Banner C

Threat Researcher

Toronto, ON, Canada ● Waterloo, ON, Canada Req #473
Thursday, September 22, 2022

eSentire is looking for highly capable individuals to be part of our Tactical Threat Response team.  eSentire is a recognized industry leader and one of Canada’s Fastest-Growing Tech company. We work in a collaborative and innovative work environment with brilliant and passionate people who strive and encourage others to do their best. Join us to gain rewarding and developing career experience with the ability to grow and make an impact on your work.

The Opportunity

 

The successful candidate will report to the Manager of Tactical Threat Response and be responsible for the creation, research, implementation of end-to-end threat detection across MDR services that utilize network, endpoint, cloud, and log data.  The Tactical Threat Response (TTR) team creates innovative security content, detectors to alert on threats, and runbooks to streamline investigations. TTR is made up of dedicated security experts that manage the entire content creation lifecycle, which is informed by observations from our Security Operations Center (SOC), Threat Intelligence Team (TI), Advanced Threat Analytics Team (ATA), as well as industry frameworks like the MITRE ATT&CK. The TTR team manages the security content development roadmap to ensure our services protect against the modern adversary.

Responsibilities

  • Identifying, organizing, and processing new novel detection techniques
  • Triaging new detectors
  • Detector development
  • Deployment and Support
  • Ongoing tuning and maintenance

Desired Skills

  • Threat Modeling
  • Security Data Analysis and Analytics
  • Investigation Theory
  • Threat Hunting
  • Independent self-starter
  • Process-oriented
  • One or more certs in CCSK, CISSP, OSCP, GIAC or equivalent

Requirements

  • Experience in cloud security
  • Experience analyzing large security data sets
  • Experience with one or more data types (Log, PCAP, EDR, Cloud)
  • Experience with a broad range of best-in-class security tools that may include:
    • Carbon Black
    • CrowdStrike
    • SumoLogic
    • Microsoft Defender
    • Microsoft Sentinel
  • Experience implementing repeatable processes
  • Experience in fast-paced environments
  • Knowledge of Mitre ATT&CK
  • Knowledge of attacker tactics, techniques, and procedures
  • Knowledge of operating systems and networking
  • Knowledge of Incident Response/Forensics
  • Knowledge of data analysis and analytics

Why a Career with eSentire?

Our Culture: At eSentire we work in a collaborative and innovative work environment. We work with brilliant and passionate people who strive and encourage others to do their best. eSentire’s idea-rich environment welcomes creative and sometimes unconventional perspectives!

Growth Opportunities: At eSentire you will have the opportunity to grow and make an impact from your work. We encourage innovation in all who become a part of our team. With growing operations internationally, there is lots of lateral and upward advancement opportunities for rewarding and developing careers with eSentire. We’re strong believers in continuing education and provide the resources that you need to continue learning.

Employee Perks: Every day we provide breakfast, snacks and refreshments (at our Waterloo office), flexible working hours and vacation, subsidies for continuing education and health & wellness, and attractive compensation and benefits plans. We make it our obligation to the team to stay current with compensation trends in the tech field!

We thank all applicants in advance for applying. Only individuals selected for interviews will be contacted.

eSentire is committed to creating a fair work environment that is aligned with the Accessibility for Ontarians with Disabilities Act (AODA). We guarantee equal treatment and provide opportunities regardless of race, creed, color, religion, national origin, ancestry, marital status, affectional or sexual orientation, gender identity or expression, disability, nationality, sex, status as a protected veteran or any other legally protected grounds and will not discriminate on these basis. If you have any accessibility requirements during the recruitment process, please reach out to our HR team at aoda@esentire.com and any accommodation needs will be addressed upon request.

Other details

  • Job Family Security Internal (Advanced)
  • Pay Type Salary
Location on Google Maps
  • Toronto, ON, Canada
  • Waterloo, ON, Canada