Talent.com
CGI
Threat Hunting & Detection Content AnalystCGI • Vancouver, Canada
Threat Hunting & Detection Content Analyst

Threat Hunting & Detection Content Analyst

CGI • Vancouver, Canada
10 days ago
Job type
  • Full-time
Job description

Position Description:

The Global Security Operations Center (GSOC) Threat Hunting & Detection Content Analyst contribute to strengthening our security posture on multiple facets by developing and maintaining advanced threat detection content and conducting proactive threat hunting activities. This person plays a critical role in proactively identifying and neutralizing threats, thereby reducing risk, enhancing incident response capabilities and ensuring security threats can be identified and translated into high fidelity & actionable alerts for security investigation.

Your future duties and responsibilities:

he Threat Hunting & Detection Content Analyst is responsible for the following activities:



Threat Hunting

Research tactics, techniques and procedures (TTPs) to plan threat hunting execution

Participate in the planning and execution of our threat hunting program

Perform research and development augmenting our capabilities

Perform proactive threat identification & hunting activities and follow up based on the result



Security Detection Content Engineering

Participate in the planning and execution of our security detection content engineering program

Translate intelligence and incident response report into actionable detection capabilities

Develop new and novel detection mechanisms, behavioral detection use cases, IOCs etc

Perform research and development augmenting our capabilities

Identify new and emerging trends in threat actors' TTPs

Ad-hoc Incident support



Threat Hunting & Detection Content Service Management

Assist in producing operational report for effectiveness of the detection content & threat hunting service

Plan and deliver initiatives to streamline the services operations

Assist to manage the service operations

Establish and improve workflow, procedure, guideline for the services and automate the processes to optimize the teams’ operations



AI, Automation and Integration

Initiate automation idea and deliver with Automation team to improve the operation efficiency and the quality of the detection content and threat hunting services.

Plan and deliver integration between different technologies platforms to improve our detection content and threat hunting services

Participant and Drive AI Initiative to improve the Threat Hunting and Detection Content Service

Leverage AI Tooling or Agent to accelerate Threat Hunting and Detection Content Operation



Other Responsibilities

Participate in innovation projects including the building, deployment and evaluation of new technologies

Participate in technology evaluation in collaboration with other stakeholders

Provide advanced threat awareness and education to members of the team

Required qualifications to be successful in this role:

The candidate should be able to demonstrate a thorough understanding of cyber security especially in threat hunting, security detection content engineering, digital forensic, incident response and threat intelligence areas. The candidate must possess an in-depth knowledge of modern threats, threat actors’ TTPs, threat hunting and detection content tools/platforms and methodologies.


Education and Experience:


3 - 5 years of cyber security operations experience and at least 1 - 2 years hands-on experience in threat hunting and security detection content engineering

Candidate with less experiences will be considered as consultant.

Bachelor’s degree in computer engineering, Computer Science, Information Technology, Cyber Security, or related field; advanced degree preferred

Qualifications:

Proficient in using threat hunting tools such as Endpoint Detection and Response (EDR) & Log Analysis Platforms (SIEM)

General Knowledge of security tools such as TIP, NGFW, Sandbox, SASE, SIEM, EDR, WAF etc

Experience with scripting and programming languages (e.g. Python, Bash, etc.) for automation and analysis

Knowledge of various standard detection content format (e.g. Sigma, YARA, Snort Rule etc)

Knowledge of cyber security principles, practices, technologies, and standards

Strong knowledge of current threat, vulnerabilities and threat actors TTPs

Strong understanding of cybersecurity frameworks (e.g. MITRE ATT&CK, Cyber Kill Chain)

Knowledge of Windows, Linux and Mac Operating system

Working knowledge of generative AI technologies, including Large Language Models (LLMs) and AI-powered productivity tools

Experience using AI-assisted tools to improve efficiency in GSOC Operation including research, analysis, documentation etc

Strong knowledge of threat hunting, detection content and preferably also Incident Response, digital forensics and Threat Intelligence

Proficient in spoken and written English

Certifications:

eCTHP, GCFA, GREM, OSCP, CISSP or other reputable, technical and defensive/offensive focused certification are preferred


CGI is providing a reasonable estimate of the pay range for this role. The determination of this range includes factors such as skill set level, geographic market, experience and training, and licenses and certifications. Compensation decisions depend on the facts and circumstances of each case. A reasonable estimate of the current range is $60,-,. This role is an existing vacancy


#LI-AB19

Skills:

  • Artificial Intelligence
  • Content Management
  • Cyber Security Strategy
  • English
  • Incident response
  • Linux
  • Security Testing
  • Threat Risk Assessment
Create a job alert for this search

Threat Hunting & Detection Content Analyst • Vancouver, Canada

Similar jobs

Senior Threat Hunter | ML-Driven Detections & Purple Team

FortinetBurnaby, Metro Vancouver Regional District, CA
Full-time

A cybersecurity firm is seeking a Senior Threat Hunting Specialist to leverage AI for threat detection and engage in simulations to validate detections.The role requires 5+ years of experience in t... Show more

 • Promoted

Cybersecurity Analyst 3

Surrey Police ServiceSurrey, Metro Vancouver Regional District, CA
Full-time +1

Direct message the job poster from Surrey Police Service.Employment Specialist | Recruitment | Process Improvement | Business Analysis.Surrey Police Service (SPS) is Surrey’s new municipal police a... Show more

