IT Auditor - Risk, Performance, and Technology

Richter Montreal Office

The Role: 

The Richter Risk,performance and technology Team is looking for a Senior Cybersecurity Advisor to join our team. The candidate must be highly organized, proactive, enthusiastic and results-oriented.

They will have a foundational understanding and willingness to learn more about:

• cyber threat intelligence


• security monitoring


• incident response and handling


• security operations processes


• threat management


• standard industry technologies

They will support the delivery and execution of white-glove cyber security services to an exclusive set of clients. Maturity, professionalism, and patience will be essential in dealing with these exclusive clients.

The candidate will also be instrumental in building cutting-edge security operations capabilities that align with Richter's overall vision to provide world-class cybersecurity concierge services.

Responsibilities:

• Support the development, implementation and enhancement of Richter's Cybersecurity concierge solution


• Analyze activity trends in the environment and associated client environments using various analytics tools and methodologies for hunting for threats not otherwise detected by configured security alerts.


• Contribute to developing, implementing, and fine-tuning SIEM use cases/associated rules and other security control configurations to enhance threat detection capabilities.


• Perform in-depth investigation of events of interest (EOI) or indicators of compromise (IOC) identified during threat hunt activities or security alerts received from various security technologies as per defined investigation and incident response procedures.


• Conduct threat scenario analysis to develop new use cases with relevant attack vectors and create attack scenarios to formulate hunting strategies to identify the presence of threats that are going undetected by existing security controls.


• Liaise with appropriate internal stakeholders and external clients during the investigation process to determine whether a security incident has occurred, identify the root cause and provide appropriate recommendations for remediation.


• Collaborate with the senior team to develop hunt tactics based on threat intelligence information, attacker techniques, and procedures.


• Develop and build knowledge of and stay current on developments in the cyber threat landscape to adapt investigation techniques and provide recommendations to the client on responding to and remediating related incidents.


• Create monthly cybersecurity reports for all internal and external clients.


• Maintain an up-to-date document repository/knowledgebase/Wiki site.

Required Qualifications

• A recent Bachelor's Degree / Diploma in a relevant area of study with a preference for Computer Science, Information Security or Computer Engineering


• Foundational knowledge of threat intelligence and threat hunting


• Strong analytical and investigative skills


• Knowledge of technical security controls and mitigations


• 9-5 availability for high severity incidents


• Good working knowledge of one or more of the following topics:




• Common security threats, industry best practices, security technologies


• Good working knowledge of advanced endpoint analytics


• Experience with Cyber Kill Chain


• Operating systems (UNIX, Linux, Windows)


• Must have a solid working knowledge of Networking


• Must have experience in DLP, IPS/IDS, Firewalls, Content Filtering, End-Point Protection


• Knowledge of digital forensics and malware reverse engineering


• Penetration testing and ethical hacking


• Malware analysis (dynamic and static)


• Experience with SIEM technologies such as Splunk, Bro, Elasticsearch, Logstash, and Kibana.


• Experience with Regular Expressions (RegEx)

Preference will be given to candidates with:

• Between 1 to 3-years of working experience with incident responder or threat hunter, ideally working in a CIRT.


• At least 2-years of working experience as a SOC analyst

Desirable Qualifications

• Industry certifications (CISSP, GIAC – GPEN, GCFE, GSE) are an asset


• Proficiency in scripting languages (Python, shell, etc.)


• Knowledge of analytics and machine learning models


• Some experience with security orchestration tools and analytics


• Previous luxury retail or private banking experience

What Richter offers you?

• Competitive group benefits which include group insurance, Health Spending Account, savings plans, and Employer Contribution Matching


• Employee and Family access to virtual healthcare network


• Employee and Family Assistance Programs, including consultations with mental health professionals


• Annual Health & Well-being Program


• Hybrid work Environment


• Competitive Performance Bonus


• Tuition Reimbursement


• Professional Dues Reimbursement


• CFE leave financial support


• Academic Incentives


• Talent referral bonus


• Client referral bonus


• Access to an on-demand concierge nannying, babysitting, and tutoring service


• Annual employee rewards and recognition

The salary range for this position is $74,000 – $102,000, and employees may also be eligible to participate in our bonus program. Compensation complies with applicable pay transparency legislation and is regularly reviewed to stay market competitive. Salaries within the range reflect individual contributions and are based on objective factors such as internal equity, experience, education, role scope, and required skills.

Your application

We are excited to meet motivated professionals who are looking for career growth in a mid-sized family minded firm and have a strong background in building and fostering relationships.

Sounds like you? Apply today!