MSS Resident Engineer, Cybersecurity, Technology Consulting

At EY, we develop you with future-focused skills and equip you with world-class experiences. We empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams.

We work together across our full spectrum of services and skills powered by technology and AI, so that business, people and the planet can thrive together. 

We’re all in, are you?

Join EY and shape your future with confidence.

Background

We are providing Managed Security Services (MSS), providing 24x7 threat detection and response services to our key clients. Typically there are two key functions within MSS construct i.e., security engineering and security operation.

Security engineering cover the technical and process setup on how the threat are detected via detection rules/logic and SIEM platform. It also cover the onboarding of required log data and deployment of detection sensors.

Security Operation covers end-to-end process starting when the threats are detected (i.e. alert generated) in the security monitoring platform, analysed and triaged, filtered, and selectively escalated to stakeholders for validation of true positives. It ends where either the alerts are closed as false positives, or when incident response process are kicked in.

The role expected is a Resident Engineer role, where it requires some expertise of security engineering and some expertise on security operations, through primarily it resolve around managing stakeholders and follow-up actions on the proper closure of alerts and incidents escalated.

Key Responsibilities:

• Serve as the primary communication liaison with SOC analysts to handle escalated alerts from the SIEM platform efficiently and effectively
• Serve as the primary communication liaison with systems’ stakeholders to follow up response actions for escalated alerts
• Facilitate effective communication and follow-up with various systems’ stakeholders to ensure timely resolution of security incidents.
• Ensure proper closure of escalations and document response actions taken.
• Perform alert triaging when necessary, especially in high-pressure situations.
• Review and analyze telemetry data to identify trends, anomalies, and areas for improvement.
• Collaborate with the team to implement enhancements based on telemetry insights.
• Contribute to the development and refinement of alert triaging processes and procedures.
• Stay updated on industry best practices and emerging threats to enhance operational effectiveness.
• Work closely with other security teams to ensure a cohesive approach to threat detection and response.
• Participate in incident response activities as needed.

Skills and attributes for success 

• Communication Skills: Excellent verbal and written communication skills to effectively liaise with stakeholders and team members.
• Problem-Solving Ability: Proficient in assessing situations quickly and developing effective solutions under pressure.
• Technical Proficiency: Solid understanding of SIEM platforms, security operations, and threat detection methodologies.
• Team Player: Collaborative mindset with the ability to work effectively within a team environment.
• Adaptability: Comfortable working in a fast-paced, dynamic environment and able to adjust to changing priorities.
• Continuous Learner: Eagerness to stay updated on the latest security trends, threats, and technologies.
• Leadership Qualities: Ability to guide and mentor junior team members in best practices for alert triaging and incident response.
• Resilience: Capable of maintaining composure and focus during high-stress situations and incidents.

To qualify for the role, you must have

• A recognized university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent, together with at least three years of relevant experience. 
• 3-5 years of experience in security analyst or security operation role, hand-on experience in SIEM/Splunk platform
• Strong interest in the field of information security 
• Creative, independent with good problem-solving skills 

• Excellent communicator with strong analytical, interpersonal and writing skills 

What we look for

Highly motivated individuals with excellent problem-solving skills and the ability to prioritize shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organization.

What working at EY offers

EY offers a competitive remuneration package where you’ll be rewarded for your individual and team performance. We are committed to being an inclusive employer and are happy to consider flexible working arrangements. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Company description

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.

Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.

EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

All in to shape the future with confidence.