 • Promoted

Remote Information Risk & Security Analyst

DexianVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A leading IT services firm is seeking an Information Control Testing Specialist to manage information risk and ensure compliance with security policies.You will work on global initiatives, conduct ... Show more

 • Promoted

Remote Cyber Security Documentation & Governance Specialist

Brainhunter Systems LtdVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A leading consulting firm is looking for a Cyber Security Support Specialist in Bruce County, Canada.This primarily remote role involves developing technical documentation and supporting governance... Show more

 • Promoted

Cybersecurity Analyst & AI Tutor — Remote Threat Hunter

MindriftVancouver, Metro Vancouver Regional District, CA
Remote
Part-time

A technology consulting firm based in Canada is seeking a Freelance Cybersecurity Analyst - AI Trainer to collaborate on innovative AI projects.The role involves analyzing security alerts, conducti... Show more

 • Promoted

Senior Analyst, Security Compliance

P2PVancouver, Metro Vancouver Regional District, CA
Full-time

Our Krakenites are a world-class team with crypto conviction, united by our desire to discover and unlock the potential of crypto and blockchain technology.Kraken is a mission-focused company roote... Show more

 • Promoted

Senior Security Analyst, Third Party Risk

Insight GlobalVancouver, Metro Vancouver Regional District, CA
Temporary

Senior Security Analyst, Third Party Risk.We’re seeking a seasoned security professional to join a Cybersecurity Governance, Risk & Compliance (GRC) team for a leading retail and wellness client in... Show more

 • Promoted

AI Content Quality Analyst — Remote

DataAnnotationVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A technology company is seeking a Social Media Manager to join their team remotely.The role involves training AI models, measuring their progress, and improving their output quality.Ideal candidate... Show more

 • Promoted

Sr. AI Enabled Content/Growth Strategist

WELL Health Technologies CorpVancouver, Metro Vancouver Regional District, CA
Full-time

AI Enabled Content/Growth Strategist.Vancouver, BC (preferred) or Toronto, ON.WELL Health is modernizing healthcare by making it more proactive, preventative, and patient centered.We support clinic... Show more

 • Promoted

Corporate Actions & Security Master – Senior Analyst

SGGG Fund Services Inc.Vancouver, Metro Vancouver Regional District, CA
Full-time +1

SGGG-FSI) is currently seeking to fill a full-time permanent position for the role of.Corporate Actions/Security Master Senior Analyst.Process Analytics & Enhancements (PA&E) department in BC.This ... Show more

 • Promoted

Remote AI Content Evaluation Specialist

Work VistaVancouver, Metro Vancouver Regional District, CA
Remote
Part-time

A global AI company is looking for a Content Evaluation Specialist to assess AI-generated content.This part-time, remote role requires conducting thorough evaluations and comparisons of AI response... Show more

 • Promoted

Remote Content Strategy Architect for Growth

Foundation MarketingVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A remote content marketing agency is searching for a Content Strategist to lead the development of data-driven content strategies for client accounts in Canada.You will be responsible for diagnosin... Show more

 • Promoted

Behaviour Analyst (BCBA)

RGH-Global LtdVancouver, Metro Vancouver Regional District, CA
Full-time

BCBA Subcontractors – Suffolk (Flexible).We are working with a leading therapy provider in Suffolk who is expanding their team and seeking experienced.This is a fantastic opportunity for passionate... Show more

 • Promoted

Senior SOC Analyst — Threat Detection & IR Lead

lululemonVancouver, Metro Vancouver Regional District, CA
Full-time

A leading performance apparel company in Vancouver is seeking a Senior Cybersecurity Analyst to enhance cybersecurity initiatives.This role involves leading complex analyses, evaluating risks, and ... Show more

 • Promoted

IT Security Risk Analyst

Onico SolutionsVancouver, Metro Vancouver Regional District, CA
Permanent

The IT Security Risk Analyst supports the Information Security Risk Management and Governance programs.They work with technology and business stakeholders to identify Information Security risks, co... Show more

 • Promoted

Remote News Analyst for AI Research (Contract)

MercorVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

A leading tech recruitment firm is looking for News Analysts, Reporters, and Journalists for a contract position.This remote role involves creating deliverables and collaborating with AI research t... Show more

 • Promoted

Workday Security Analyst

neteffectsVancouver, Metro Vancouver Regional District, CA
Full-time

Remote from the UK - to work for an International US-based company.Workday security area – focusing on Workday HR user, domain, business process, and integrations security, privacy, audit, controls... Show more

 • Promoted

Online Data Analyst - Canada

TELUS Digital PhilippinesVancouver, Metro Vancouver Regional District, CA
Full-time

Are you a detail-oriented individual with a passion for research and a good understanding of national and local geography? This freelance opportunity allows you to work at your own pace and from th... Show more

 • Promoted

Remote Senior SOC Analyst for Threat Detection and Incident Management

TreantlyVancouver, Metro Vancouver Regional District, CA
Remote
Full-time

Shape cybersecurity efforts as a Senior SOC Analyst, proficient in threat detection and incident response.Lead remote operations to tackle complex security challenges while mentoring junior analyst... Show more

 • Promoted

Signals Intelligence Specialist - High-Impact Cyber Defense

Canadian Armed Forces | Forces armées canadiennesSurrey, Metro Vancouver Regional District, CA
Full-time

A leading military organization is seeking a Signals Intelligence Specialist in Surrey, British Columbia.This entry-level position involves intercepting and analyzing electronic transmissions, mana... Show more