GMS-Senior-IR Analyst

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

The opportunity
In your role at EY, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Your key responsibilities
The Security Operations Center (SOC) Level 3 (L3) manages multiple Security technologies and produces enhancements that allow SOC team members to work collaboratively and efficiently while responding to threats. The individual in this role will work as part of a cybersecurity operations team responsible for carrying out 24x7 onsite security monitoring operations.

Skills and responsibilities for success

• Provide evidence, perform data collection, documentation, and structured analysis of forensic data, and present the findings to business stakeholders.
• Perform triage and conduct thorough examinations of all types of digital media within client environment.
• Forensically analyse both computer systems for evidence of compromise.
• Perform log analysis locally and via SIEM/log aggregation tool.
• Hunt threats in large enterprise networks and cloud environments.
• Analyse and/or decipher packet captures from network protocol analysers (Wireshark, Tcpdump, etc).
• Endpoint analysis, live response, memory collection and analysis
• Able to do IR triage and staff on incident bridge calls.
• File analysis and malware analysis.
• Formulate response and recovery steps for security incidents.
• Write detailed incident reports and executive summaries.

To qualify for the role, you must have

• Ideal candidate will have 5+ years of security related experience in areas such Incident Response and Forensic Investigation.
• Preferably 3 years Information Security (IS) experience required Analytical mindset & aptitude to learn quickly Reliable & willing to work in a 24/7 operations center (shift work required)
• Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation
• Demonstrated ability to analyse, triage and remediate security incidents
• Understanding of security principles, techniques, and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
• Knowledge of SIEM solution such as Splunk, RSA Security Analytics, ArcSight, LogRhythm, QRadar, or similar
• Knowledge and experience using EDR/XDR solution such as Cortex XSIAM, Crowdstrike, Carbon Black or similar

Ideally, you’ll also have

• Bachelor’s Degree relevant to Information Technology
• Can work under pressure 
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, etc

What working at EY offers

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.