Title:  Cyberthreat Hunting Specialist, Cyberthreat Evaluation Centre

Requisition ID: 238664

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.

Reporting to the Director of Cyberthreat Evaluation Centre, the Cyberthreat Hunting Specialist role within the Cyberthreat Evaluation Centre team is responsible for identifying and assessing cyber-security and insider (people) threats posing potential risk and harm throughout Scotiabank globally. 

The Cyberthreat Hunting Specialist works as part of a pro-active investigation team that iteratively analyzes information across various data sources, facilitates establishing the likelihood of business impact, and helps to identify control enhancements to mitigate/isolate risk to business operations. 

The Cyberthreat Hunting Specialist effectively collaborates with key stakeholders globally to develop, implement, and integrate the team’s continuous improvement capabilities to minimize the cost of performing pro-active investigations.

Is this role right for you? In this role, you will:

• Lead threat hunting operations using analytics-driven, awareness-driven, and intelligence-driven analysis methodologies to detect and mitigate threats across the enterprise.
• Ensure that proper chain of custody is maintained and that all evidence recovery and collection methods are conducted, managed, and archived in a manner consistent to maintain preservation and protection of data and evidence in its original form.
• Recommend security solutions and controls to improve deficiencies identified during an investigation.
• Participate as a key stakeholder in the Bank’s Computer Incident Response Team (CIRT) and incident management engagements
• Manage and perform comprehensive technical analyses and interpret computer-related evidence such as e-mail, accounting software, various databases, and information stored on electronic devices using specially designed software and hardware.
• Continue to improve processes including feedback to areas under review regarding control issues.
• Develop and implement processes and technologies to reduce costs and minimize business impacts during threat hunting engagements.
• Support, develop and maintain mechanisms for occurrence reporting and management threat hunting engagements.
• Provide advisory services to enhance Information and Cyber Security engagements.
• Adhere to industry standard principles, methodologies, and techniques when gathering, processing, handling and storing digital evidence.
• Ensure that proper chain of custody is maintained and that all evidence management techniques and methods are executed in a forensically sound manner consistent with proven industry standards

Do you have the skills that will enable you to succeed in this role? We'd love to work with you if you have:

• Must have a strong approach to critical thinking, analytics, problem solving, creativity & detail orientation.
• Current and working knowledge in Windows/Unix operating systems, mobile devices, PC hardware and PC networking.
• Working knowledge of major programming languages (python, objective C, C#, SQL, AQL, others).
• Knowledge and experience with data mining and analytics using relational databases (i.e. Microsoft SQL)
• Proficiency in technical writing & communication for a business audience in English.
• Demonstrates a current and working knowledge of threat hunting principles, methodologies, and techniques
• Experience conducting threat hunting on various operating systems using industry standards digital forensic tools (ex. EnCase, Cellebrite, others) and various security technologies (ex. endpoint protection, data loss prevention, security information and event management, and others).
• Ability to clearly articulate and visually present complex threat hunt investigation and analysis results and draft concise reports for the intended audience, communicating and explaining effectively findings in layman’s terms
• Ability to work both independently and within a team to conduct threat hunt investigations; and the ability to gain the trust of business stakeholders to achieve a desired objective
• +5 years working experience in information/cyber security or related field; or a Bachelor's degree in an approved field from an accredited university and a minimum of +3 years of documented and relevant experience.
• Professional certifications and membership of associations in the field of information/cyber security and preferred, but not required, such as: Global Information Assurance Certification (GIAC), Systems Security Certified Practitioner (SSCP), Certified Ethical Hacker (CEH).

What's in it for you?

• Diversity, Equity, Inclusion & Allyship - We strive to create an inclusive culture where every employee is empowered to reach their fullest potential, respected for who they are, and are embraced through bias-free practices and inclusive values across Scotiabank. We embrace diversity and provide opportunities for all employee to learn, grow & participate through our various Employee Resource Groups (ERGs) that span across diverse gender identities, ethnicity, race, age, ability & veterans.
• Accessibility and Workplace Accommodations - We value the unique skills and experiences each individual brings to the Bank and are committed to creating and maintaining an inclusive and accessible environment for everyone. Scotiabank continues to locate, remove and prevent barriers so that we can build a diverse and inclusive environment while meeting accessibility requirements.  
• Upskilling through online courses, cross-functional development opportunities, and tuition assistance. 
• Competitive Rewards program including bonus, flexible vacation, personal, sick days and benefits will start on day one.
• Community Engagement - no matter where you choose to work from; we offer opportunities for community engagement & belonging with our various programs such as hackathons, contests, Humans of Digital and much more!

Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.