Apply now »

Threat Hunter

Location:  Vancouver
Other locations:  Primary Location Only
Salary: Competitive
Date:  May 22, 2022

Job description

Requisition ID:  696542

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.


Threat Hunter

EY's people in more than 150 countries are committed to operating with integrity, quality and professionalism in the provision of audit, tax, transaction and advisory services. We strive to help all of our people achieve their professional and personal goals through an inclusive environment that values everyone's contributions, appreciates diversity of thought, fosters growth, and provides continuous opportunities for development. Recognized as one of Canada's top employers, EY continually strives to be a great place to work.

The opportunity

Ernst & Young is seeking a Threat Hunter to support our next generation Managed Detection & Response capability. The ideal candidate will be a self-starter with demonstrated experience working in security operations and an interest in threat detection and response. The main focus will be to detect, disrupt and eradicate threat actors from enterprise networks and environments.

This position falls within our Cyber Threat Management practice, which provides industry-leading managed security services along with offensive security capabilities. 

Your key responsibilities:

The candidate will be responsible for:

  • Performing threat hunting activities to discover advanced attacks – including identifying threat actor groups and TTPs using static and dynamic analysis.
  • Handling security incident escalations from Level II analysts. 
  • Analyzing, triaging, and investigating security events across multiple platforms and using the network, endpoint, and cloud telemetry.
  • Managing complex security incident investigations end-to-end – including validation, escalation, and containment. 
  • Developing new use cases and playbooks based on EY threat intelligence and research.
  • Conducting quality reviews of investigations to identify areas for improvement. 
  • Supporting in the development of EY’s detection rules and mechanisms.
  • Developing key service reports and deliverables – including threat advisories, flash briefs, RFIs, and monthly reports.
  • Overseeing the maintenance of system tickets and alerts.
  • Supporting in the development of other team members through knowledge sharing and collaboration. 
  • Maintaining current knowledge of InfoSec threats, vulnerabilities and TTPs.

Key Candidate Requirements:

  • Strong attention to detail and sound organizational skills; ability to manage multiple priorities in a fast-paced environment.
  • Demonstrated ability to communicate effectively.
  • Proven sound judgment and flexibility in balancing multiple operational requirements and tight deadlines. 
  • Proactive self-starter with a committed team-oriented attitude.
  • Demonstrated interest in self-directed cybersecurity education. 
  • Strong work ethic


To qualify for the role, you must have:

  • 5+ years of professional information technology experience.
  • 2+ years of recent operations security experience (SOC, Incident Response, Malware Analysis, IDS/IPD, Analysis).
  • Proven technical knowledge and experience working with SIEM or EDR solutions – including Splunk, Kibana, Sumo Logic, Sentinel One, Carbon Black, Crowdstrike or similar. 
  • Proven technical knowledge of common threat analysis models such as the Diamond Model, Cyber Kill Chain and the MITRE ATT&CK and experience using them to track, investigate or simulate attacks.
  • Professional certifications such as OSCP, GIAC / SANS 500+ (GCIH, GPEN, GXPN, GCFE, GCFA etc.) or other defensive and offensive technical certifications is considered an asset. 
  • Ability and willingness to obtain a Security Clearance.

What EY Offers

At EY, our Total Rewards package supports our commitment to creating a leading people culture - built on high-performance teaming - where everyone can achieve their potential and contribute to building a better working world for our people, our clients and our communities. It's one of the many reasons we repeatedly win awards for being a great place to work.

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package allows you decide which benefits are right for you and which ones help you create a solid foundation for your future.  Our Total Rewards package includes a comprehensive medical, prescription drug and dental coverage, a defined contribution pension plan, a great vacation policy plus firm paid days that allow you to enjoy longer long weekends throughout the year, statutory holidays, and paid personal days (based on province of residence), and a range of exciting programs and benefits designed to support your physical, financial and social well-being. Plus, we offer:

  • Support and coaching from some of the most engaging colleagues in the industry
  • Learning opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you



Diversity and Inclusion at EY

Diversity and inclusiveness are at the heart of who we are and how we work. We’re committed to fostering an environment where differences are valued, policies and practices are equitable, and our people feel a sense of belonging. From our actions to combat systemic racism and our advocacy for the LGBT+ community to our innovative Neurodiversity Centre of Excellence and Accessibility initiatives, we welcome and embrace the diverse experiences, abilities, backgrounds, and perspectives that make our people unique and help guide us. Because when people feel free to be their authentic selves at work, they bring their best and are empowered to build a better working world.

EY Way of Work and your health and safety

EY Way of Work recognizes flexibility in the way we collaborate, innovate and deliver with the ability to work in-person and remotely.  To support a healthy and safe in-person working environment, EY has implemented various layers of health and safety controls while working in the office or at clients or other locations.  A critical component of EY’s workplace safety program includes our COVID-19 vaccination policy which requires all personnel to be fully vaccinated against COVID-19 unless an accommodation based on a reason protected by human rights legislation is provided.  

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. 


If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark. Apply today.

EY is committed to inclusiveness, equity, and accessibility.  We encourage all qualified candidates to apply.


EY | Building a better working world 


EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.


Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  


Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.  

Apply now »