Cyber Threat Hunting Specialist

You are as unique as your background, experience and point of view. Here, you’ll be encouraged, empowered and challenged to be your best self. You'll work with dynamic colleagues - experts in their fields - who are eager to share their knowledge with you. Your leaders will inspire and help you reach your potential and soar to new heights. Every day, you'll have new and exciting opportunities to make life brighter for our Clients - who are at the heart of everything we do. Discover how you can make a difference in the lives of individuals, families and communities around the world.

Job Description:

The Cyber Threat Hunting Specialist reports to the Manager of Cyber Threat Hunting and is responsible for proactively and iteratively identifying and responding to potential threats within the organization. Using a variety of methods, such as analyzing network traffic, monitoring for malicious activity, and researching emerging cyber threats, the mission is to find and mitigate risk.

Sun Life’s Cyber Threat Hunting team is responsible for the proactive identification and detection of threat actors and insider threats that might pose a risk to the organization and employees. The role of a Cyber Threat Hunting Specialist will need to use various tools and techniques to identify suspicious activities, including network traffic analysis, log analysis, and malware analysis. They may also be responsible for collaborating with other teams to ensure threats are accurately addressed and mitigated.

Responsibilities:

• Identify and mitigate threats across the organization.
• Document security vulnerabilities discovered during hunting activities and make recommendation on security solutions and controls.
• Perform malware analysis through static and dynamic examination, reverse engineering, and sandbox-based analysis.
• Analyze threat intelligence reports to understand threat vectors, exploits, and attacker tactics, techniques, and procedures (TTPs), contributing to the development of effective security countermeasures.
• Demonstrate an understanding of common threat actor TTPs, offensive security tooling capabilities and their relationship to the phases of the MITRE ATT&CK Framework.
• The successful candidate will be required to obtain professional designation in IT security within 1 year of employment.

Qualifications:

• University degree or college diploma in Computer Science, mathematics, engineering, IT security management, risk management, or comparable. professional education/training in a field relevant to IT Security management.
• Minimum one year in IT/Information Security, preferably with experience in threat intelligence, threat hunting or malware knowledge.
• Familiarization with the cyber security Kill Chain phases and MITRE ATT&CK framework TTPs.
• Detailed Internet, networking, and computer knowledge (Software & Hardware).
• Knowledge of multiple operating systems and applicable system administration skills (Windows, Unix, Linux).
• Familiarity with the tools and techniques commonly used by malicious actors including vulnerability scanners, malware, and penetration testing platforms/frameworks.
• Knowledge of Information Security principles, protocols, practices and industry standards.
• Understanding of existing and emerging Information Security technologies.
• Strong in all areas of communication, in written and verbal forms.
• Detail oriented with strong organizational and analytical skills.
• Good technology generalist, with a good understanding of all aspects of IT especially architecture.
• Ability to work with minimal direct oversight, maintaining high quality analytical production.

Job Category:

Posting End Date: