Gcr - Dmo Emeia Advanced Analyst jobs at Ey in India, Thiruvananthapuram

The Senior Security Analyst in Cyber Defense CTF (Cyber Triage and Forensics) plays a

• You will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations.
• Engage in proactive threat hunting and provide expert security assessments, utilizing EDR, SIEM, and other tools to understand and counteract the cybercrime landscape
• Communicate with IT stakeholders during incident response activities, ensuring effective containment, remediation, and accurate identification of compromise indicators
• Report on incident metrics, analyse findings, and develop reports to ensure comprehensive resolution and understanding of security events
• Act as an escalation point for incident response, shiftlead, mentor junior team members, and contribute to team skill enhancement
• Analyse security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture
• Maintain and improve security incident processes, protocols, and standard operating procedures to reflect best practices in security incident response

• Proficient in Cyber investigationincluding evidence management in line with best practices and using advanced tools for threat detection and incident management including advanced querying with KQL

• Proficient in analyzing varied data sets, identifying malware, and conducting comprehensive security event analysis from network traffic attributes and host-based attributes to detect information security incidents and latent threats.

• Proficient in conducting detailed forensic investigations across various operating systems, with a keen eye for obfuscation and the ability to clearly communicate findings
• In-depth understanding of Active Directory security, with strong scripting abilities to automate response measures and improve operational effectiveness

• Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT)
• At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and Security Operations.
• Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations
• Demonstrated experience in investigating security events, threats, and vulnerabilities
• Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis
• In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response

• Desired certifications such as SSCP, CEH, GCIH, GCFA, GCIA, GSEC, GIAC, Security+.
• Experience with security incident response in cloud environments, including Azure.
• Knowledge of legal considerations in electronic discovery and analysis
• Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python)
• Solid understanding of security best practices for network architecture and server configuration

• Demonstrates integrity in a professional environment
• Strong ethical behavior
• Ability to work independently
• Possesses a global mindset for working with diverse cultures and backgrounds
• Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle
• Positive attitude and Excellent teaming skills
• Excellent social, communication, and writing skills
• Good presentation skills
• Excellent investigative, analytical, and problem-solving skills

• Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues
• Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance

• Should be willing to work in shifts

What we offer

• Continuous learning:You will develop the mindset and skills to navigate whatever comes next.
• Success as defined by you:We will provide the tools and flexibility, so you can make a significant impact, your way.
• Transformative leadership:We will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture:You will be accepted for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Your key responsibilities

You will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. The CTF Senior Security Analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint.

The CTF Senior Security Analyst must be competent to work at a technical level, be capable of identifying threats and vectors that cause security events and be able to follow defined procedures for mitigating said threats.

The position requires the candidate have some knowledge of how malware behaves and other related cyber threats and implementing and maintaining security and analysis solutions for large enterprises, with knowledge on large scale threat analysis of event data from commercial and open-source infrastructure technology platforms

• Respond to network and host-based security events
• Participate in detecting, investigating, and resolving security events
• Capable of working independently while supporting CTF Junior Security Analyst as necessary
• Identify and propose areas for improvement within the Cyber Triage and Forensics
• Provide documentation and project support
• Act as second and/or third-tier support for the CTF Junior Security Analyst
• Act as a peer group leader to help train support staff
• Serve as an escalation point for difficult problems and complex inquiries
• Server as shift lead when necessary
• Conduct detailed security event analysis from network traffic attributes and host-based attributes (binary analysis, etc) to identify information security incidents
• Provide feedback on security control capability gaps based off security intrusion trends
• Develop and maintain analytical procedures to improve security incident identification efficiency
• Demonstrate ability to drive process improvements and identify gaps

• Information Security Principles, Technologies, and Practices
• Demonstrable experience with multiple security event detection platforms
• Thorough understanding of TCP/IP, Network Security, encryption standards etc.
• Understand basic IDS / IPS rules to identify and/or prevent malicious activity
• Demonstrated integrity in a professional environment
• Good social, communication and technical writing skills
• Comfortable navigating and troubleshooting Linux and Windows system issues
• Ability to participate in detecting, investigating, and resolving security events
• Capable of working independently
• Identify and propose areas for improvement within the Cyber Triage and Forensics

Bachelors in computer science, Information Systems, Information Security or 3-4 years of related work experience.

Experience:

• Minimum of 3 years of experience in one or more of the following:
• Working in a Security Monitoring/Security Operations Center environment (SOC)
• Experience investigating security events, threats and/or vulnerabilities
• Understanding of electronic investigation and log correlation proficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
• Scripting or programming (Shell scripting, Python, PowerShell, Perl, Java, etc.)
• Conduct detailed security event analysis from network traffic attributes and host-based attributes (memory analysis, binary analysis, etc) to identify information security incidents

Qualifications, certifications and Education requirements:

• Under Graduate/Post Graduate Degree in Computer Science or Engineering or related domain (MCA/MTech/BTech/BCA /BSc CS or BSc IT).

