TC-CS-Cyber Detection And Response-...

Join EY as a Senior Cyber Threat Intelligence Analyst and contribute to our global cybersecurity efforts. In this role, you will be instrumental in collecting, analyzing, and disseminating actionable intelligence to safeguard our organization against evolving cyber threats. You will collaborate with stakeholders, conduct in-depth threat research, and help shape intelligence-driven security strategies.

Your responsibilities will include:

• Monitoring and analyzing emerging cyber threats across various sectors.
• Performing in-depth analysis of advanced threat actor tactics, techniques, and procedures (TTPs), translating findings into actionable intelligence.
• Developing and maintaining a comprehensive repository of cyber threat data for risk assessment and trend analysis.
• Creating and presenting detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring clear communication of technical findings.
• Developing and documenting threat intelligence playbooks and procedures.
• Improving security detection capabilities using tools like YARA, SIGMA, and Snort.
• Collaborating with cross-functional teams to assess risks and recommend mitigation strategies.
• Evaluating and refining alerts from threat intelligence platforms.
• Utilizing OSINT techniques to validate and prioritize alerts, escalating critical threats promptly.
• Working closely with international IT teams and third-party vendors to understand adversary intent and activity.
• Staying abreast of the latest cybersecurity trends, vulnerabilities, and attack methodologies.
• Contributing to the design and enhancement of the organization's Threat Intelligence Program.
• Participating in the assessment, analysis, and design of improvements for the Threat Intelligence Program.
• Performing ad-hoc intelligence gathering using OSINT tools and techniques.
• Applying creative and critical thinking to complex issues.

Required qualifications include:

• A Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence).
• Extensive experience with threat intelligence platforms and playbook development.
• Proficiency in using frameworks like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain.
• Strong analytical skills and expertise in OSINT techniques.
• Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour.
• Familiarity with Python, APIs, Docker containers, and automation tools.
• Proven ability to work independently and manage complex situations.
• Excellent verbal and written communication skills for effective briefings to diverse audiences.

This position requires support during Canada business hours.