Cyberthreat Hunting Specialist, Cyberthreat Evaluation Centre

Requisition ID: 238664

Join a purpose driven winning team committed to results in an inclusive and high-performing culture.

Reporting to the Director of Cyberthreat Evaluation Centre the Cyberthreat Hunting Specialist role within the Cyberthreat Evaluation Centre team is responsible for identifying and assessing cyber-security and insider (people) threats posing potential risk and harm throughout Scotiabank globally.

The Cyberthreat Hunting Specialist works as part of a pro-active investigation team that iteratively analyzes information across various data sources facilitates establishing the likelihood of business impact and helps to identify control enhancements to mitigate/isolate risk to business operations.

The Cyberthreat Hunting Specialist effectively collaborates with key stakeholders globally to develop implement and integrate the teams continuous improvement capabilities to minimize the cost of performing pro-active investigations.

Is this role right for you In this role you will:

• Lead threat hunting operations using analytics-driven awareness-driven and intelligence-driven analysis methodologies to detect and mitigate threats across the enterprise.
• Ensure that proper chain of custody is maintained and that all evidence recovery and collection methods are conducted managed and archived in a manner consistent to maintain preservation and protection of data and evidence in its original form.
• Recommend security solutions and controls to improve deficiencies identified during an investigation.
• Participate as a key stakeholder in the Banks Computer Incident Response Team (CIRT) and incident management engagements
• Manage and perform comprehensive technical analyses and interpret computer-related evidence such as e-mail accounting software various databases and information stored on electronic devices using specially designed software and hardware.
• Continue to improve processes including feedback to areas under review regarding control issues.
• Develop and implement processes and technologies to reduce costs and minimize business impacts during threat hunting engagements.
• Support develop and maintain mechanisms for occurrence reporting and management threat hunting engagements.
• Provide advisory services to enhance Information and Cyber Security engagements.
• Adhere to industry standard principles methodologies and techniques when gathering processing handling and storing digital evidence.
• Ensure that proper chain of custody is maintained and that all evidence management techniques and methods are executed in a forensically sound manner consistent with proven industry standards

Do you have the skills that will enable you to succeed in this role Wed love to work with you if you have:

• Must have a strong approach to critical thinking analytics problem solving creativity & detail orientation.
• Current and working knowledge in Windows/Unix operating systems mobile devices PC hardware and PC networking.
• Working knowledge of major programming languages (python objective C C# SQL AQL others).
• Knowledge and experience with data mining and analytics using relational databases (i.e. Microsoft SQL)
• Proficiency in technical writing & communication for a business audience in English.
• Demonstrates a current and working knowledge of threat hunting principles methodologies and techniques
• Experience conducting threat hunting on various operating systems using industry standards digital forensic tools (ex. EnCase Cellebrite others) and various security technologies (ex. endpoint protection data loss prevention security information and event management and others).
• Ability to clearly articulate and visually present complex threat hunt investigation and analysis results and draft concise reports for the intended audience communicating and explaining effectively findings in laymans terms
• Ability to work both independently and within a team to conduct threat hunt investigations; and the ability to gain the trust of business stakeholders to achieve a desired objective
• 5 years working experience in information/cyber security or related field; or a Bachelors degree in an approved field from an accredited university and a minimum of 3 years of documented and relevant experience.
• Professional certifications and membership of associations in the field of information/cyber security and preferred but not required such as: Global Information Assurance Certification (GIAC) Systems Security Certified Practitioner (SSCP) Certified Ethical Hacker (CEH).

Whats in it for you

• Diversity Equity Inclusion & Allyship-We strive to create an inclusive culture where every employee is empowered to reach their fullest potential respected for who they are and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities ethnicity race age ability & veterans.
• Accessibility and Workplace Accommodations- We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.
• Upskillingthrough online courses cross-functional development opportunities and tuition assistance.
• Competitive Rewards program including bonus flexible vacation personal sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons contests Humans of Digital and much more!

Location(s): Canada : Ontario : Toronto

Scotiabank is a leading bank in the Americas. Guided by our purpose: for every future we help our customers their families and their communities achieve success through a broad range of advice products and services including personal and commercial banking wealth management and private banking corporate and investment banking and capital markets.

At Scotiabank we value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including but not limited to an accessible interview site alternate format documents ASL Interpreter or Assistive Technology) during the recruitment and selection process please let our Recruitment team know. If you require technical assistance please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however only those candidates who are selected for an interview will be contacted.