Job Title

The Threat Intelligence Security Engineer Handson, contract position responsible for operationalizing, measuring, and maximizing ROI from external threat intelligence assets and monitoring tools. Role requires a mandatory onedayperweek onsite presence in either the Calgary or Edmonton office. Key Responsibilities Serve as a core contributor and technical resource for Threat Intelligence Platforms (Anomali ThreatStream and Mandiant/Google Threat Intelligence). Develop custom queries, API integrations, and scripting (primarily Python) to automate ingestion, enrichment, and correlation of IOCs and actor TTPs from all feeds. Lead planning, execution, and formal reporting of intelligencedriven Threat Hunts, developing hypotheses based on current threat actor TTPs (mapped via MITRE ATT&CK), coordinating execution across multiple defensive teams (SOC, IR), validating new detection opportunities, and ensuring all activity delivers measurable value to defense operations. Translate complex technical analysis (tactical data) into clear, contextrich operational and strategic intelligence reports, ensuring timely and targeted dissemination to IR, SOC, and executive stakeholders. Proactively track and profile cyber threat actors relevant to the financial sector, mapping their capabilities and infrastructure to the MITRE ATT&CK Framework. Collaborate with Security Operations and Vulnerability Management teams to implement new detection rules, finetune existing security controls based on validated threat intelligence, and write clear, concise documentation (SOPs, Job Aids) to codify new processes. #J-18808-Ljbffr