Government and Public Sector - Cybersecurity - Cyber Threat Intelligence Senior Consultant

7d•Hybrid

About The Position

At EY, we’re all-in to shape your future with confidence. We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help build a better working world. Government and Public Sector – Technology Consulting - Cybersecurity – Cyber Threat Intelligence Senior Consultant The opportunity EY’s Government & Public Sector (GPS) Cyber Security practice helps Federal, State, Local, and Education clients protect mission critical systems, manage cyber risk, and improve resilience. Our teams support clients in designing, building, and maturing intelligence led cybersecurity capabilities that enable informed decisions and operational effectiveness. As a Cyber Threat Intelligence (CTI) Senior, you will shape intelligence‑led cybersecurity programs for government clients, with a focus on program design, operational integration, and long‑term capability maturity. The role emphasizes program ownership, trusted advisory leadership, solution development, and operational involvement to guide delivery teams, validate analytic approaches, and drive measurable mission and risk outcomes. Role summary The CTI Senior supports the development and expansion of intelligence led cyber security programs, including supply chain risk management (CSCRM) and third-party risk use cases. You will own delivery of CTI capabilities across one or more engagements, advise senior client stakeholders on CTI operating models and technologies, mentor analysts and consultants, and contribute to practice growth through capture support, solution shaping, and thought leadership. You will position CTI as a control‑enabling function that supports Zero Trust initiatives, supply‑chain assurance, and enterprise risk decision‑making across classified and unclassified environments. This role is designed for a professional who understands how CTI should function operationally while focusing on building, guiding, improving programs, and running intelligence operations as required.

Requirements

Strong understanding of cyber threat intelligence tradecraft, including MITRE ATT&CK, the Intelligence Cycle, and structured analytic techniques.
Experience helping to design, build, or mature CTI programs.
Knowledge of how CTI supports supply chain risk management, third party risk, vulnerability prioritization, and incident response.
Familiarity with Threat Intelligence Platforms (TIPs) and intelligence integration patterns.
Strong communication skills with the ability to advise technical teams and brief senior stakeholders.
Comfort working in a client facing consulting environment.
Bachelor’s degree (or equivalent experience) in Cybersecurity, Computer Science, Information Systems, Engineering, Business, or a related field.
5+ years of experience in cyber threat intelligence, cybersecurity operations, or risk management.
Demonstrated experience supporting or leading CTI capability development.
Experience with intelligence standards such as STIX/TAXII, DHS TLP, and ICD 203/206.
Familiarity with NIST CSF, Zero Trust concepts, and federal SCRM expectations.
One or more relevant certifications (e.g., CISSP, CISM, GIAC GCTI/GDAT/GMON, OSCP, CEH).
Must have an active TS/SCI clearance with eligibility for a polygraph.
Must be comfortable working in-person as needed in the greater Washington, DC area (usually on-site 3 days per week).
Willingness to travel 20–30% based on client needs.

Nice To Haves

Prior consulting experience.
Experience standing up CTI programs from concept through early operational maturity.
Experience with leading CTI platforms, such as: Recorded Future, CrowdStrike (Falcon Intelligence / Adversary Intelligence), Mandiant Advantage, Anomali, ThreatConnect, EclecticIQ
Experience applying CTI to supply chain, third party, or ecosystem risk management.
Background in government, defense, intelligence, or critical infrastructure environments.

Responsibilities

Lead the design, maturation, and scaling of cyber threat intelligence programs, including operating models, governance, workflows, analytic standards, and quality controls.
Help clients define intelligence requirements aligned to mission, risk, and operational priorities.
Align intelligence requirements to federal cybersecurity frameworks and mission assurance objectives (e.g., NIST CSF, Zero Trust).
Develop recommendations and roadmaps to improve CTI effectiveness and integration across cybersecurity and risk functions.
Lead intelligence‑driven supply chain and ecosystem risk capabilities that inform acquisition, vendor trust, and mission partner assurance decisions.
Apply CTI to nation‑state and criminal targeting of suppliers in support of EO 14028, NIST 800‑161, and CMMC‑aligned risk programs.
Advise clients on the selection, implementation, and optimization of CTI platforms and tooling.
Support the design of intelligence pipelines for collection, enrichment, scoring, and dissemination.
Guide integration of CTI into SOC, Incident Response, Vulnerability Management, and cybersecurity risk management programs.
Leverage knowledge of automation and scripting concepts to inform scalable program design.
Understand how automation, analytics, and emerging AI capabilities influence modern CTI production and consumption models.
Serve as an advisor to security and risk teams on how to consume and operationalize intelligence.
Provide subject matter guidance during incidents or threat investigations as needed, without acting as the primary operator.
Provide intelligence outputs that directly inform executive, operational, and risk‑based decisions during high‑impact events.
Translate intelligence concepts into clear risk and mission impact narratives for client stakeholders.
Mentor CTI analysts and junior team members on intelligence tradecraft, analytic rigor, and quality standards.
Review and provide feedback on intelligence products to ensure clarity, relevance, and consistency.
Support onboarding and development of CTI resources as programs grow.
Support business development and capture efforts, including proposal development, solution shaping, and client briefings.
Partner with account teams to identify opportunities to expand CTI services.
Contribute to EY methodologies, accelerators, and thought leadership related to cyber threat intelligence and intelligence led risk management.

Benefits

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business.
The base salary range for this job in all geographic locations in the US is $104,800 to $192,200.
The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $125,800 to $218,500.
Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography.
In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances.
You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume