Enable job alerts via email!
Security Engineer
emergiTEL Inc.
Calgary
Hybrid
CAD 80,000 - 100,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A technology consulting firm seeks a Threat Intelligence Security Engineer for a contract position in Calgary. The role requires hands-on involvement with threat intelligence platforms, leading threat hunts, and translating technical data into actionable intelligence. Candidates should have strong Python skills and a solid understanding of cyber threats, particularly in the financial sector. A mandatory one-day-per-week on-site presence is required. This role is vital for maximizing ROI from threat intelligence tools.
Qualifications
- Experience with threat intelligence platforms like Anomali ThreatStream and Mandiant.
- Proficient in Python for automation and scripting tasks.
- Understanding of the MITRE ATT&CK Framework.
Responsibilities
- Contribute to Threat Intelligence Platforms and develop custom scripts.
- Lead Threat Hunts and create intelligence reports.
- Profile cyber threat actors relevant to the financial sector.
Skills
Hands‑on, contract position responsible for operationalizing, measuring, and maximizing ROI from external threat intelligence assets and monitoring tools.
Role requires a mandatory one‑day‑per‑week on‑site presence in either the Calgary or Edmonton office.
- Serve as a core contributor and technical resource for Threat Intelligence Platforms (Anomali ThreatStream and Mandiant/Google Threat Intelligence).
- Develop custom queries, API integrations, and scripting (primarily Python) to automate ingestion, enrichment, and correlation of IOCs and actor TTPs from all feeds.
- Lead planning, execution, and formal reporting of intelligence‑driven Threat Hunts, developing hypotheses based on current threat actor TTPs (mapped via MITRE ATT&CK), coordinating execution across multiple defensive teams (SOC, IR), validating new detection opportunities, and ensuring all activity delivers measurable value to defense operations.
- Translate complex technical analysis (tactical data) into clear, context‑rich operational and strategic intelligence reports, ensuring timely and targeted dissemination to IR, SOC, and executive stakeholders.
- Proactively track and profile cyber threat actors relevant to the financial sector, mapping their capabilities and infrastructure to the MITRE ATT&CK Framework.
- Collaborate with Security Operations and Vulnerability Management teams to implement new detection rules, fine‑tune existing security controls based on validated threat intelligence, and write clear, concise documentation (SOPs, Job Aids) to codify new processes.
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
