Job Information
EY Tech Consulting - Cybersecurity - Threat & Vulnerability Management (Cyber Threat Intel) - Senior in New York, New York
At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.
The exceptional EY experience. It's yours to build.
EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.
Consulting – Tech Consulting - Cybersecurity – Threat and Vulnerability Management (Cyber Threat Intelligence) - Senior
The Opportunity
In a rapidly changing cybersecurity threat landscape, clients from all industries look to us for trusted solutions for increasingly complex threats and risks. Join our dynamic team as a Senior Cybersecurity Response & Investigations Specialist, where you'll be at the forefront of addressing advanced threats and vulnerabilities. You'll play a crucial role in both proactive and reactive strategies to combat cyber incidents and conduct thorough root cause analysis. Your expertise in digital forensics will be vital in investigating incidents, shaping future mitigation strategies, and managing forensic artefacts for compliance and law enforcement purposes.
Your key responsibilities
As a Senior on the Cyber Threat Intelligence team, your key responsibilities would include integrating an intelligence-led perspective across all domains of security. You role would involve conducting detailed analysis of threats by leveraging intelligence frameworks like MITRE ATT&CK and applying the intelligence lifecycle to produce actionable insights. You would also collaborate with tactical security teams to provide intelligence support, aiding in swift and effective decision-making before, during, and after cyber incidents. This may involve engaging in malware or infrastructure analysis, threat actor profiling and hunting, threat attribution and forecasting to aid the development of reactive and proactive defenses. You will be responsible for crafting and delivering clear, concise, and actionable intelligence reports tailored for technical and executive audiences, enabling informed decision-making at all levels. Furthermore, as a senior analyst, you would play a pivotal role in mentoring junior analysts, contributing to the development of the cyber threat intelligence team's capabilities, and fostering a culture of continuous learning and improvement. In addition to these responsibilities, you would be expected to stay abreast of the latest cyber threat trends and technologies, participate in industry groups, conferences, and forums, and engage in professional development opportunities to maintain a high level of expertise in the rapidly evolving field of cyber threat intelligence.
Skills and attributes for success
To thrive in this role, you'll need a blend of technical and business skills, along with the ability to navigate complex problems and make informed decisions. Your professional knowledge and experience will guide you in adhering to broad policies and tackling issues with in-depth evaluations.
Demonstrate advanced problem-solving and critical thinking skills
Exhibit digital and learning agility
Foster a collaborative learning environment
The ability to recognize when to escalate risks, issues, and opportunities to enhance service delivery to appropriate client and EY leadership.
The ability to create and deliver high-quality work products, client reports, and presentations.
Adherence to service quality standards and program management requirements.
The ability to work collaboratively in a cross-functional team environment that is culturally diverse and with geographically dispersed teams.
Strong analytical and critical thinking skills, with the ability to process complex information and present it in a clear and understandable manner.
To qualify for the role, you must have:
A Bachelor’s degree (4-year degree) in Computer Science, Computer Engineering, Cybersecurity, Management Information Systems, or a related field along with 2-4 years of relevant experience in cyber threat intelligence or a related field.
Strong critical thinking skills, including the ability to analyze and compare multiple sources and reports.
Demonstrated experience with common standards such as STIX/TAXII, ICD203 & ICD206, DHS TLP, etc. and a thorough understanding of the intelligence lifecycle.
The ability to conduct research and Open-Source Intelligence (OSINT) while understanding the importance of leveraging primary sources and validating findings.
An understanding of usage and operationalization of Threat Intelligence Platforms (TIPs) and experience conducting research and analysis using common CTI tools, whether open or closed source.
Deep understanding of frameworks and concepts such as atomic Indicators of Compromise (IOCs), MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), the Pyramid of Pain, and higher-level behavioral patterns.
Knowledge of threat actor motivations, resourcing, and goals, including Advanced Persistent Threat (APT) actors, cybercriminals, and hacktivist groups.
Relevant industry certifications such as GIAC Cyber Threat Intelligence (GCTI), GIAC Certified Incident Handler (GCIH), and GIAC Security Essentials Certification (GSEC), or the ability to acquire certification after employment.
Ideally, you’ll also have
The ability to communicate effectively in verbal conversations, workshops, and interviews.
Exemplary writing skills and the ability to communicate complex technical information to a non-technical audience through written deliverables.
The ability to translate abstract, high-level thoughts into easily digestible concepts and visuals, including PowerPoint slides and Visio diagrams.
The ability to break down complex problems into step-by-step, solvable components, estimate level-of-effort and needs for each component, and prioritize activities to achieve outcomes in tight timelines.
Proficiency with consulting engagement methodologies and approaches, understanding how to apply a technical skill or ability to a client need.
Familiarity with the latest events, threat actors, vulnerabilities, security trends, and mitigations in cybersecurity.
What we look for
We seek top performers with a passion for cybersecurity and a proven track record of success. Ideal candidates are those who demonstrate agility, critical thinking, and the ability to work collaboratively in a dynamic environment.
What we offer
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $103,800 to $190,300. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $124,600 to $216,300. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
EY accepts applications for this position on an on-going basis. If you can demonstrate that you meet the criteria above, please contact us as soon as possible.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
For those living in California, please click here (https://ey-preview.ey.com/content/ey-unified-site/ey-com/local/us/en_us/home/legal-and-privacy/fair-chance-ordinance.html?token=68cf9ed2-94e5-4db9-83cf-5c6aa14619de) for additional information.
EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com