Internet Storm Center

Job Description

At Raymond James, we develop, we collaborate, we decide, we deliver, and we improve together.

Raymond James Ltd. is Canada’s leading independent investment dealers offering high quality investment products and services to Canadians seeking customized solutions to their wealth management needs.

Lead Cyber Threat Hunt Detection Response Engineer

How does the role impact the organization?

The financial services industry is constantly under attack by sophisticated cyber adversaries that range from nation states to criminals. In response, Raymond James trusts the Cyber Threat Center (CTC) with ensuring all equities are secure against all tiers of cyber adversaries. We are the central hub for Computer Network Operations and are on the front lines of security incident response, threat hunting, and intelligence. You will be working with emerging technologies to solve challenging security problems in a fast-paced and continuously evolving environment, while helping steer the direction and evolution of the team. This highly visible team within the organization evaluates threats to the environment and dynamically adjusts to the ever-changing threat landscape by applying practical security knowledge to developing new detective measures to protect the firm.

What will your role be responsible for?

Role is highly focused on finding the unknown using a keen sense of awareness, deep understanding of system operations, networks, and adversaries’ techniques. You are highly motivated to search for the “needle in the haystack.”
Design, develop and maintain threat detection content for Raymond James enterprise.
Applies business knowledge and acute critical thinking to understand the usage of applications and systems when investigating anomalies.
Serves as a primary member of the CTC who can be a technical escalation point of contact for incident handlers in a fast-paced environment.
Writes clear and in-depth technical documentation on threat hunting activities during threat hunting operations.
Mentors CTC analysts while contributing to the fulfillment of both the CTC’s mission and leadership’s vision
Maintains situational awareness for cyber threats across the global firm and act where necessary
Daily responsibilities include, but are not limited to:
Signature creation and content development across various technologies and languages.
In depth malware and exploit analysis.
Organize threat actor techniques, tactics, and procedures against Cyber Threat Center detection capabilities
Intrusion monitoring and response
Data analysis and threat research
Maintains knowledge of security principles and best practices. Must remain current with emerging threats and trends
Leads or participates in information security related projects or in managing strategy
Develop new forensic detective and investigative capabilities using current technical solutions
Work with various business units and technical disciplines in a security consultant role for cyber threats
Shares an on-call rotation and acts as an escalation point for Major cyber security incidents.
What can you expect from us?

Our most important investment is in people. Upon eligibility, Raymond James Ltd offers flexible workstyles, a competitive compensation and benefits package. Our benefits range from Health Benefits, RRSP Matching Program, Employee Stock Purchase Plan, Paid Time Off, Volunteer Days, Discretionary Bonuses, Tuition Reimbursement and many more! We also support internal promotion and community involvement.

What do we expect from you?

To qualify for this opportunity you possess:

S. in Computer Science, Computer Engineering, MIS, or related degree and a minimum of three (3) years of related experience in Information Security or an equivalent combination of education, training and experience. Experience should include a minimum of two (2) years in conducting Cyber Network Defense and a minimum of three (3) years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics.
Preferred experience includes a minimum of four (4) years in conducting Cyber Network Defense, a minimum of three (3) years of experience with incident response methodologies, malware analysis, penetration testing, scripting and/or forensics and four (4) years of experience with in-depth forensic and intrusion analysis
Proficient with adversary techniques, tactics and procedures and can effectively map a TTP to the MITRE attack framework.
Systems administrator experience in Linux, Unix, Windows or OSX operating systems
Knowledge of networking and the common network protocols
Demonstrated ability to create complex scripts, develop tools, or automate processes in Splunk SPL, PowerShell, or Python
One or more of the following certifications or the ability to obtain within 1 year:
OSCP – Offensive Security Certified Professional
OSCE – Offensive Security Certified Expert
GXPN – Exploit Researcher and Advanced Penetration Testing
GREM – GIAC Reverse Engineering Malware
GCFA – GIAC Certified Forensic Analyst
CISSP - Certified Information Systems Security Professional
Knowledge of the following highly preferred:
Knowledge of vulnerabilities and a comfort in manipulating exploit code for analysis
Operating systems, such as Windows, Linux, or OSX
Forensic and analytical techniques
Networking and the common network protocols
Demonstrated ability to create complex scripts, develop tools, or automate processes
Demonstrated ability to perform static and dynamic malware analysis
Demonstrated ability to analyze large data sets and identify anomalies
Demonstrated ability to quickly create and deploy countermeasures under pressure
Familiarity with common infrastructure systems that can be used as enforcement points
Competencies:

Analysis: Identify and understand issues, problems and opportunities; compare data from different sources to draw conclusions.
Communication: Clearly convey information and ideas through a variety of media to individuals or groups in a manner that engages the audience and helps them understand and retain the message.
Exercising Judgment and Decision Making: Use effective approaches for choosing a course of action or developing appropriate solutions; recommend or take action that are consistent with available facts, constraints, and probable consequences.
Technical and Professional Knowledge: Demonstrate a satisfactory level of technical and professional skill, or knowledge, in position-related areas; remain current with developments and trends in areas of expertise.
Building Effective Relationships: Develop and use collaborative relationships to facilitate the accomplishment of work goals.
Client Focus: Make internal and external clients, and their needs, a primary focus of actions; develop and sustain productive client relationships.
We encourage our associates at all levels to:

Grow professionally and inspire others to do the same
Work with and through others to achieve desired outcomes
Make prompt, pragmatic choices and act with the client in mind
Take ownership and hold themselves and others accountable for delivering results that matter
Contribute to the continuous evolution of the firm
At Raymond James – we honor, value, respect the uniqueness, experiences, and backgrounds of all of our Associates. When associates bring their best authentic self, our organization, clients and communities thrive, it is part of our people-first culture. The Company is an equal opportunity employer and makes all employment decisions on the basis of merit and business needs.

Here at Raymond James we demonstrate our commitment to ensuring equal opportunities for all candidates. To request accommodations, candidates are instructed to contact Human Resources via email at recruitment@raymondjames.ca. By reaching out to this email address, candidates can communicate their specific requirements and discuss the necessary accommodations they may need to participate fully in the recruitment process.

Salary Range: BC (based on Education, Work Experience, etc) $185,000-240,000 in addition to competitive performance bonuses/incentives.