Tech Consulting - Cybersecurity - Threat & Vulnerability Managment (Cyber Threat Intel) - Manager

Tech Consulting - Cybersecurity - Threat & Vulnerability Managment (Cyber Threat Intel) - Manager

08 Nov 2024
District of Columbia, Washington, 20001 Washington USA

Tech Consulting - Cybersecurity - Threat & Vulnerability Managment (Cyber Threat Intel) - Manager

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.The exceptional EY experience. It's yours to build.EY focuses on high-ethical standards and integrity among its employees and expects all candidates to demonstrate these qualities.Consulting – Tech Consulting – Cybersecurity – Threat and Vulnerability Management (Cyber Threat Intelligence) - ManagerThe opportunityIn a rapidly changing cybersecurity threat landscape, clients from all industries look to us for trusted solutions for increasingly complex threats and risks. Join our dynamic Cybersecurity team as a Manager in Response & Investigations, where you'll confront emergent threats, conduct detailed investigations, and develop strategies to enhance security measures. This role is pivotal in safeguarding our organization's digital infrastructure and requires a proactive approach to continuous improvement and the application of best practices.Your key responsibilitiesAs a Manager on the Cyber Threat Intelligence team, your key responsibilities would include integrating an intelligence-led perspective across all domains of security. You role would involve leading cross-disciplinary teams in conducting detailed intelligence analysis using industry frameworks and techniques and applying that analysis to inform and enhance other areas of cybersecurity. You would oversee teams’ collection, analysis, production, and dissemination of actionable cyber threat intelligence and ensure collaboration with other security and business teams is productive and valuable. You will be responsible for ensuring delivery of clear, concise, and actionable intelligence reports and support to both technical and executive audiences. Furthermore, as a manager, you would play a pivotal role in mentoring senior and junior analysts, setting and advancing a collaborative and trust-based culture, and bringing new ideas to enhance the team’s skillsets and capabilities. In addition to these responsibilities, you would be expected to stay abreast of the latest cyber threat trends and technologies, representing EY and the team in high-visibility industry groups, conferences, and events.Skills and attributes for success

The ability to communicate effectively and professionally both verbally and in written form when interacting with clients, senior leaders, technical teams, support staff, vendors, and business partners in both technical and non-technical terms.

The ability to engage with clients by listening to and understanding their needs.

The ability to recognize when to escalate risks, issues, and opportunities to enhance service delivery and increase revenue to appropriate client and EY leadership.

The ability to manage the creation, review, and delivery of high-quality work products, client reports, and presentations.

Adherence to service quality standards and program management requirements.

The ability to work collaboratively in a cross-functional team environment that is culturally diverse and with geographically dispersed teams.

Strong analytical and critical thinking skills, with the ability to process complex information and present it in a clear and understandable manner.

A proactive mindset, with a keen interest in staying abreast of the latest cyber threats and trends.

To qualify for the role, you must have:

A Bachelor’s degree in Computer Science, Computer Engineering, Cybersecurity, Management Information Systems, or a related field along with 6+ years of relevant experience in cyber threat intelligence or a related field, with some of that experience in professional services or similar fields.

Demonstrated leadership experience with the ability to manage and mentor a team of consultants and analysts.

Demonstrated experience with common standards such as STIX/TAXII, ICD203 & ICD206, DHS TLP, etc. and a thorough understanding of the intelligence lifecycle.

The ability to conduct research and Open-Source Intelligence (OSINT) while understanding the importance of leveraging primary sources and validating findings.

A strong understanding of Threat Intelligence Platforms (TIPs) and experience leading research and analysis using common CTI tools, whether open or closed source.

Deep understanding of frameworks and concepts such as atomic Indicators of Compromise (IOCs), MITRE ATT&CK Tactics, Techniques, and Procedures (TTPs), the Pyramid of Pain, and higher-level behavioral patterns.

Experience dealing with threat actor of varying motivations, resourcing, and goals, including Advanced Persistent Threat (APT) actors, cybercriminals, and hacktivist groups.

Ideally, you’ll also have

The ability to communicate effectively in verbal conversations, workshops, and interviews.

Exemplary writing skills and the ability to communicate complex technical information to a non-technical audience through written deliverables.

The ability to translate abstract, high-level thoughts into easily digestible concepts and visuals, including PowerPoint slides and Visio diagrams.

The ability to quickly break down complex problems into step-by-step, solvable components, estimate level-of-effort and needs for each component, and prioritize activities to achieve outcomes in tight timelines.

Familiarity with the latest events, threat actors, vulnerabilities, security trends, and mitigations in cybersecurity.

