Share this Job

Title:  Cyber Hunt Analyst




Requisition ID: 87715


Join the Global Community of Scotiabankers to help customers become better off.


As part of Scotiabank’s Cyber Security Services (CSS) department, the Cyber Hunt Analyst will work to protect the bank’s assets and networks globally. This individual will work as part of the Proactive investigation (Hunt) team, searching the environment for anomalies/IOCs that would indicate a potential compromise. 


The Cyber Hunt Analyst will conduct investigations into anomalous traffic in the environment, focusing on endpoint logs.  This analysis aims to identify threats and mal-intent towards the organization by means of intrusion detection while also producing reports, root cause analysis (where applicable) and security tuning recommendations from the findings. As a technical lead, the business will rely heavily on your technical expertise to make product, policy or procedure changes to enhance the company’s security.


Key Accountabilities: 
As a subject matter expert, this role will be expected to achieve the company’s information security objectives of confidentiality, integrity and availability (CIA) of information, as well as the delivery of company services through:

  • Monitor the environment through the Qradar SIEM solution to identify anomalies and IOCs that would indicate a critical vulnerability in a process/system is an active threat.
  • Security monitoring of the company’s internet resources, ensuring the appropriateness of resource settings, configuration and usage as well as protection from any network data leakage.
  • Custom signature creation for malware/Intrusion detection,  including but not limited to the following tools:   Snort, Suricata,  Qradar SIEM correlation rules, yara rules
  • Help facilitate the company’s global security monitoring and threat intelligence programs.
  • Provide subject matter expertise to CSS management on emerging threats and findings uncovered during investigations.
  • Escalate any incidents to I.R (incident response) for remediation
  • Analyze threat telemetry from network/endpoint logging devices, providing remediation and recommendations where required.
  • Provides in-depth malware analysis and provides findings to internal enrich the company’s threat intelligence program.
  • Responds as required in the event of a CERT / CSIRT.
  • Takes part in CSS initiatives as directed to contribute to the strategic direction for security related technologies or other controls that need to be put in place to reduce the threat levels to the company.



  • Strong experience with the following technical fields: operating systems administration, vulnerability management, malware analysis, databases and web services / web applications.
  • Strong hands on experience with SIEM, Malware Analysis and CERT/CSIRT deployments for security incidents.
  • Ability to deal with highly technical issues and extremely complex diverse systems.
  • Ability to implement policy changes to the IPS platforms.
  • Experience in one or more of the following:
    • HIPs agent management/configuration
    • LDAP/Kerberos authentication
    • Mobile device operating systems (Android/Apple IOS)
    • Software / web development security including working knowledge of major programming languages (python, java, objective C, C#, SQL, AQL, etc).
    • Database security
  • After hours on call support work for problem resolution will be required
  • University degree or College Diploma in information technology, information security, computer science, or equivalent
  • Security certifications and accreditations would be an asset (GSEC, CompTIA Security+, CISSP, CEH etc.)




Location(s):  Canada : Ontario : Scarborough 

As Canada's International Bank, we are a diverse and global team. We speak more than 100 languages with backgrounds from more than 120 countries. Our employees are committed to a superior customer experience and use the Bank’s six guiding sales practice principles to ensure they act with honesty and integrity.


At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.