Description
Position Description:
The Global Security Operations Center (GSOC) Threat Hunting & Detection Content Engineering Manager contribute to strengthen our security posture on multiple facets. Our Threat Hunting lead plays a critical role in strengthening our cybersecurity posture by proactively identifying and neutralizing potential threats, thereby reducing risk, enhancing incident response capabilities, and fostering a culture of continuous improvement in our cybersecurity practices.
Your future duties and responsibilities:
Proactive Threat Identification: is responsible for actively seeking out potential threats and vulnerabilities within our organization IT environment. This proactive approach helps identify and mitigate risks before they escalate into significant security incidents. By doing so, they enhance the overall security posture of the business.
Early Detection and Response: Threat hunting involves analyzing logs, network traffic, and system behavior to detect any signs of malicious activity that may have evaded traditional security measures. Detecting threats early allows for a quicker response, minimizing potential damage or data breaches.
Improving Incident Response Capability: By understanding the tactics, techniques, and procedures (TTPs) of potential threat actors, the Threat Hunting Lead provide valuable insights to enhance incident response strategies. This includes developing playbooks and response procedures tailored to specific threats identified through hunting activities.
Optimized Security Tools and Processes: Implement recommendations & improvements to existing security tools, configurations, and processes. This optimization helps in maximizing the effectiveness of security investments and ensuring a robust defense against emerging threats.
Threat Hunting
Research tactics, techniques and procedures (TTPs) to plan threat hunting execution
Lead the planning and execution of our threat hunting program
Perform research and development augmenting our capabilities.
Perform proactive threat identification & hunting activities
Maintain operational framework & roadmap.
Security Detection Content & Engineering
Lead the planning and execution of our security detection content engineering program
Translate intelligence and incident response report into actionable capabilities
Develop new and novel detection mechanisms, use cases, IOCs, etc.
Perform research and development augmenting our capabilities.
Identify new and emerging trends in threat actors’ TTPs
Maintain operational framework & roadmap.
Service Management
Collaborate with Service Delivery Managers and/or lead service delivery & evolution (requirements, SLA, etc.).
Produce statistical reporting for effectiveness of the detection content
Provide threat awareness and education to members of the team
HR Management
Provide coaching and education to members of the security team in support of their career path.
Manage, set objectives, and measure member performance in achieving those objectives.
Responsible for resource management and staffing allocation (i.e. training, budget, hiring, etc.)
Support and develop team members in their career path.
Other Responsibilities
Provide technical leadership and/or guidance for deployment of new solutions in support of the business strategic plan.
Optimize security operations using devops concepts/technology and automation.
Participate in technology evaluation in collaboration with other stakeholders.
Deliver and operate innovation projects.
Required qualifications to be successful in this role:
The candidate should have expertise and strong experience (5+ years) in at least two (2) of the following areas with at least 2 years in a leadership or managerial role:
Security Operations Center
Cyber security services delivery
Security solutions operations
IT operations & solution delivery
Experience
-Proficient in using threat hunting tools such as Endpoint Detection and Response (EDR) & log analysis platforms (SIEM)
-Experience with scripting and programming languages (e.g., Python, Bash, etc.) for automation and analysis.
-Knowledge of cyber security principles, practices, technologies, and standards.
-Familiarity with malware analysis, reverse engineering, and digital forensics.
-Strong understanding of cybersecurity frameworks (e.g., MITRE ATT&CK).
Education: Bachelor’s degree in computer engineering, Computer Science, Information Technology, Cyber Security, or a related field; advanced degree preferred.
Certifications: Relevant certifications (e.g. SANS, eCTHP, GCTI, CTIA, etc.) preferred.
Skills:
Ability to deliver high quality reporting on technical issues identified and providing remediation guidelines.
Excellent communication skills including effective executive presentations.
French verbal and written fluent is a plus.
Use of the term ‘engineering’ in this job posting refers to the technical sense related to Information Technology (IT) and does not imply that the individual practices engineering or possesses the requisite license as prescribed by the applicable provincial or territorial engineering regulator. We are seeking individuals with expertise in IT engineering-related functions, but licensure from an engineering regulator is not a prerequisite for this position. Engineering is a regulated profession in Canada which is restricted in terms of use of titles and designation. ”
Bilingualism (French and English) is required for this position due to the nature of the role requiring interaction with national and global clients.
What you can expect from us:
Together, as owners, let’s turn meaningful insights into action.
Life at CGI is rooted in ownership, teamwork, respect and belonging. Here, you’ll reach your full potential because…
You are invited to be an owner from day 1 as we work together to bring our Dream to life. That’s why we call ourselves CGI Partners rather than employees. We benefit from our collective success and actively shape our company’s strategy and direction.
Your work creates value. You’ll develop innovative solutions and build relationships with teammates and clients while accessing global capabilities to scale your ideas, embrace new opportunities, and benefit from expansive industry and technology expertise.
You’ll shape your career by joining a company built to grow and last. You’ll be supported by leaders who care about your health and well-being and provide you with opportunities to deepen your skills and broaden your horizons.
At CGI, we recognize the richness that diversity brings. We strive to create a work culture where all belong and collaborate with clients in building more inclusive communities. As an equal-opportunity employer, we want to empower all our members to succeed and grow. If you require an accommodation at any point during the recruitment process, please let us know. We will be happy to assist.
Come join our team—one of the largest IT and business consulting services firms in the world.