What we look forWe are looking for top performers with a deep understanding of technological threats and the capacity to lead teams in a dynamic, client-driven environment. Ideal candidates are adept at managing current challenges and anticipating future vulnerabilities within the cyber realmWhat we offerWe offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $143,500 to $263,200. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $172,200 to $299,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY accepts applications for this position on an on-going basis. If you can demonstrate that you meet the criteria above, please contact us as soon as possible.EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.For those living in California, please click here (https://ey-preview.ey.com/content/ey-unified-site/ey-com/local/us/enus/home/legal-and-privacy/fair-chance-ordinance.html?token=68cf9ed2-94e5-4db9-83cf-5c6aa14619de) for additional information.EY is an equal opportunity, affirmative action employer providing equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities. If you have a disability and either need assistance applying online or need to request an accommodation during any part of the application process, please call 1-800-EY-HELP3, select Option 2 for candidate related inquiries, then select Option 1 for candidate queries and finally select Option 2 for candidates with an inquiry which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com

Related jobs

  • At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better. Join us and build an exceptional experience for yourself, and a better working world for all.

  • Our Mission

  • Summary This position is located in the IT Security Operations and Monitoring Division within the Office of Technology, Services, and Innovation (TSI). The selectee reports to the Division Director and provides technical expertise to protect the availability, integrity, and confidentiality of agency information that is stored or processed on computing systems managed by TSI on behalf of the agency. Position is Local Remote Work Eligible. Please see Additional Information for more details. Responsibilities As an IT Cybersecurity Specialist (Information Security), you will be responsible for duties to include, but are not limited to: Serves as senior member of core Computer Incident Response Team (CIRT) to address security incidents, investigations, and resolution. Serves as a member of the IT Security Operations Center (SOC) to lead or assist in \"search and destroy\" tasks, event and alert configuration and monitoring, and reporting on operations and findings. Installs, maintains, and administrates security tools in an enterprise with cloud-based and on-premises systems. Conducts and supports investigations. Analyzes events and alerts from agency systems and networks to identify suspicious activity for potential incidents. This may include investigating activities that indicate data loss, data mishandling, account compromise, etc. This could concern PII, criminal or policy violations, phishing, etc. Investigation may involve the analysis of system logs, security tools, file stores, email or other messaging, etc. Ensure the safety of information systems assets and to protect systems and data from intentional or inadvertent access or destruction, while preserving, and where possible, enhancing information system usability. Participates in strategic planning to ensure that USAGM\'s enterprise networks have the appropriate tools and employs the correct techniques to thwart an increasing cyber-crime and cyber espionage threat. Supports the development and deployment of the agency\'s IT Security Awareness Training Program. This may come in the form of reviewing curriculum, making suggestions based on predictions and observed trends, and supporting digital security training/briefs for travelers going to high threat locations. May also include participating in briefing staff onboarding into the agency. May serve as Contracting Officer\'s Representative; required to obtain and maintain COR level 1 to manage and oversee contracts. Evaluates contractor performed services on behalf of USAGM, verifies materials delivered, and approves contractor invoices for payment. Assists with engagement of other agencies such as partial details to joint task forces relevant to USAGM and IT security operations while bringing information back to IT Security Operations on latest trends and threats. Requirements Conditions of Employment Qualifications Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND one year of specialized experience equivalent to the GS-13 level in the Federal service as described below. COMPETENCY REQUIREMENTS: Attention to Detail - Is thorough when performing work and conscientious about attending to detail. This skill may be demonstrated by assignments actively finding and addressing cybersecurity threats. Customer Service - Works with clients and customers (that is, any individuals who use or receive the services or products that your work unit produces, including the general public, individuals who work in the agency, other agencies, or organizations outside the Government) to assess their needs, provide information or assistance, resolve their problems, or satisfy their expectations; knows about available products and services; is committed to providing quality products and services. This skill is generally demonstrated by assignments where the applicant is the point of contact for resolving customer IT issues and ensuring their satisfaction. Oral Communication - Expresses information (for example, ideas or facts) to individuals or groups effectively, taking into account the audience and nature of the information (for example, technical, sensitive, controversial); makes clear and convincing oral presentations; listens to others, attends to nonverbal cues, and responds appropriately. This skill is generally demonstrated by assignments where the applicant serves on panels, committees, or task forces as a representative for the organization on technical or professional issues Problem Solving - Identifies problems; determines accuracy and relevance of information; uses sound judgment to generate and evaluate alternatives, and to make recommendations. This skill is generally demonstrated by assignments where the applicant troubleshoots complex IT issues and finds effective solutions. SPECIALIZED EXPERIENCE REQUIREMENTS Applicants must have a minimum of one year of specialized experience at a level of difficulty and responsibility comparable to the GS-13 or comparable pay band in the Federal service or equivalent experience in the private sector. Specialized Experience is experience that has equipped the applicant with the knowledge, skills and abilities to successfully perform the duties of the position and includes all of the following: Detecting, analyzing, and responding to IT security threats; Integrating new tools, tactics, and technologies into incident detection and response workflows; and Developing IT security procedures and recommendations to respond to IT security incidents. NOTE: Applicants must ensure their resumes reflect their experience with all of the above specialized experience criteria. Education Education is not required for this grade level. It cannot be used for qualification purposes. Additional Information Local Remote Work Possible: The selectee of this position can request a remote work agreement for a home duty station within the Washington-Baltimore-Arlington, DC-MD-VA-WV-PA pay locality area. This position does have occasional, irregular on-site responsibilities that require reporting to Washington, D.C. so home duty stations outside the Washington DC local commuting area will not be considered through this announcement. USAGM is committed to fostering a diverse and inclusive work environment. To build and retain a workforce that reflects the diverse experiences and perspectives of the American people, we welcome applicants from the many communities, identities, races, ethnicities, backgrounds, abilities, religions, and cultures of the United States who share our commitment to public service. Applicants must meet all qualification requirements by closing date of the announcement to be considered. 1. If you are a male applicant who was born after 12/31/59 and are required to register under the Military Selective Service Act, the Defense Authorization Act of 1986 requires that you be registered or you are not eligible for appointment in this agency. For Military Selective Service Act requirement information, please visit Selective Service 2. Your application to this vacancy announcement will only allow consideration for this announcement. We cannot electronically or manually move your application to corresponding announcements, if applicable. 3. Additional vacancies not reflected in the announcement that occur after the opening date of the vacancy announcement for position(s) identical (same grade, series and title) to the original vacancy may be filled from the selection certificate during the validity of the certificate. 4. Budgetary conditions may delay or otherwise affect filling this vacancy. However, all interested candidates should apply now.

