CoreFactor is searching for a Cybersecurity Threat Analyst on a contract basis in the GTA.
This role is remote, however, the successful candidate must be located in Canada and be willing to work EST business hours.
About this Role:
The successful candidate will work with our internal teams to develop new approaches for detecting and tracking threats, adversaries, techniques, tools, and infrastructure in a rapidly evolving, hybrid threat landscape. Identification of threats and mitigating controls will be a key output.
Responsibilities:
- Develop threat assessments leveraging output from multiple external services and internal tools
- Proactive hunting for real cyber threats internal and external to our network
- Create comprehensive intelligence reports and analysis for Cybersecurity stakeholders and operations teams
- Assist in the development of future internal/external red-team practices, control assessment technologies and services
- Work closely with Cybersecurity Operations and Governance teams to identify and mitigate risk
- Primary point of contact for external threat consultants
- Hunt for exposed sensitive data and report findings to Cybersecurity stakeholders
- Execute table top simulations and penetration tests to expose vulnerable areas of our environment
Requirements
- 5+ years of professional experience in cybersecurity related role
- Excellent communication and analytical skills with an eye for detail and the ability to articulate business needs
- Broad knowledge of Information Security principles and best practices across infrastructure and applications
- Demonstrated knowledge of Incident Response methodology and attacker tradecraft
- Experience tracking or emulating adversaries and investigations that span on-premise and cloud-based compromises, including cloud-based email and infrastructure
- Experience working closely with external threat intelligence analysts to understand their workflow and analytic problems and turning those into large-scale analytics and repeatable methodologies
- Demonstrated capability to analyze, present and prioritize complex threat intelligence information in a meaningful way to advise change
- Experience with detection creation methodologies across multiple platforms
- Ability to utilize data on attacker behavior uptake and global impact to prioritize security detection and remediation tasks
- Understanding of network protocols and analytical experience with network infrastructure data & telemetry
- Functional understanding of common threat analysis models such as the Diamond Model, Cyber Kill Chain, and MITRE ATT&CK and experience using them to track attacks
- Programming or scripting background in Python and/or PowerShell is a plus
- Strong Knowledge of IT infrastructure and components, OSI model, TCP/IP, LAN/WAN networking, internet technologies and other related protocols
- CISSP, CISM, GSEC, GCTI, GCIH or other relevant industry certifications are a plus
- Considerable technical expertise to undertake log analysis
- Proven track record of successfully managing and executing on short-term and long-term projects
