ensure IT security and contingency measures are integrated into system development.
Advise on security risks privacy concerns and compliance with industry standards.

Must Haves: and nbsp;

10 and nbsp;years experience and nbsp;network threat hunting and nbsp;
10 and nbsp;years experience and nbsp;red team tactics and techniques and nbsp;
10 and nbsp;years experience and nbsp;network and application security and nbsp;

HM Note: This hybrid contract role is one (1) day in office. Candidates resumes must include first and last name. Candidates can work in Toronto or Orillia officesDescriptionResponsibilities:Conducts penetration tests vulnerability assessments code reviews threat hunting network vulnerability assess...