GMS-Senior-MDR SecOps-Threat Intelligence

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

 Senior Cyber Threat Intelligence Analyst

Position Overview: We are seeking a highly skilled and experienced Senior Cyber Threat Intelligence Analyst to join our cybersecurity team. The ideal candidate will have a strong background in threat intelligence monitoring, report writing, and the use of various threat intelligence platforms. This role requires a proactive individual who can develop and sustain custom threat intelligence feeds, integrate them into SIEMs, and provide in-depth reporting tailored to client needs. The candidate must be comfortable working in the EST timezone (evening shift for overlap with onshore/client team ) and be on-call for high-priority urgent tasks.

Key Responsibilities:

• Monitor and analyze threat intelligence using tools such as ZeroFox, Digital Shadows, or similar platforms.
• Write comprehensive and technical cybersecurity reports with strong attention to detail.
• Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering.
• Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux.
• Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP.
• Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel.
• Execute domain and social media account takedowns as necessary.
• Create custom, in-depth reports specific to client requirements.
• Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis.
• Utilize Excel and/or Power BI for data visualization and graph creation.
• Experience with excel data cleansing, VLookups, Pivot Tables
• Prepare and deliver PowerPoint presentations and reports to stakeholders.
• Maintain strong verbal and written communication skills in English.
• Work independently under pressure and prioritize tasks effectively.
• Be available for on-call duties for high-priority urgent tasks.
• Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work.

Qualifications:

• Minimum of 3 years of experience with threat intelligence monitoring tools.
• At least 1 year of experience in threat intelligence report writing.
• Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search.
• Experience with scripting in Python, Azure, and Linux.
• Familiarity with one or more threat intelligence platforms for feed management.
• Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel.
• Proven experience with domain and social media account takedowns.
• Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain.
• Excellent English writing skills.
• Proficiency in Excel and/or Power BI for data visualization.
• Strong experience with PowerPoint presentations and reporting.
• Strong verbal English and presentation skills.
• Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus.
• Certifications specific to cyber threat intelligence are an asset.
• Ability to work in the EST timezone (evening shift for overlap with onshore/client team ).
• Strong analytical skills and ability to prioritize tasks effectively.
• Experience working with MSSPs for backend and client-facing work.

Preferred Skills:

• Experience with additional threat intelligence platforms.
• Advanced technical writing and reporting skills.
• Strong analytical and problem-solving abilities.
• Ability to work independently and as part of a team.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.