Desired Certifications:

• Desired Certifications - SSCP, CEH, GCIH, GCFA, GCIA, GSEC, GIAC, Security+

• Good demeanour.
• Willingness to work a flexible shifts with schedules that includes nights, weekends and holidays; shifts can changed based on business needs.
• Demonstrated integrity in a professional environment
• Willingness to learn new technologies.

Under limited supervision the CTF (Cyber Triage and Forensics) Senior Security Analyst will report to the designated CTF Shift Lead. The CTF Senior Security Analyst will perform tasks including monitoring, research, Classification and analysis of security events that occur on the network or endpoint. The CTF Senior Security Analyst should have familiarity with the principles of network and endpoint security, current threat and attack trends, a good understanding of the OSI model, and have a working knowledge of Defense in depth strategies.

As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:

• Continuous learning: You will develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way.
• Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs.

Key Responsibilities:

• Monitor and analyze threat intelligence using tools such as ZeroFox, Recorded Future, Digital Shadows, or similar platforms.
• Write comprehensive and technical cybersecurity reports with strong attention to detail.
• Utilize OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search for threat intelligence gathering.
• Develop, sustain, and enrich custom threat intelligence feeds using platforms like MISP, with scripting in Python, Azure, and Linux.
• Manage threat intelligence feeds using platforms such as Anomali, ThreatQ, Cyble, Cyware, OpenCTI, and MISP.
• Integrate threat intelligence feeds into common SIEMs, particularly Microsoft Sentinel.
• Execute domain and social media account takedowns as necessary.
• Create custom, in-depth reports specific to client requirements.
• Apply knowledge of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain in threat analysis.
• Utilize Excel and/or Power BI for data visualization and graph creation.
• Experience with excel data cleansing, VLookups, Pivot Tables
• Prepare and deliver PowerPoint presentations and reports to stakeholders.
• Maintain strong verbal and written communication skills in English.
• Work independently under pressure and prioritize tasks effectively.
• Be available for on-call duties for high-priority urgent tasks.
• Collaborate with Managed Security Service Providers (MSSPs) for backend and client-facing work.

Qualifications:

• Minimum of 2 years of experience with threat intelligence monitoring tools.
• At least 1 year of experience in threat intelligence report writing.
• Proficiency with OSINT, IOC lookup and validation, Domain Registrar lookups, VirusTotal, and Dark Web search.
• Experience with scripting in Python, Azure, and Linux.
• Familiarity with one or more threat intelligence platforms for feed management.
• Experience integrating threat intelligence feeds into SIEMs, especially Microsoft Sentinel.
• Proven experience with domain and social media account takedowns.
• Strong understanding of MITRE ATT&CK, D3F3ND frameworks, and the Cyber Kill Chain.
• Excellent English writing skills.
• Proficiency in Excel and/or Power BI for data visualization.
• Strong experience with PowerPoint presentations and reporting.
• Strong verbal English and presentation skills.
• Cybersecurity certifications (e.g., COMPTIA, SANS GIAC, ISC, EC-Council) are a plus.
• Certifications specific to cyber threat intelligence are an asset.
• Ability to work in the EST timezone (evening shift for overlap with onshore/client team ).
• Strong analytical skills and ability to prioritize tasks effectively.
• Experience working with MSSPs for backend and client-facing work.

Preferred Skills:

• Experience with additional threat intelligence platforms.
• Advanced technical writing and reporting skills.
• Strong analytical and problem-solving abilities.
• Ability to work independently and as part of a team.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

CMS-TDR Staff

We’re looking for Security Analyst with experience in SIEM, EDR and NSM solutions.

Your key responsibilities

• Operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers.
• First level of monitoring and triaging of security alerts
• Initial data gathering and investigation using SIEM, EDR, NSM solutions.
• Provide near real-time analysis, investigation and, reporting security incidents for customer

Skills and attributes for success

• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
• Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view
• Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus
• Good knowledge and experience in Security Monitoring
• Good knowledge and experience in Cyber Incident Response
• Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop
• Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP etc.

