EY TC-CS-Cyber Detection Response-Cyber Threat Intelligence-Senior 

India, Karnataka, Bengaluru 

640472974

Responsibilities:

• Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education).
• Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence.
• Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis.
• Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively.
• Develop and document threat intelligence playbooks and procedures.
• Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets.
• Collaborate with cross-functional teams to assess risks and recommend mitigation strategies.
• Evaluate and refine alerts triggered by threat intelligence platforms.
• Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly.
• Work closely with international IT teams and third-party vendors to understand adversary intent and activity.
• Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies.
• Contribute to the design and enhancement of the organization's Threat Intelligence Program.
• Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program.
• Perform as-hoc intelligence gathering using OSINT tools and techniques
• Able to apply creative and critical thinking when approaching issues.

Required Qualifications:

• Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence).
• Extensive experience with threat intelligence platforms and playbook development.
• Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks.
• Strong analytical skills and expertise in OSINT techniques.
• Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour.
• Familiarity with Python, APIs, Docker containers, and automation tools.
• Proven ability to work independently and handle complex situations.
• Excellent verbal and written communication skills to deliver briefings to diverse audiences.

Additional Information:

• This position requires support during Canada business hours.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.