Senior IT Consultant, Audit and Compliance

Richter is a Business | Family Office that provides strategic advice on business matters and on families’ financial and personal objectives across generations. With close to 100 years of experience advising at the intersection of family and business, Richter has developed an integrated approach to help business owners find sustainable success. Whether business, personal, or both, Richter is uniquely positioned to address the needs of Canada’s most successful entrepreneurs, private clients, business owners and business families and help them chart a clear path to shape their legacy for the future. Founded in 1926, Richter’s 600-person multidisciplinary team continuously innovates to create value for our people, clients, and community in Canada and in the US.

• A Bachelor’s Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering
• Foundational knowledge of threat intelligence and threat hunting
• Strong analytical and investigative skills
• Knowledge of technical security controls and mitigations
• Demonstrating experience with balancing security features and user adoption
• Occasional after hours availability for high-severity incidents
• Good working knowledge of one or more of the following topics :
• Common security threats, industry best practices, security technologies
• Good working knowledge of advanced endpoint analytics
• Experience with Cyber Kill Chain
• Operating systems (UNIX, Linux, Windows)
• Must have a solid working knowledge of Networking
• Must have experience in DLP, IPS / IDS, Firewalls, Content Filtering, End-Point Protection
• Knowledge of digital forensics and malware reverse engineering
• Penetration testing and ethical hacking
• Malware analysis (dynamic and static)
• Experience with SIEM technologies such as Splunk, Bro, Elasticsearch, Logstash, and Kibana
• Experience with Regular Expressions (RegEx)
• Support the continued improvement, implementation and enhancement of Richter's Cybersecurity concierge solution
• Analyze activity trends in the environment and associated client environments using various analytics tools and methodologies for hunting for threats not otherwise detected by configured security alerts
• Assist with onboarding clients in a professional and thoughtful way
• Contribute to developing, implementing, automating and fine-tuning client reporting
• Perform in-depth investigation of events of interest (EOI) or indicators of compromise (IOC) identified during threat hunt activities or security alerts received from various security technologies as per defined investigation and incident response procedures
• Conduct threat scenario analysis to develop new use cases with relevant attack vectors and create attack scenarios to formulate hunting strategies to identify the presence of threats that are going undetected by existing security controls
• Liaise with appropriate internal stakeholders and external clients during the investigation process to determine whether a security incident has occurred, identify the root cause and provide appropriate remediation recommendations
• Collaborate with the senior team to develop hunt tactics based on threat intelligence information, attacker techniques, and procedures
• Develop and build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations to the client on responding to and remediating related incidents
• Create quarterly cybersecurity reports for all internal and external clients
• Maintain an up-to-date document repository / knowledgebase / Wiki site, covering cyber threat intelligence, security monitoring, incident response and handling, security operations processes, threat management, cybersecurity training, and standard industry technologies

• A Bachelor’s Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering
• Foundational knowledge of threat intelligence and threat hunting
• Strong analytical and investigative skills
• Knowledge of technical security controls and mitigations
• Demonstrating experience with balancing security features and user adoption
• Occasional after hours availability for high-severity incidents
• Good working knowledge of one or more of the following topics :
• Common security threats, industry best practices, security technologies
• Good working knowledge of advanced endpoint analytics
• Experience with Cyber Kill Chain
• Operating systems (UNIX, Linux, Windows)
• Must have a solid working knowledge of Networking
• Must have experience in DLP, IPS / IDS, Firewalls, Content Filtering, End-Point Protection
• Knowledge of digital forensics and malware reverse engineering
• Penetration testing and ethical hacking
• Malware analysis (dynamic and static)
• Experience with SIEM technologies such as Splunk, Bro, Elasticsearch, Logstash, and Kibana
• Experience with Regular Expressions (RegEx)

• Industry certifications (CISSP, GIAC - GPEN, GCFE, GSE) are an asset
• Knowledge of analytics and machine learning models
• Experience with security orchestration tools and analytics

• Mid-Senior level

• Full-time

• Accounting / Auditing

• Accounting