NICE-TO-HAVE SKILLS:

• Recent experience leading a team of Cyber Security Analysts/Developers
• Prior experience conducting blue/purple team exercises or penetration testing
• Experience in Incident Response or leading incident response
• Cloud knowledge and expertise of leading cloud providers (AWS, GCP, Azure)
• Programming and scripting languages skills such as C++/C#/JavaScript/Python/Bash/PowerShell
• Hands-on experience working with LLM and RAG technologies
• Relevant cyber security industry certifications such as CISSP, OSCP, CEH, etc.

EDUCATION AND EXPERIENCE:

A university degree/diploma in computer science, Information Technology, Cyber security, or other relevant field along with 7+ years of experience within information security, or an equivalent combination of education and experience may be considered

WHAT YOU NEED TO KNOW

• Priority will be given to Canadian citizens and permanent residents
• Security level required: Be eligible to obtain Secret
• Relocation assistance may be provided, if required
• Please save a copy of the job poster. Once the closing date has passed, it will no longer be available.

TAKE A CENTRAL ROLE

The Bank of Canada has a vision to be a leading central bank—dynamic, engaged and trusted—committed to a better Canada. No other employer in the country offers you the unique opportunity to work at the very center of Canada’s economy, in an organization with significant impact on the economic and financial well-being of all Canadians. You will be challenged, energized and motivated to excel in our environment.
Building on the principles that have always guided us – excellence, integrity and respect – we strive to be forward-looking and innovative, to welcome people with diverse perspectives and talents, and to earn trust by living up to our commitments and by clearly explaining the intent of our policies and actions.
With our defined-benefit pension plan, benefits, and high flexibility for work life balance - find out more about why we are annually ranked as one of Canada’s top employers: Working Here - Bank of Canada
Find out more about the next steps in our Recruitment process.

KEY RESPONSIBILITIES:

• Develop and maintain the Bank’s threat hunting program, including frameworks, methodologies, and reporting.
• Align hunting activities with the Bank’s threat profile, cyber crown jewels, and risk scenarios to ensure relevance and impact.
• Define and track program KPIs (e.g., dwell time reduction, hypothesis validation, detection coverage) to measure effectiveness and drive continuous improvement.
• Actively conduct threat hunts to search for threats by analyzing network traffic, logs, and other data sources to identify potential security risks and investigate suspicious activities within the systems and networks
• Develop and test hypotheses regarding potential threats based on emerging trends, threat models you develop, or known tactics, techniques and procedures
• Provide coaching, mentoring, technological expertise, and influence threat detection priorities based on threat intelligence and research
• Engage in ongoing learning about new threats, tools, and techniques to enhance threat hunting capabilities
• Collaborating with Incident response teams to investigate and remediate threats
• Assist in the testing and validation of detection techniques and methods, providing feedback on their effectiveness and suggesting improvements to enhance accuracy and reduce false positives.
• Produce actionable, clear and concise, threat-based reports on hunting or security testing results and remediation options
• Provide advisory and consultation services to senior management and perform as a cyber security SME for emerging threats and investigations
• Innovate and create novel solutions including User Behavior Analytics (UBA) models by leveraging Data Science and Machine Learning (ML)
• Establish and maintain collaborative relationships with external partners and vendors to exchange best practices, support operational objectives, and enhance organizational capabilities through shared insights and continuous improvement