דרושים Vulnerability Mgt Research Analyst ב-Ey ב-ארהב

Your key responsibilities

• Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified
• Forensically analyze end user systems and servers found to have possible indicators of compromise
• Analysis of artifacts collected during a security incident/forensic analysis
• Identify security incidents through ‘Hunting’ operations within a SIEM, EDR and other relevant tools
• Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including obtaining access to systems, digital artifact collection, and containment and/or remediation actions
• Provide consultation and assessment on perceived security threats
• Maintain, manage, improve and update security incident process and protocol documentation
• Regularly provide reporting and metrics on case work
• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact based reports
• Be on-call to deliver global incident response

Skills and attributes for success

• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Proven integrity and judgment within a professional environment
• Ability to appropriately balance work/personal priorities
• Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
• 7+ years experience in incident response, computer forensics analysis and/or malware reverse engineering
• Understanding of security threats, vulnerabilities, and incident response
• Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
• Be familiar with legalities surrounding electronic discovery and analysis
• Experience with EDR and SIEM technologies (i.e. Splunk)
• Deep understanding of both Windows and Unix/Linux based operating systems

Ideally, you’ll also have

• Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GREM
• Background in security incident response in Cloud-based environments, such as Azure
• Programming skills in PowerShell, Python and/or C/C++
• Understanding of the best security practices for network architecture and server configuration

What we look for

• Demonstrated integrity in a professional environment
• Ability to work independently
• Have a global mind-set for working with different cultures and backgrounds
• Knowledgeable in business industry standard security incident response process, procedures, and life cycle
• Positive attitude and Excellent teaming skills
• Excellent social, communication, and writing skills
• Good presentation skills
• Excellent investigative, analytical, and problem-solving skills

Your Key Responsibilities

• Effectively lead and motivate service delivery center team who support technology consulting engagements and provide technical leadership with the SRC&R service operations and delivery
• Provide guidance and direction to the on-site GPS SRC&R consultants in identifying process improvements, including junior staff members, enhancing existing SRC&R solutions and operating SRC&R processes as required
• Additional responsibilities include support in the following areas:
  • Assess cybersecurity controls, programs and strategies using our proprietary framework and industry frameworks
  • Operate SRC&R solutions based upon engagement defined policies and procedures
  • Cybersecurity measurements and monitoring development and operations
  • Cybersecurity strategy and roadmap development
  • NIST Risk Management Framework and Assessment and Authorization enhancement, operations and governance
  • Cybersecurity focused Supply Chain Risk Management and/or Third-Party Risk management operations, assessment and enablement
  • Cybersecurity process design and re-engineering
• Drive high-quality work products within expected timeframes.
• Monitor progress and manage risk while ensuring stakeholders are kept informed about progress and expected outcomes
• Use knowledge of industry trends to identify engagement and client service issues and communicate this information to the on-site engagement team through written correspondence and verbal presentations.
• Stay informed of current Cybersecurity industry trends relevant to the services being delivered

Skills and attributes for Success

• Working knowledge of security frameworks and standards such as ISO 27001/2, PCI DSS, NIST 800-53, NIST CSF and the cybersecurity laws and regulations such as FISMA
• Ability to produce high-quality work products within expected timeframes
• Leadership experience

To qualify for the role you must have

• Bachelor's degree in a related field
• A minimum of 5 years of related work experience
• Must be able to obtain and maintain a Secret-level clearance or higher
• Experience in one or more of the following areas:
  • Cybersecurity assessments
  • IT and cybersecurity policies, standards, procedures and controls
  • Cybersecurity strategies and roadmaps
  • Cybersecurity awareness and training
  • Cybersecurity metrics and reporting
  • Cybersecurity organization design and implementation
  • Cybersecurity and risk management solution design and implementation (e.g. SNOW IRM, Archer GRC, RiskLens, Azure Security Center, etc.)
  • Federal RMF solution operations (e.g eMass CSAM, Xacta, etc.)
  • Cybersecurity and IT architecture experience (e.g. cloud security architect, security architect)
  • Flexibility to travel up to 20%

CISSP, CISM, CISA, CIPT, CIPM, CIPP CRISC or other relevant certification

• Prior experience in a service delivery center or similar environment

Your key responsibilities

• Investigate, coordinate, bring to resolution, and report on security incidents as they are brought up or identified
• Forensically analyze end user systems and servers found to have possible indicators of compromise
• Analysis of artifacts collected during a security incident/forensic analysis
• Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
• Interface and connect with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
• Provide consultation and assessment on perceived security threats
• Maintain, manage, improve and update security incident process and protocol documentation
• Regularly provide reporting and metrics on case work
• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact based reports
• Be on-call to deliver global incident response

Skills and attributes for success

• Resolution of security incidents by identifying root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Proven integrity and judgment within a professional environment
• Ability to appropriately balance work/personal priorities

To qualify for the role you must have

• Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
• 5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering;
• Understanding of security threats, vulnerabilities, and incident response;
• Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis;
• Be familiar with legalities surrounding electronic discovery and analysis;
• Experience with SIEM technologies (i.e. Splunk);
• Deep understanding of both Windows and Unix/Linux based operating systems;

Ideally, you’ll also have

• Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH
• Background in security incident response in Cloud-based environments, such as Azure
• Programming skills in PowerShell, Python and/or C/C++
• Understanding of the best security practices for network architecture and server configuration

