Threat Content Specialist, Cyber Intelligence Centre (Vaughan, ON, CA, L4K 0C3)

Job Type:  Permanent 
Primary Location:  Toronto, Ontario, Canada 
All Available Locations:  Vaughan 

Learn from deep subject matter experts through mentoring and on the job coaching.
Be encouraged to deepen your technical skills…whatever those may be.
Partner with clients to solve their most complex problems.


Deloitte seeks an experienced Threat Content Specialist to join our team in execution of strategic activities for our Cyber Security clients. Read more below.

What will your typical day look like?  

As a Threat Content Specialist, you will design and implement new SIEM use cases, maintain and update when new threats and technologies come up, be aligned with trends and new attack methodologies. Also, you will support our peers over use case review, to minimize false positives and non-incidents.

About the team  

Deloitte's Risk Advisory practice advises organizations on how to effectively mitigate risk and make informed and intelligent risk decisions around business processes, technology and operations. Our Threat Content team is a group of passionate and dedicated information security professionals, highly experienced over security operations and Threat hunting, that dedicate their time to develop new threat detection methodologies and improve current detection methodologies.

Enough about us, let’s talk about you  

You are someone who has:

Minimum of two (2) years of experience working within information security;
Minimum of one (1) year of SIEM Content Development experience;
Experience with SIEM technologies (e.g. ArcSight, LogRhythm, QRadar, Sentinel or Splunk);
Strong knowledge of Security devices (IDS/IPS, Firewalls, Load Balancers, Routing & Switching etc.),
Strong knowledge of security operations (investigation steps, log search/evidence extraction, incident response)
Strong knowledge of and threats (zero-days, exploits and/or general cybersecurity attacks);
Knowledge on security assessment, Continuous monitoring, MITRE framework/TTPs and regulatory (e.g.: PCI, HIPAA, ISO27000 series)
A professional certification is a plus (e.g.: CISA, CISSP, CISM, EnCE, ISACA, GIAC Certifications).

Why Deloitte?

Launch your career with The One Firm where you can make an impact that matters in a way that you never thought possible. With endless opportunities at every turn, and a culture built to support and develop our people to be the very best they can be, Deloitte is The One Firm for you to learn, grow, create, connect, and lead. We do this by making three commitments to you:

You will lead at every level: We grow the world’s best leaders so you can achieve the impact you seek, faster.

You can work your way: We give you the means to be flexible in how you need and want to work, and we have innovative spaces, arrangements and the mindset to help you be wildly successful.

You will feel included and inspired: We create a deep sense of belonging where you can bring your whole self to work.

The next step is yours

Sound like The One Firm. For You?

At Deloitte we are all about doing business inclusively – that starts with having diverse colleagues of all abilities!  We encourage you to connect with us at if you require an accommodation in the recruitment process, or need this job posting in an alternative format. We’d love to hear from you!

By applying to this job you will be assessed against the Deloitte Global Talent Standards. We’ve designed these standards to provide our clients with a consistent and exceptional Deloitte experience globally.

Jobs Canada, Job Posting and Job Search

Jobs In Canada helps Canadian job seekers find all the latest jobs in all major cities in Canada. Job search made simple with

Jobs Canada is a Canadian job site specifically designed for job seekers, employers and recruiters. Recruit and hire locally. IT is fast, efficient and easy to use.