  • Job Description

  • Job Family :

  • Summary This serves as public notice for the use of OPM\'s Direct Hire Authority. Applicants who meet the qualification requirements will be forwarded to the selecting official for consideration. These positions are in the Office of Assessment & Authorization, Cyber Operations Directorate, Diplomatic Technology (DT/DCIO/CO/AA), in the U.S. Department of State. Responsibilities Develops, analyzes, implements, validates, and verifies Departmental cybersecurity products and processes, analyzes effectiveness of new systems authorization methods and techniques. Reviews proposed new systems, networks, and software designs for their potential security risks, recommends appropriate risk countermeasures and resolves major integration issues related to the integration of new systems and applications. Provides IT Cybersecurity Project Management support for all Information Assurance activities related to systems certification in an assigned Bureau. Serves as subject matter expert for assigned Bureau\'s authorization functions, and acts in this capacity to provide guidance to Bureau systems owners on aligning current and future technologies. Leads, plans, organizes, conducts, and participates in IT security working groups, committees and panels that are designed to improve the quality of the Department\'s vital IT cybersecurity programs. Requirements Conditions of Employment Qualifications Applicants must meet all the qualification requirements described below by the closing date of this announcement. Applicants applying for the GS-14 grade level must meet the following requirements: Have IT-related experience demonstrating EACH of the four competencies AND specialized experience listed below: Attention to Detail - experience reviewing my own information technology-related work or data and have been responsible for reviewing the work of others to ensure accuracy, completeness, and consistency with standards. Customer Service - developing and maintaining relationships with customers, anticipating and assessing the current and future information technology needs of customers, and developing or identifying information technology products or services that are tailored to meet customer needs. Oral Communication - briefing senior-level management and IT staff on the status of information technology systems, projects, or daily operations, including the communication of complex technical information to a non-technical audience. Problem Solving - identifying alternatives to address unique, highly complex, or sensitive information technology-related issues. I have anticipated information technology-related problems and have identified and evaluated potential sources of information to generate alternative solutions. AND Have at least 1 full year of specialized experience equivalent to the GS-13 level in the Federal service which provided you with the particular knowledge, skills and abilities to perform the duties of the position. Qualifying specialized experience must demonstrate the following: Experience developing and interpreting information assurance policies, procedures, and strategies governing the planning and delivery of services. Experience with IT project management and the Risk Management Framework (RMF) to develop plans and schedules, estimating resource requirements, defining milestones and deliverables, monitoring activities, and evaluating and reporting on accomplishments. Experience analyzing new IT cybersecurity system and providing recommendations to management. NOTE: In order to qualify for this position, your experience MUST be IT related; the experience may be demonstrated by paid or unpaid experience and/or completion of specific, intensive training (for example, IT certification), as appropriate. There is no substitute of education for specialized experience for the GS-14 position. Education Education requirements do not apply to this vacancy announcement. Additional Information For reasonable accommodation at the U.S. Department of State, please contact the Office of Accessibility and Accommodations at (202) 663-3474 or OAA@state.gov. If eligible, telework agreements may be permitted with supervisory approval. Multiple positions may be filled from this announcement. If eligible, applicants to this announcement may be referred to other similar positions in other Bureaus/Offices in the Department for up to 240 days. Telework eligibility and security clearance requirements may vary for such similar positions.

  • Mid-level Vulnerability & Patch Management Engineer

Job Details

Jocancy Online Job Portal by jobSearchi.