GMS-TDR Quality Auditor-Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Cyber Managed Service -Senior– TDR/SOC Quality Auditor

TDR/SOC (Security Operations Center) Quality Auditor is responsible for ensuring that the SOC's processes, procedures, and operations meet established quality standards and best practices. This role involves conducting regular audits, assessments, and reviews to maintain high levels of performance and compliance within the SOC

Job Summary: The TDR/SOC Quality Auditor is tasked with evaluating the effectiveness and efficiency of the SOC's operations. The auditor ensures that the SOC adheres to internal policies, industry standards, and regulatory requirements. They play a critical role in identifying areas for improvement and recommending enhancements to optimize SOC performance.

Key Responsibilities:

• Audit and Assessment:
  • Conduct regular audits of SOC processes, including incident response, threat intelligence, and monitoring activities.
  • Evaluate the adherence to SOC procedures and protocols, ensuring they align with best practices and compliance requirements.
  • Assess the quality of security alerts, investigations, and response actions to ensure accuracy and timeliness.
• Reporting and Documentation:
  • Document audit findings and prepare detailed reports outlining areas of non-compliance, inefficiencies, and risks.
  • Present audit results to SOC management and provide actionable recommendations for improvement.
• Compliance and Standards:
  • Stay up to date with industry standards, regulatory requirements, and best practices related to cybersecurity operations.
  • Assist in the development and revision of SOC policies and procedures to ensure ongoing compliance.
• Quality Improvement:
  • Work with SOC management/client and teams to implement quality improvement initiatives based on audit findings.
  • Monitor the effectiveness of corrective actions and continuous improvement efforts.
• Training and Awareness:
  • Provide training and guidance to SOC personnel on quality standards, audit processes, and best practices.
  • Promote a culture of quality and continuous improvement within the SOC.
• Collaboration and Communication:
  • Collaborate with other departments, such as IT, compliance, and risk management, to align SOC quality efforts with organizational objectives.
  • Facilitate communication between SOC teams and stakeholders regarding quality issues and initiatives.

Qualifications:

• Bachelor's degree in Cybersecurity, Information Technology, or a related field.
• Relevant certifications (e.g., CISA, CISSP, ISO 27001 Lead Auditor) are highly desirable.
• Proven experience in auditing, quality assurance, or a similar role within a SOC or cybersecurity environment.
• Knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIST, ISO 27001, GDPR).
• Strong analytical and problem-solving skills.
• Excellent communication and interpersonal skills, with the ability to present complex information clearly and concisely.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.