Cyber Threat Hunting Specialist

Toronto, ON, CA, M1K5L1


View company page




Requisition ID: 192974

Join a purpose driven winning team, committed to results, in an inclusive and high-performing culture.


The Role

Reporting to the Director of Cyber Threat Evaluation Centre (CyTEC), the Cyber Threat Hunting Specialist role within the Cyber Threat Modelling team is responsible for identifying and assessing cyber-security and insider (people) threats posing potential risk and harm throughout Scotiabank globally. 

As a  Cyber Threat Hunting Specialist, you will be part of a pro-active investigation team that iteratively analyzes information across various data sources, facilitates establishing the likelihood of business impact, and helps to identify control enhancements to mitigate/isolate risk to business operations.  You will effectively collaborate with key stakeholders globally to develop, implement, and integrate the team’s continuous improvement capabilities to minimize the cost of performing pro-active investigations.



Some of the Key Accountabilities include : 


  • Lead threat hunting operations using analytics-driven, awareness-driven, and intelligence-driven analysis methodologies to detect and mitigate threats across the enterprise.
  • Ensure that proper chain of custody is maintained and that all evidence recovery and collection methods are conducted, managed, and archived in a manner consistent to maintain preservation and protection of data and evidence in its original form.
  • Recommend security solutions and controls to improve deficiencies identified during an investigation.
  • Participate as a key stakeholder in the Bank’s Computer Incident Response Team (CIRT) and incident management engagements
  • Manage and perform comprehensive technical analyses and interpret computer-related evidence such as e-mail, accounting software, various databases, and information stored on electronic devices using specially designed software and hardware.
  • Continue to improve processes including feedback to areas under review regarding control issues.
  • Develop and implement processes and technologies to reduce costs and minimize business impacts during threat hunting engagements.
  • Support, develop and maintain mechanisms for occurrence reporting and management threat hunting engagements.
  • Provide advisory services to enhance Information and Cyber Security engagements.
  • Adhere to industry standard principles, methodologies, and techniques when gathering, processing, handling and storing digital evidence.
  • Ensure that proper chain of custody is maintained and that all evidence management techniques and methods are executed in a forensically sound manner consistent with proven industry standards.



What you will bring to succeed : 


  • Must have a strong approach to critical thinking, analytics, problem solving, creativity & detail orientation.
  • Must be able to work extremely well under pressure while maintaining a high level of professionalism is critical.
  • Current and working knowledge in Windows/Unix operating systems, mobile devices, PC hardware and PC networking.
  • Working knowledge of major programming languages (python, objective C, C#, SQL, AQL, others).
  • Knowledge and experience with data mining and analytics using relational databases (i.e. Microsoft SQL)
  • Proficiency in technical writing & communication for a business audience in English.
  • Demonstrates a current and working knowledge of threat hunting principles, methodologies, and techniques
  • Experience conducting threat hunting on various operating systems using industry standards digital forensic tools (ex. EnCase, Cellebrite, others) and various security technologies (ex. endpoint protection, data loss prevention, security information and event management, and others).
  • Ability to clearly articulate and visually present complex threat hunt investigation and analysis results and draft concise reports for the intended audience, communicating and explaining effectively findings in layman’s terms
  • Ability to work both independently and within a team to conduct threat hunt investigations; and the ability to gain the trust of business stakeholders to achieve a desired objective


#LI-Hybrid #Cyberatscotia



Location(s):  Canada : Ontario : Toronto 

Scotiabank is a leading bank in the Americas. Guided by our purpose: "for every future", we help our customers, their families and their communities achieve success through a broad range of advice, products and services, including personal and commercial banking, wealth management and private banking, corporate and investment banking, and capital markets.  

At Scotiabank, we value the unique skills and experiences each individual brings to the Bank, and are committed to creating and maintaining an inclusive and accessible environment for everyone. If you require accommodation (including, but not limited to, an accessible interview site, alternate format documents, ASL Interpreter, or Assistive Technology) during the recruitment and selection process, please let our Recruitment team know. If you require technical assistance, please click here. Candidates must apply directly online to be considered for this role. We thank all applicants for their interest in a career at Scotiabank; however, only those candidates who are selected for an interview will be contacted.

Apply now Apply later
  • Share this job via
  • or

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Tags: Analytics Banking C EnCase Incident response Python RDBMS SQL UNIX Windows

Region: North America
Country: Canada
Job stats:  21  4  0
Category: Threat Intel Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.