Security Advisor Specialist - Threat Profiling

Pay at Intact is about much more than just salary.

• Flexible work arrangements and a hybrid work model

• Possibility to purchase up to 5 extra days off per year

• Multiple benefits offered to support physical and mental wellbeing, including telemedicine, Wellness account and much more

• Share plan & other savings: up to 12% of salary or even more (ask how you could earn guaranteed income for life)

Salary range (but not limited to):

118,700 - 145,100

Annual bonus target, based on the base salary, with a potential payout of up to double the target (subject to personal and company performance):

15%

As part of our commitment to Win As A Team, we share our success with employees through our annual bonus plan and Employee Share Purchase Plan (ESPP) – with Intact matching 50% of your net shares.

Our pension offerings provide flexibility and long-term security for our employees beyond their careers. We are one of the few companies offering the opportunity to receive guaranteed income for life via our defined benefit pension plan.

Salary for the candidate will be determined taking into consideration a number of factors including: experience, skills, qualifications, anticipated contribution to role, internal equity, etc. The salary range presented above is based on a 35-hour workweek and would represent a majority of different candidate profiles. However, we encourage candidates who may fall outside of this range to apply as well.

About the role

About the Role

Within the Cyber Defence function, we are establishing a Threat Exposure Oversight capability to strengthen how security risks are identified, measured, validated, and tracked across the organisation. The Threat Exposure Oversight Specialist operates across cyber defence domains, translating threat scenarios into measurable control and detection coverage, validating implementation through evidence, and ensuring residual risk is clearly documented and visible to leadership.

This role work cross functionally with Threat Intelligence, Detection Engineering, Incident Response, and Insider Threat stakeholders to improve clarity, accountability, and exposure transparency.

This is not a traditional monitoring role. It focuses on validation, integration, and risk clarity across technical security functions.

What you'll do here:

Cyber Threat Exposure Oversight

• Translate red team findings and threat intelligence into measurable detection and control expectations.

• Map threat techniques to telemetry sources and detection logic.

• Validate detection implementation through artifact review (rule Ids, configurations, test evidence)

• Identify and document coverage gaps.

• Maintain structured mapping from threat - control - detection - residual risk

• Support executive-level exposure reporting within Cyber Defense

Insider Threat Oversight

• Support development and refinement of insider threat monitoring strategy within Cyber Defense.

• Translate insider threat scenarios into measurable telemetry and controls expectations.

• Validate monitoring coverage for privilege misuse, data exfiltration, and anomalous access patterns.

• Partner with relevant stakeholders (Security, HR, Legal where appropriate)

• Document insider threat posture and maturity gaps.

Cross-Functional Integration

• Collaborate with Threat Intelligence, Detection Engineering, and Incident Response teams.

• Clarify ownership boundaries and decision points.

• Promote evidence-based closure discipline.

• Ensure remediation decisions are traceable and documented.

What Success Looks Like

• Threat findings are translated into measurable and validated control expectations.

• Detection coverage is confirmed through evidence, not assumption.

• Insider threat monitoring aligns with clearly defined risk scenarios.

• Residual risks are documented and visible to Cyber Defence leadership.

• Cross-team collaboration is structured and predictable

What you bring to the table:

• Minumun 3 years experience in detection engineering, threat hunting, insider threat, red team, or similar technical Cyber Defense role.

• 5+ years of experience in IT or security operations.

• Strong knowledge with SIEM, EDR, endpoint telemetry, or log-based detection environments.

• Experience working with threat modeling methodologies such as MITRE ATT&CK, STRIDE, PASTA etc..

• Ability to translate technical findings into structured risk narratives.

• Strong analytical and documentation skills.

• Comfort operating in cross-functional environments.

• Ability to challenge assumptions through calm, evidence-based discussion.

• Strong initiative: proven ability and experience leading projects and initiatives autonomously.

• For candidates located in Quebec, bilingualism is required considering the necessity to interact on a regular basis with English-speaking colleagues across the country.

• No Canadian work experience required however must be eligible to work in Canada.

#LI-Hybrid

Ce poste jouera un rôle essentiel au sein de notre équipe. | This position will fill an essential role in our team.