Threat Hunting & Investigations Lead - Jobs in Nova Scotia

Job Description

LocationNova ScotiaDepartmentInformation SecurityRole TypePermanentSalary$85,000-$95,000Closing Date02/03/2023Technology is at the heart of driving Admiral’s business.About Admiral TechWith a history of innovation, the Admiral Group are bringing our world-class Tech department to Canada for the first time ever.From Cloud through to DevOps, our Technology department consists of over 600 people and is an exciting and fast-paced environment to work in. If you’re looking for a technically challenging and rewarding role, with outstanding support and opportunities for progression, you’ve come to the right place.More on Admiral TechAbout Admiral CanadaWe’re more than you think.One of the UK’s most recognizable insurance and financial service providers, Admiral offers insurance, loans, and various other products to over 9.1 million international customers.In 2007, Admiral launched its Canadian office in Halifax with a small group of 20 staff. Today, we employ 500 people throughout Nova Scotia who support our UK customers with home and motor insurance policies.We’ve been recognized as one of Canada’s Great Places to Work every year since 2010 and have also been named one of Nova Scotia’s and Atlantic Canada’s Top Employers annually since 2015. In 2022, the Great Place to Work® Institute ranked Admiral as the 4th Best Workplace in Canada.The next chapter in the Admiral Canada’s success story is bringing Admiral Tech to Canada. This role is an exceptional opportunity to be the architect of Admiral Tech in Canada and influence its foundation.About the JobThe Admiral Group’s Security Operations function is looking for an experienced security professional to lead and drive the threat hunting & investigation activities.Overall aim of this role is to build, mature and lead the threat hunting and investigative capabilities. The role will also be responsible for building and leading thorough analysis and investigative skills and capabilities within the team to drive threat hunting. The role will also have day to day management responsibilities of a small team. The role will be supported by the members of the Threat Hunting team.Accountabilities:

• Establishing an effective threat hunting function.
• Ensuring that repeatable processes are established, well documented, and maintained.
• Building continuous collaboration with the Cyber Threat Intelligence (CTI) team; creating Intelligence requirements for threat hunting; setting up dissemination and feedback process between Threat Hunting and CTI on an ongoing basis.
• Initiating mitigation and remediation actions, by co-ordinating with relevant stakeholders such as the Incident Response team, Cloud Security teams etc.
• Ensuring that detailed investigations of relevant ongoing external threat campaigns are conducted to build effective hunting strategy.
• Ensuring that all detected security events are investigated thoroughly, root cause analyses performed, and any mitigation/remediation actions initiated.
• Ensuring that detailed threat hunting reports are produced on a regular basis.
• Managing the threat hunting team including tasking, delivery, training requirements and personal development.

Responsibilities:

• Engage with the Admiral threat Intelligence team to build robust process to gather relevant Intelligence to drive threat hunting.
• Engage with the Incident Response team on internal security incidents as and when needed.
• Engage with the SOC team on detected incident investigation and analyses.
• Provide investigation support during declared incidents.
• Help improving overall capability & maturity of the threat hunting function.

Key Interactions:

• Engage with the Cyber Threat Intelligence (CTI) team.
• Engage with the overall SOC team.
• Engage with the Incident Response team when needed.
• Engage with various stakeholders within Security Operations as and when needed.
• Engage with the function and department heads.

Knowledge and Experience Required:

• Previous hands-on experience in cyber threat investigation, threat hunting or threat intelligence.
• Minimum 5 years’ experience in cyber security and/or Intelligence analysis.
• Good functional understanding of general cyber security concepts.
• Good knowledge on cyber exploitation tactics, techniques, and procedures (TTP).
• Good knowledge of cyber-crime and threat landscape.
• Some team management experience is desirable but not mandatory.

Salary, Benefits, and Work-Life BalanceWe do not have a set salary for this position, as it will be dependent on the successful candidate’s experience. We are happy to see CVs from all candidates who meet the requirements and will be happy to discuss the remuneration package.At Admiral, we are proud to be a diverse business where we put our people and customers first. We have great benefits to ensure employees have a great work-life balance; its one of the reasons we’re consistently ranked nationally as one of Canada’s (and the world’s) best workplaces. To that end, you will have an element of scheduling autonomy to strike an appropriate balance between personal flexibility and business needs.All colleagues will receive 34 days of paid time off (including Statutory holidays) annually when you join us, and this will increase with length of service, up to a maximum of 39 days (including statutory holidays).Our Commitment to YouAs an equal opportunity employer, Admiral is committed to fostering a diverse and inclusive workplace free from discrimination based on race, national origin, gender, gender identity, sexual orientation, ability, age, family status or any other legally protected status. All qualified applicants will receive equal consideration for employment on that basis.All qualified applicants will receive equal consideration for employment.Quick Apply

• Terms & Conditions
• New Privacy
• Privacy Center
• Accessibility

For Job Seekers

• Browse Jobs
• Advanced Job Search
• Emplois Quebec

For Employers

• Post a Job
• SimplyHired OnDemand

Stay Connected