Information Security Operations Engineer - EY Global Delivery Services
Job description
Information Security Operations Engineer
EY Technology
Today’s world is fuelled by vast amounts of information, which means data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team help protect the EY brand and build client trust.
Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting, and enabling the business through innovative, secure solutions that provide speed to market and business value.
The opportunity
The Vulnerability Management and Compliance Support Engineer will be responsible for ensuring the stable run state of Information Security technologies. They will provide operational and Level 3 support for these technologies. The job duties include daily management of incidents, maintaining and supporting the systems, and conducting proactive analysis to prevent future issues. The technologies in question can be located either in-house or with vendors and in cloud environments. The Support Engineer will be responsible for planning and coordinating upgrades, standardizing processes, and automating procedures for Information Security technologies. The job requires an understanding of ITIL service management practices and managing the implementation of changes, releases, and upgrades to different environments. The Engineer will also be required to be on call and work during weekends and off-hours to support the normal functioning of the systems.
Key Responsibilities
- Troubleshoot, diagnose, and analyze incidents related to Information Vulnerability Management and Compliance technologies.
- Identify the root cause of incidents, whether it be configuration or a defect.
- Work with various technical teams to develop corrective actions or workarounds to resolve incidents.
- Plan, coordinate, and install Information Security technologies in different environments, as well as upgrade and fix them.
- Address operating system and application vulnerabilities.
- Respond to automated alerts on system health using sound analytical and troubleshooting methods.
- Conduct routine maintenance and monitoring of security technologies and report on their status.
- Ensure that incidents are resolved in a timely and efficient manner and that steps are taken to prevent future problems.
- Communicate operational support issues to executives and senior management.
- Upgrade security applications to the latest versions, which involves testing, validation, compatibility, and addressing security vulnerabilities.
- Recommend and implement improvements to system performance and uptime for security applications and products.
- Document procedures for responding to alerts and drive the creation of automated restoration steps.
- Develop implementation plans for complex change requests, evaluating risks to system availability, business dependencies, and security event visibility.
- Drive automation of redundant activities to improve support efficiency and demonstrate familiarity with scripting languages like PowerShell, Python, or Shell scripts.
- Serve as technology advocate, promoting the correct support of various technology layers such as operating systems, databases, and networking.
Skills and Attributes for Success
We are interested in people who bring in security experience from having implemented and supported solutions in a large enterprise environment. As a successful candidate you will have functional and technical experience in implementing both Cloud and On-Premises security compliance and vulnerability management technologies.
- Proficiency in supporting complex security solutions and services within a large enterprise environment, including a foundational understanding of the .NET ecosystem and applications, which is hosted on Internet Information Services (IIS).
- Technical proficiency in implementing and managing solutions that are both in Cloud-based and On-Premises, with a focus on the integration and support of .NET-based applications, as well as familiarity with microservices, APIs, and related infrastructure.
- Project management experience, with the ability to track timelines and execute tasks within project deadlines, including those involving the deployment, configuration, and enhancement of .NET-based applications and services.
- Capability to enhance application performance and stability, including the implementation of enhanced monitoring and automation strategies
- Strong problem-solving and analytical skills, with the ability to troubleshoot complex issues across the .NET framework, IIS, and associated components such as microservices and APIs.
- Knowledge of ITIL practices to ensure compliance in Incident, Problem, and Change processes, with a particular emphasis on the unique requirements of maintaining and supporting .NET-based applications
- Excellent problem-solving skills, with the ability to identify and resolve complex data and infrastructure issues within the .NET ecosystem
- Strong communication and collaboration skills, with the ability to effectively convey technical concepts and requirements to both technical and non-technical stakeholders
- Detail-oriented and organized, with a commitment to maintaining the integrity, security, and performance of an applications within a complex enterprise infrastructure.
To qualify for the role, you must have
- A Bachelor's degree in Computer Science or a related field, or equivalent work experience
- At least 5 to 7 years of experience in Information Technology in a large, complex global IT environment
- Experience in managing a 24x7 support organization, overseeing projects and products
- Flexibility to allocate additional time outside of regular working hours to support pressing issues or maintenance windows and to accommodate team members in different time zones, including weekends
- Proficiency in Azure, Google, and/or AWS Cloud services, as well as hybrid and on-premises security solutions including Linux and Windows Operating Systems
- Ability to write custom scripting tools using Python, Ansible, PowerShell, etc., work with APIs
- Strong documentation skills to accurately and clearly outline processes, procedures, and security designs for internal teams and customers
- Demonstrated experience in managing external vendors and suppliers
Ideally, you’ll also have
- ITIL v4 Foundation Certification
- Involvement in large-scale global IT deployments or cloud migrations
- Microsoft Solutions Engineer (MCSE), Red Hat Certified Engineer (RHCE), or other relevant certifications
- At least one technical certification from a public cloud provider such as Azure, AWS, or Google, and security certifications from ISC2 (CISM, CISSP, CCSP, etc.) or SANS/GIAC (GSEC, GCLD, GPCS, etc.).
What we offer
As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial, and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:
- Continuous learning: You will develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way.
- Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs.
We ensure that individuals with disabilities are provided reasonable accommodations to participate in the job application or interview process, to perform essential job functions and to receive other benefits and privileges of employment. Please contact us to request accommodations.
EY is committed to being an inclusive employer, and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.