TC - CS - CDR - Cyber Incident Response - SOC - Staff

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job Description: Tier 2 Analyst
 

Position Overview:

The Tier 2 Analyst plays a vital role in the cybersecurity team, responsible for monitoring, detecting, and responding to security incidents. The position involves analyzing alerts, escalating incidents as necessary, and working closely with Tier 3 analysts and other cybersecurity professionals to ensure effective incident response and remediation. The Tier 2 Analyst is also responsible for maintaining and improving the organization's security posture through continuous monitoring and analysis.

Key Responsibilities:

• Security Monitoring and Alert Analysis:
  • Monitor security alerts and events from various sources, including SIEM systems, IDS/IPS, and other security technologies.
  • Analyze alerts to determine their severity and potential impact on the organization.
• Incident Triage and Escalation:
  • Perform initial incident triage, including assessing the scope and potential impact of security incidents.
  • Escalate incidents to Tier 3 analysts or appropriate resource teams for further investigation and response, as necessary.
• Incident Response and Containment:
  • Assist in the containment of security incidents by implementing pre-approved actions or recommended measures.
  • Work with the SOC team to execute response actions on managed hosts within the scope of permissions and access rights.
• Communication and Coordination:
  • Communicate incident details and recommended actions to the cyber defense team and other stakeholders.
  • Participate in cyber defense calls to provide updates on incident status and ongoing response efforts.
• Documentation and Reporting:
  • Maintain accurate and detailed documentation of all incidents, including actions taken and lessons learned.
  • Prepare reports for stakeholders, summarizing incident findings and response actions.
• Peer Review and Continuous Improvement:
  • Conduct peer reviews of incident handling and analysis performed by other Tier 2 analysts.
  • Identify trends and areas for improvement in incident response processes and capabilities.
• Threat Intelligence and Analysis:
  • Utilize threat intelligence feeds and other resources to stay informed about emerging threats and vulnerabilities.
  • Incorporate threat intelligence into the analysis and response process to improve detection and mitigation strategies.
• Security Tool Management and Optimization:
  • Assist in the configuration, tuning, and optimization of security tools and technologies.
  • Provide feedback on the effectiveness of security controls and suggest improvements.

Qualifications:

• 2-3 years related experience in cybersecurity operations, particularly in a SOC or similar environment.
• Strong knowledge of cybersecurity principles, including incident response, threat detection, and risk management.
• Proficiency in using security monitoring tools, such as Sentinel SIEM systems, IDS/IPS, EDR – Microsoft Defender, XSOAR – SOAR solutions.
• Excellent analytical and problem-solving skills.
• Strong communication and teamwork skills, with the ability to collaborate effectively with cross-functional teams.
• Basic understanding of network and infrastructure security.
• Familiarity with regulatory and compliance requirements related to cybersecurity.
• Additional Information: The Tier 2 Analyst is a crucial component of the organization's cybersecurity defense. This role requires a proactive approach to identifying and mitigating security threats, as well as a commitment to continuous learning and improvement. The Analyst must be able to work effectively under pressure and be prepared to respond swiftly to a variety of security incidents, ensuring the organization's digital assets and information remain secure.

Special Factors:

• Willing to work from ODC as and when required in rotational shift.
• Weekend availability/flexibility to work weekends is a MUST.
• Willing to support US shift (Night shift)

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.