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in 24x7 shifts
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Hands-on experience in SIEM, EDR and NSM solution
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language.
• Certification - CEH, ECSA, ECIH, Splunk Power User

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Supervising Security Analyst - Cyber Triage and Forensics

• Today’s world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and everyone in EY Information Security has a critical role to play. Join a global team of almost 950 people who collaborate to support the business of EY by protecting EY and client information assets! Our Information Security professionals enable EY to work securely and deliver secure products and services, as well as detect and quickly respond to security events as they happen. Together, the efforts of our dedicated team helps protect the EY brand and build client trust.
• Within Information Security we blend risk strategy, digital identity, cyber defense, application security and technology solutions as we consider the entire security lifecycle. You will join a team of hardworking, security-focused individuals dedicated to supporting, protecting and enabling the business through innovative, secure solutions that provide speed to market and business value.

The Senior Security Analyst in Cyber Defense CTF (Cyber Triage and Forensics) plays a

Essential Functions of the Job :

• Perform forensic and malware analysis to detect, investigate, and resolve security incidents, including artifact classification and payload extraction
• Engage in proactive threat hunting and provide expert security assessments, utilizing EDR, SIEM, and other tools to understand and counteract the cybercrime landscape
• Communicate with IT stakeholders during incident response activities, ensuring effective containment, remediation, and accurate identification of compromise indicators
• Report on incident metrics, analyse findings, and develop reports to ensure comprehensive resolution and understanding of security events
• Act as an escalation point for incident response, shift lead, mentor junior team members, and contribute to team skill enhancement
• Analyse security events, provide feedback on security controls, and drive process improvements to strengthen the organization's security posture
• Maintain and improve security incident processes, protocols, and standard operating procedures to reflect best practices in security incident response
  

Skills and attributes for success

• Proficient in digital forensics, including evidence management in line with best practices and using advanced tools for threat detection and incident management including advanced querying with KQL
• Skilled in analyzing diverse data, identifying malware, and employing reverse engineering to reveal hidden threats
• Proficient in conducting detailed forensic investigations across various operating systems, with a keen eye for obfuscation and the ability to clearly communicate findings
• In-depth understanding of Active Directory security, with strong scripting abilities to automate response measures and improve operational effectiveness
  

To qualify for the role, you must have

• Undergraduate or Postgraduate Degree in Computer Science, Engineering, or a related field (MCA/MTech/BTech/BCA/BSc CS or BSc IT)
• At least 7 years of overall experience with a minimum of 5 years specialized in incident response, computer forensics, and malware reverse engineering
• Proficiency in operating within a Security Monitoring/Security Operations Center (SOC) environment, including experience with CSIRT and CERT operations
• Demonstrated experience in investigating security events, threats, and vulnerabilities
• Strong understanding of electronic investigation and forensic methodologies, including log correlation, electronic data handling, investigative processes, and malware analysis
• In-depth knowledge of Windows and Unix/Linux operating systems, and experience with EDR solutions for threat detection and response
  

Ideally, you’ll also

• Possession of or willingness to obtain professional certifications like GREM, GCFE, GCFA, or GCIH
• Experience with security incident response in cloud environments, including Azure.
• Knowledge of legal considerations in electronic discovery and analysis
• Proficiency in scripting or programming (e.g., Shell scripting, PowerShell, C, C#, Python)
• Solid understanding of security best practices for network architecture and server configuration
  

What we look for

• Demonstrates integrity in a professional environment
• Strong ethical behavior
• Ability to work independently
• Possesses a global mindset for working with diverse cultures and backgrounds
• Knowledgeable in industry-standard security incident response processes, procedures, and lifecycle
• Positive attitude and Excellent teaming skills
• Excellent social, communication, and writing skills
• Good presentation skills
• Excellent investigative, analytical, and problem-solving skills
• Supervising Responsibilities:
• Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues
• Provide mentoring and training to other team members as required, supporting their development and ensuring consistent team performance
  

Other Requirements:

• Should be willing to work in shifts

What we offer

As part of this role, you will work in a highly coordinated, globally diverse team with the opportunity and tools to grow, develop and drive your career forward. Here, you can combine global opportunity with flexible working. The EY benefits package goes above and beyond too, focusing on your physical, emotional, financial and social well-being. Your recruiter can talk to you about the benefits available in your country. Here’s a snapshot of what we offer:

• Continuous learning: You will develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We will provide the tools and flexibility, so you can make a significant impact, your way.
• Transformative leadership: We will give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You will be accepted for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

EMS Staff

Engagement Management Service is an integrated suite of Tax and Accounting services that EY provides to our multinational clients. GCR offers the ease of managing compliance & regulatory filings by:

• Taking care of the complexity of regulatory affairs across multiple jurisdictions
• Centrally managing the global compliance and reporting activities
• Controlling the cost of managing compliance across various countries

