Government and Public Sector Cybersecurity Cyber Threat Intelligence Senior Consultant

Government and Public Sector Technology Consulting - Cybersecurity Cyber Threat Intelligence Senior Consultant

The opportunity

EYs Government & Public Sector (GPS) Cyber Security practice helps Federal State Local and Education clients protect mission critical systems manage cyber risk and improve resilience. Our teams support clients in designing building and maturing intelligence led cybersecurity capabilities that enable informed decisions and operational effectiveness.

As a Cyber Threat Intelligence (CTI) Senior you will shape intelligenceled cybersecurity programs for government clients with a focus on program design operational integration and longterm capability maturity.

The role emphasizes program ownership trusted advisory leadership solution development and operational involvement to guide delivery teams validate analytic approaches and drive measurable mission and risk outcomes.

Role summary

The CTI Senior supports the development and expansion of intelligence led cyber security programs including supply chain risk management (CSCRM) andthird-party risk use cases. You will own delivery of CTI capabilities across one or more engagements advise senior client stakeholders on CTI operating models and technologies mentor analysts and consultants and contribute to practice growth through capture support solution shaping and thought leadership.

You will position CTI as a controlenabling function that supports Zero Trust initiatives supplychain assurance and enterprise risk decisionmaking across classified and unclassified environments.

This role is designed for a professional who understands how CTI should function operationally while focusing on building guiding improving programs and running intelligence operations as required.

Key responsibilities

CTI Program Design & Enablement

• Lead the design maturation and scaling of cyber threat intelligence programs including operating models governance workflows analytic standards and quality controls.
• Help clients define intelligence requirements aligned to mission risk and operational priorities.
• Align intelligence requirements to federal cybersecurity frameworks and mission assurance objectives (e.g. NIST CSF Zero Trust).
• Develop recommendations and roadmaps to improve CTI effectiveness and integration across cybersecurity and risk functions.
• Lead intelligencedriven supply chain and ecosystem risk capabilities that inform acquisition vendor trust and mission partner assurance decisions.
• Apply CTI to nationstate and criminal targeting of suppliers in support of EO 14028 NIST 800161 and CMMCaligned risk programs.

CTI Technology & Integration Advisory

• Advise clients on the selection implementation and optimization of CTI platforms and tooling.
• Support the design of intelligence pipelines for collection enrichment scoring and dissemination.
• Guide integration of CTI into SOC Incident Response Vulnerability Management and cybersecurity risk management programs.
• Leverage knowledge of automation and scripting concepts to inform scalable program design.
• Understand how automation analytics and emerging AI capabilities influence modern
• CTI production and consumption models.

Advisory Support & Operational Alignment

• Serve as an advisor to security and risk teams on how to consume and operationalize intelligence.
• Provide subject matter guidance during incidents or threat investigations as needed without acting as the primary operator.
• Provide intelligence outputs that directly inform executive operational and riskbased decisions during highimpact events.
• Translate intelligence concepts into clear risk and mission impact narratives for client stakeholders.

Team Leadership & Development

• Mentor CTI analysts and junior team members on intelligence tradecraft analytic rigor and quality standards.
• Review and provide feedback on intelligence products to ensure clarity relevance and consistency.
• Support onboarding and development of CTI resources as programs grow.

Business Development & Growth Support

• Support business development and capture efforts including proposal development solution shaping and client briefings.
• Partner with account teams to identify opportunities to expand CTI services.
• Contribute to EY methodologies accelerators and thought leadership related to cyber threat intelligence and intelligence led risk management.

Skills and attributes for success

• Strong understanding of cyber threat intelligence tradecraft including MITRE ATT&CK the Intelligence Cycle and structured analytic techniques.
• Experience helping to design build or mature CTI programs.
• Knowledge of how CTI supports supply chain risk management third party risk vulnerability prioritization and incident response.
• Familiarity with Threat Intelligence Platforms (TIPs) and intelligence integration patterns.
• Strong communication skills with the ability to advise technical teams and brief senior stakeholders.
• Comfort working in a client facing consulting environment.

To qualify for the role you must have

• Bachelors degree (or equivalent experience) in Cybersecurity Computer Science Information Systems Engineering Business or a related field.
• 5 years of experience in cyber threat intelligence cybersecurity operations or risk management.
• Demonstrated experience supporting or leading CTI capability development.
• Experience with intelligence standards such as STIX/TAXII DHS TLP and ICD 203/206.
• Familiarity with NIST CSF Zero Trust concepts and federal SCRM expectations.
• One or more relevant certifications (e.g. CISSP CISM GIAC GCTI/GDAT/GMON OSCP CEH).
• Must have an active TS/SCI clearance with eligibility for a polygraph.
• Must be comfortable working in-person as needed in the greater Washington DC area (usually on-site 3 days per week).
• Willingness to travel 2030% based on client needs.

Ideally youll also have

• Prior consulting experience.
• Experience standing up CTI programs from concept through early operational maturity.
• Experience with leading CTI platforms such as: Recorded Future CrowdStrike (Falcon Intelligence / Adversary Intelligence) Mandiant Advantage Anomali ThreatConnect EclecticIQ
• Experience applying CTI to supply chain third party or ecosystem risk management.
• Background in government defense intelligence or critical infrastructure environments.

What we look for

Were looking for professionals who understand how to build intelligence capabilities that last. You bring practical experience strong judgment and the ability to help clients turn threat intelligence into meaningful risk and mission outcomeswhile supporting EYs growth and delivery objectives.