At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspectiveto help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.Consulting - Tech Consulting - Cybersecurity - Threat and Vulnerability Management (Cyber Threat Intelligence) - SeniorThe OpportunityIn a rapidly changing cybersecurity threat landscape, clients from all industries look to us for trusted solutions for increasingly complex threats and risks. Join our dynamic team as a Senior Cybersecurity Response & Investigations Specialist, where you'll be at the forefront of addressing advanced threats and vulnerabilities. You'll play a crucial role in both proactive and reactive strategies to combat cyber incidents and conduct thorough root cause analysis. Your expertise in digital forensics will be vital in investigating incidents, shaping future mitigation strategies, and managing forensic artefacts for compliance and law enforcement purposes.Your key responsibilitiesAs a Senior on the Cyber Threat Intelligence team, your key responsibilities would include integrating an intelligence-led perspective across all domains of security. Your role would involve conducting detailed analysis of threats by leveraging intelligence frameworks like MITRE ATT&CK and applying the intelligence lifecycle to produce actionable insights. You would also collaborate with tactical security teams to provide intelligence support, aiding in swift and effective decision-making before, during, and after cyber incidents. This may involve engaging in malware or infrastructure analysis, threat actor profiling and hunting, threat attribution and forecasting to aid the development of reactive and proactive defenses. You will be responsible for crafting and delivering clear, concise, and actionable intelligence reports tailored for technical and executive audiences, enabling informed decision-making at all levels. Furthermore, as a senior analyst, you would play a pivotal role in mentoring junior analysts, contributing to the development of the cyber threat intelligence team's capabilities, and fostering a culture of continuous learning and improvement. In addition to these responsibilities, you would be expected to stay abreast of the latest cyber threat trends and technologies, participate in industry groups, conferences, and forums, and engage in professional development opportunities to maintain a high level of expertise in the rapidly evolving field of cyber threat intelligence.Skills and attributes for success
- Demonstrate advanced problem-solving and critical thinking skills
- Exhibit digital and learning agility
- Foster a collaborative learning environment
- The ability to recognize when to escalate risks, issues, and opportunities to enhance service delivery to appropriate client and EY leadership.
- The ability to create and deliver high-quality work products, client reports, and presentations.
- Adherence to service quality standards and program management requirements.
- The ability to work collaboratively in a cross-functional team environment that is culturally diverse and with geographically dispersed teams.
- Strong analytical and critical thinking skills, with the ability to process complex information and present it in a clear and understandable manner.To qualify for the role, you must have:
- A Bachelor's degree (4-year degree) in Computer Science, Computer Engineering, Cybersecurity, Management Information Systems, or a related field along with 2-4 years of relevant experience in cyber threat intelligence or a related field.
- Strong critical thinking skills, including the ability to analyze and compare multiple sources and reports.
- Demonstrated experience with common standards such as STIX/TAXII, ICD203 & ICD206, DHS TLP, etc. and a thorough understanding of the intelligence lifecycle.
- The ability to conduct research and Open-Source Intelligence (OSINT) while understanding the importance of leveraging primary sources and validating findings.
- An understanding of usage and operationalization of Threat Intelligence Platforms (TIPs) and experience conducting research and analysis using common CTI tools, whether open or closed source.
- Deep understanding of frameworks and concepts such as atomic Indicators of Compromise (IOCs), MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), the Pyramid of Pain, and higher-level behavioral patterns.
- Knowledge of threat actor motivations, resourcing, and goals, including Advanced Persistent Threat (APT) actors, cybercriminals, and hacktivist groups.
- Relevant industry certifications such as GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Incident Handler (GCIH), and GIAC Security Essentials Certification (GSEC), or the ability to acquire certification after employment.What we look forWe seek top performers with a passion for cybersecurity and a proven track record of success. Ideal candidates are those who demonstrate agility, critical thinking, and the ability to work collaboratively in a dynamic environment.What we offerWe offer a comprehensive compensation and benefits package where you'll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $103,800 to $190,300. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $124,600 to $216,300. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. #J-18808-Ljbffr