GDS Consulting Cyber Detection & Response SIEM - Senior
Taguig, PH, 1634
EY
Mit unseren vier integrierten Geschäftsbereichen — Wirtschaftsprüfung und prüfungsnahe Dienstleistungen, Steuerberatung, Unternehmensberatung und Strategy and Transactions — sowie unserem Branchenwissen unterstützen wir unsere Mandanten dabei,...At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.
The opportunity
In your role at EY, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses, and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.
Your key responsibilities
We are seeking a highly skilled and experienced Senior Cybersecurity Engineer to join our team. The ideal candidate will have a strong background in designing, building, and migrating Security Orchestration, Automation & Response (SOAR), Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Next-Generation Antivirus (NGAV), Cloud Security and Network Security Solutions. The Cybersecurity Engineer’s responsibilities include but not limited to ensuring the security and integrity of our company's data and infrastructure.
Responsibilities for success include, but not limited to:
• Planning, design, build, implementing, managing and upgrading security systems to protect data, systems and network
• Ensuring that the client data and infrastructure are protected by continuously reviewing, enabling and implementing appropriate security controls & enterprise infrastructure. Identifying use cases on existing security systems and provide recommendations to improve current state
• Conduct regular capacity planning assessments on security appliances and licenses, provide quarterly recommendations to the relevant stakeholders. Determine the hardware and software asset’s lifecycle, plan ahead the recommendation on hardware refresh before it reaches its EOL/EOS state
• Process security project communications and track with various technical teams until it reaches completion, document project steps & lessons learned and work with other technical teams on integration, deployment & enhancement projects and any other engineering tasks
• Develop and design security project plans for SIEM, NDR, XDR, NGAV, NGFW, MDM, DLP, SWG, UEBA, primarily on cloud, DevOps and application security based on zero trust framework in compliance with applicable regulatory and data privacy requirements
• Contribute to the development of the various TechOps strategies and roadmaps as required to enable realization of the business strategies and objectives
Preferred Qualifications:
• Ideal candidate must have a minimum of 6+ years of cybersecurity design, build and implementation experiences in a complex or large-scale environment or at least a minimum of two combined qualifications and/or experiences below:
• At least 3 years of hands-on experience in implementing, deploying & managing SIEM tools such as Splunk, Microsoft Sentinel, Qradar, Mcafee, Arcsight, LogRhythm, including python scripting, usage of regular expressions and natural language queries or;
• Extensive knowledge and hands-on experience in the areas of endpoint security (wintel & linux), web security, network (IDS, IPS, FW) security, data loss prevention (DLP) deployment or;
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat), vulnerability analysis, penetration testing, remediation and compliance, usage of automation tools for patch and vulnerability management or;
• Hands-on design and build experience for EDR, XDR and NGAV solutions such as Crowdstrike, Microsoft Defender, Cortex XSIAM, Carbon Black, Sophos, etc. or;
• Understanding of security principles, techniques, and technologies such as SANS Critical Security Controls, OWASP Top 10, Mitre Attack, Cyber Kill Chain, PCI-DSS, ISO 27001/02, SOC2, GDPR and other regulatory compliance frameworks, or;
• Combined hands-on experience on DevSecOps, Windows & Linux Server Administration, Network Administration, Storage & Backup, Systems Administration, Middleware, Application Administration and Endpoint Security Engineering. Network security zone administration, configurations, IDS/IPS policies, systems communications from Layer 1 to 7, packet capture and analysis log formats & analysis, ability to aggregate and parse log data for syslog, http logs, DB logs for discovery & investigation purposes or;
• Setting up SOAR for custom real-time dashboards, process automations, report generation, security orchestration, incident response automation using Phantom & Demisto, workflow modelling, playbooks development, Phantom API integrations with cloud platforms, and SOAR development, migration and administration.
• Strong domain expertise, implementation and/or integration skills in data classification, data discovery, information rights management, encryption, tokenization, data access governance and data masking technology solutions.
General Qualifications:
• Bachelor’s Degree relevant to Information Technology or Computer Science
• Can work under pressure, displays high level of ownership & accountability with very minimal supervision to execute tasks and deliverables
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, and other cybersecurity engineering-related certifications
What working at EY offers
At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.
You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
About EY
As a global leader in Assurance, Tax, Strategy & transactions and Consulting services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world. Apply now
EY | Building a better working world
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus APIs Application security ArcSight Automation Carbon Black CEH CHFI Cloud Compliance Computer Science CrowdStrike Cyber Kill Chain DevOps DevSecOps EDR Encryption Endpoint security Finance GCFA GCIH GDPR Governance IDS Incident response IPS ISO 27001 Linux LogRhythm Metasploit Nessus Network security NGFW Nmap OWASP Pentesting Privacy Python QRadar SANS Scripting Security assessment Sentinel SIEM SOAR SOC 2 Splunk Strategy Vulnerability management Windows XDR Zero Trust
Perks/benefits: Career development Startup environment
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.