TC-CS-Cyber Detection and Response-Cyber Threat Intelligence-Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Role Overview:

We are seeking a highly skilled Senior Cyber Threat Intelligence Analyst to join the Canada CTI team. The role involves collecting, analyzing, and disseminating actionable intelligence to support cybersecurity operations and protect the organization against emerging threats. The candidate will collaborate with internal and external stakeholders, conduct threat research, and contribute to the development of intelligence-driven strategies.

Responsibilities:

• Lead the monitoring and analysis of emerging cyber threats across various sectors (e.g., Finance, Healthcare, Education).
• Perform in-depth analysis of advanced threat actor campaigns, including TTPs (Tactics, Techniques, and Procedures), and translate findings into actionable intelligence.
• Develop and maintain a comprehensive repository of cyber threat data for risk assessment and trend analysis.
• Create and present detailed reports (Strategic, Tactical, and Operational) to stakeholders, ensuring technical findings are communicated effectively.
• Develop and document threat intelligence playbooks and procedures.
• Identify and improve security detection capabilities using YARA, SIGMA, Snort, and similar rulesets.
• Collaborate with cross-functional teams to assess risks and recommend mitigation strategies.
• Evaluate and refine alerts triggered by threat intelligence platforms.
• Use OSINT techniques to validate and prioritize alerts and escalate critical threats promptly.
• Work closely with international IT teams and third-party vendors to understand adversary intent and activity.
• Stay informed about the latest cybersecurity trends, vulnerabilities, and attack methodologies.
• Contribute to the design and enhancement of the organization's Threat Intelligence Program.
• Participates in the assessment, analysis, and design of improvements for the Threat Intelligence Program.
• Perform as-hoc intelligence gathering using OSINT tools and techniques
• Able to apply creative and critical thinking when approaching issues.

Required Qualifications:

• Bachelor's degree in Computer Science or equivalent, with a certification such as GCTI (GIAC Cyber Threat Intelligence).
• Extensive experience with threat intelligence platforms and playbook development.
• Proficiency in tools like MITRE ATT&CK, Diamond Model, and Cyber Kill Chain frameworks.
• Strong analytical skills and expertise in OSINT techniques.
• Advanced knowledge of cybersecurity incidents, attack vectors, and threat actor behaviour.
• Familiarity with Python, APIs, Docker containers, and automation tools.
• Proven ability to work independently and handle complex situations.
• Excellent verbal and written communication skills to deliver briefings to diverse audiences.

Additional Information:

• This position requires support during Canada business hours.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.