Your key responsibilities

• Work closely with a Senior to provide engagement management support for client (s)
• Support client facing teams in Americas, EMEIA and Asiapac in providing timely and accurate information of the engagement to the client headquarters
• Monitor and control activities leading up to fulfilment of compliance and regulatory obligations of the clients by GCR professionals across countries
• Monitor engagement status, issues and potential risks that can impact engagement
• Provide situational analysis and solutions for mitigating issues & risks in an engagement Coordination & Control
• Work with teams across the globe to understand the status of the filings for client(s)
• Understand processes and dependencies in meeting obligations of the filings in countries
• Effectively liaise with EY professionals preparing the fillings in countries & client facing teams Administration:
• Understand the functioning of the engagement tools involved in global service delivery
• Ensure engagement management tools are maintained real time for client headquarters to access and understand their tax and accounts filling status across the globe
• Modify tools to reflect status of the engagement real time by working with the local country teams Reporting
• Provide engagement status on a periodic basis highlighting risks and issues and achievements
• Understand queries from client facing teams and work with local EY professionals for solutions

To qualify for the role you must have

• 0 to 2 years of total work experience
• Bachelors or Master’s degree, preferably Commerce or Business management
• Experience in working in a multi-cultural and team environment You will need to:
• Have effective communication skills - both written and oral.
• Demonstrate strong organizational skills and structured thinking abilities
• Demonstrate strong interpersonal and analytical skills
• Demonstrate an eye for detail
• Be flexible and willing to adjust responsibilities to align with developing business needs
• Be proficient in Word/PowerPoint/Excel - working knowledge of MS office

What we offer

• Continuous learning : You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you : We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership : We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture : You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Managing global workforce in today’s fast changing and highly disrupted environment is becoming increasingly complex. As member of our PC practice, you’ll be part of a team that support clients in aligning their HR function with the Organizational plans while keeping employee experience as one of the core considerations. When you join us, you will gain cross functional, multi industry and a truly global work experience to take your career in the right direction.

Your key responsibilities:

• Support client projects leveraging deep knowledge and understanding of Time Management, Attendance, Leave Management, Labour Scheduling and other components of Workforce management processes and systems
• Work on client projects as part of a global distributed team. Ensure quality of all work outputs, timeliness and accuracy of content.
• Be recognized as a subject matter expert in one or more areas in the Workforce management domain.
• Participate in full life cycle activities (Discovery, Design, Configuration, Build, Testing, Knowledge Transfer, Migration and Postproduction Support)
• Support development of thought leadership, collateral, tools, techniques and methodologies to build and enhance Workforce management service offerings within the practice
• Management and support EY initiatives within the practice
• Drive effective client communication, cadence and build relations with client and project team counterparts across global locations. Ensure to obtain excellent feedback from the client and global project counterparts

Skills and attributes for success:

• High integrity and commitment to work in a new and challenging environment
• Ability to manage ambiguity and be proactive
• Strong communication and presentation skills
• Cross cultural awareness and sensitivity
• High energy levels, agility and adaptability
• Open to travel nationally and internationally for client projects that are approved as per EY and country specific travel advisory guidelines.

To qualify for the role, you must have

• 6 - 9 years of relevant experience
• Minimum 2 years of experience in Workforce management (Time management, attendance, scheduling, etc.) and Payroll consulting
• Master’s degree in HR or similar full time MBA/EMBA
• Post graduate degree or equivalent with a specialization in Human Resources
• Experience of working in a consulting environment on global client projects

Ideally, you’ll also have

• Demonstrated technical proficiencies in payroll; a practical/business driven approach to solving complex global Work Force Management client challenges
• Strong technical knowledge and experience of end to end Work Force Management process
• Analytical abilities and knowledge of Excel, Word and PowerPoint
• Expertise in process mapping and documentation using Visio and other tools
• Expertise in creating SOP, process documentation and work instructions
• Certification in Work Force Management
• Ability to undertake Work Force Management process review and improvement activities including the identification of process efficiencies and control effectiveness.
• Exposure to work force transformation programs enabled by technology. Led or been part of a work stream in multi work stream transformation program
• Involved in policy review, current Work Force Management assessments, vendor selections, designing payroll processes and strategies at global level, global payroll implementation support
• Hands on experience in payroll automation projects and RPA
• Experience and working knowledge of one or more global payroll platforms such as ADP (Global View, WorkForce Now), SAP, Workday, Oracle/PeopleSoft products

What we look for

Technical experts with commercial acumen, relevant experiences and high degree of enthusiasm to adapt and learn in a fast-moving environment

Professionals who are willing to work in an environment of continual professional development, drive to take on new responsibilities and projects and work experiences with clients across geographies

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.