TC - CS - CDR - Cyber Incident Response - SOC - Senior

At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Senior Incident Response Analyst
Job Profile Summary
To provide security monitoring and support to Client's technology platforms, network, applications, crew, and environments in response to incidents of varying severity and perform other security monitoring/incident response functions as needed.

Job Description
Duties and Responsibilities:

• Support Client Data Loss Prevention (DLP) initiatives through monitoring and investigation of email, network, and endpoint DLP alerts.
• Performs remediation actions to resolve incidents relating to violations of Client Information Security policies.
• Establishes and maintains effective service relationships with business users - keeping them informed of the status of their security requests and tickets; understanding their business needs and escalating as necessary; providing non-technical answers to security questions that come in via email or hotline; and explaining the rationale behind security policies, procedures and monitoring.
• Keeps management within the department informed by communicating progress, issues, concerns, and opportunities. Assesses and immediately notifies manager of any potential information security breach and security issues that may have a negative impact on business operations.
• Identifies opportunities to improve the quality, efficiency, and effectiveness of the team.
• Adheres to Client Information Security policies and departmental procedures, along with following industry best practices. 
• Works with other departments (within and outside of Information Security) to communicate appropriate and consistent security requirements. 
• Participates in the development of team and departmental objectives.
• Participates in special projects and performs other duties as assigned.
• Supporting the client’s team by acting as an interim team member (e.g. security officer, security manager, security analyst.)
• Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager.

Qualifications:

• Undergraduate degree in information/cyber security, an information technology-related field or equivalent combination of training, certifications, and experience.
• 4-6 years related experience.
• CompTIA Security+, ISC2 CISSP, SANS, or other similar certifications are a plus but not required.
• Knowledge of security concepts, theories, and best practices. 
• Ability to analyze and demonstrate problem resolution skills.
• Demonstrated ability to work collaboratively as well as independently, with attention to detail. 
• Demonstrated ability to be flexible and exercise good judgment.
• Demonstrated strong organization and time management skills.  
• Strong verbal, written and interpersonal communication skills. 
• Ability to deal effectively with various levels of business unit crew and management.
• Experience on Elastic SIEM, Tines SOAR and CrowdStrike EDR is good to have.

Special Factors:

• Willing to work in hybrid model (3 days in office) in rotational shift.
• Weekend availability/flexibility to work weekends is a MUST.
• Willing to support US shift (Night shift)

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.