At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
In your role at EY, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients, and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
Your key responsibilities
The Security Operations Center (SOC) Level 3 (L3) manages multiple Security technologies and produces enhancements that allow SOC team members to work collaboratively and efficiently while responding to threats. The individual in this role will work as part of a cybersecurity operations team responsible for carrying out 24×7 onsite security monitoring operations.
Skills and attributes for success
• Provide evidence, perform data collection, documentation, and structured analysis of forensic data and and present the findings to business users.
• Perform triage and conduct thorough examinations of all types of digital media within client environment
• Forensically analyze both Windows & Unix systems for evidence of compromise.
• Perform log analysis locally and via SIEM/log aggregation tool.
• Hunt threat actors in large enterprise networks and cloud environments.
• Analyze and/or decipher packet captures from network protocol analyzers (Wireshark, TCPdump, etc).
• Live response python scripting, memory collection, Volatility analysis, Kali, advanced grep knowledge. Able to do initial IR triage and staff on incident bridge calls.
To qualify for the role, you must have
• Generate Executive Summary report (high level)
• Ideal candidate will have 3+ years of security related experience in areas such Incident Response and Forensic Investigation.
• Preferably 2 years Information Security (IS) experience required Analytical mindset & aptitude to learn quickly Reliable & willing to work in a 24/7 operations center (shift work required)
• Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
• Demonstrated ability to analyze, triage and remediate security incidents
• Understanding of Security principles, techniques and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
• Knowledge of SIEM solution such as RSA Security Analytics, ArcSight, LogRhythm, QRadar, Splunk or similar
• Knowledge and Experience of XDR solution such as Cortex XDR, Crowdstike XDR/EDR, Carbon Black XDR/EDR or similar
Ideally, you’ll also have
• Bachelor Degree relevant to Information Technology
• Can work under pressure
• Related Certification: Example: CEH, Comptia A+, Sec+, ITILv3
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.