What we look for

• Demonstrated integrity in a professional environment
• Ability to work independently
• Have a global mind-set for working with different cultures and backgrounds
• Knowledgeable in business industry standard security incident response process, procedures, and life cycle
• Excellent teaming skills
• Excellent social, communication, and writing skills

Skills and attributes for success

• Excellent analytical and problem-solving skills
• Effective communication skills, with the ability to articulate technical information to various audiences
• A proactive and results-driven individual with a strong sense of ownership
• Keen attention to detail and a commitment to delivering high-quality work
• Ability to work independently as well as part of a collaborative team
• Strong organizational skills with the ability to manage multiple tasks and deadlines
• A continuous learner with a passion for staying at the forefront of cybersecurity developments
• Comfortable justifying decisions and assessments

To qualify for the role you must have

• Minimum of 5 years of experience information security
• Minimum of 3 years in Vulnerability Management and/or research
• Strong understanding of network protocols, operating systems, databases, and software vulnerabilities
• Familiarity with industry frameworks and standards such as OWASP, NIST, and CVE
• Demonstrated experience assessing and communication the risk of vulnerabilities to senior levels of an organization
• An in-depth understanding of security control functionality in the context of threats
• An interest and aptitude for engaging stakeholders and developing a functional network of subject matter experts
• Proficiency developing non-traditional solutions to complex challenges

Ideally, you’ll also have

• Purple Team expertise
• Experience in analytical tradecraft

Responsibilities

• Prepare fiduciary accountings for trusts, estates, conservatorships, guardianships, and foundations in multiple jurisdictions throughout the United States pursuant to the governing documents, state specific principal and income rules and jurisdictional requirements.
• Help train and mentor associate analysts.
• Prepare more complex accountings typically involving multiple accounts and/or custodians for a broad base of clients including banks, trust companies, brokerage firms, attorneys, individual and professional fiduciaries.
• Review and determine that all required source documents have been received prior to starting the accounting. Confer with client and/or supervising manager if additional documentation is required.
• Review and interpretation of trust instruments, wills, IRS Form 706 and K-1s to determine proper treatment for fiduciary accounting purposes.
• Review and interpret source data (e.g., bank statements, brokerage statements, checking accounts, loan documents), and exercise judgement in how to allocate transactions properly between principal and income and where to place the transactions on the appropriate fiduciary accounting schedule.
• Exercise judgement to determine if a disbursement is a trust expense or a distribution.
• Perform a self-review before submitting work product to supervising manager for review.
• Communication with clients.
• Participate in special projects.
• Participate in internal and external training to maintain and enhance knowledge of fiduciary law and software applications.
• Regular interaction and communication with immediate supervisor, and all department/company coworkers.
• Ability to organize and maintain personal account workload and meet all deadlines.
• Maintain annual firm required CPE credits.
• Develop an understanding of EY service offerings.
• Build knowledge about risk management and independence.

Required Technical/Professional Skills & Competencies

• Knowledge of current fiduciary accounting concepts required to prepare fiduciary/court accountings.
• Comfortable working with attorneys, trust officers and family offices.
• Experience in reviewing and interpreting trust and estate documents and financial data to prepare accountings.
• Experience working with the Thomson Reuters FAS accounting system.
• Strong technical skills in basic computer software applications, including Microsoft Word, Excel, company specific systems and Quicken.
• Strong verbal and written communications skills
• Attention to details.

Certification/Education

• A bachelor’s degree in accounting, finance or economics preferred, but not required.
• Professional Fiduciary, National Certified Guardian or paralegal certification preferred, but not required.

Professional Experience

• Two to four years of experience in preparation of fiduciary accountings.

• A paralegal with trust and estate knowledge, is preferred.

Quantitative Analyst, Financial Services Risk Management - Quantitative Advisory Services - Banking Book - Financial Services Office (Manager) (Multiple Positions) (1653519), Ernst & Young U.S. LLP, San Francisco, CA.

Full time employment, Monday – Friday, 40-45 hours per week, 8:30 am – 5:30 pm.

MINIMUM REQUIREMENTS:

Must have a Bachelor’s degree in economics, statistics, computational finance, mathematics, engineering, data science, physics, or a related field and 5 years of post-baccalaureate progressive quantitative analysis work experience.

Alternatively, must have a Master’s degree in economics, statistics, computational finance, mathematics, engineering, data science, physics, or a related field and 4 years of quantitative analysis work experience.

Alternatively, must have a Ph.D. in economics, statistics, computational finance, mathematics, engineering, data science, physics, or a related field and 2 years of quantitative analysis work experience.

Must have 2 years of experience with statistical and numerical techniques, or technical analytics, including regression analysis or machine learning.

Must have 2 years of experience communicating (written and oral) and interpreting technical concepts for technical and non-technical users.

Must have 2 years of experience in two of the following:
• broad credit risk modeling and related analytics
• retail modeling for at least one of the following: mortgage, credit card, or consumer loans
• wholesale credit modeling for C&I, CRE or related exposures
• credit loss forecasting for US GAAP, CECL or IFRS 9
• model development
• model validation
• advanced analytics
• quantitative analysis supporting consumer regulatory compliance

Must have 2 years of consulting (advisory services) work experience.

Must have 1 year of experience in one or more of the following:
• SAS or STATA
• R
• Python
• Matlab

Requires domestic and regional travel up to 30% to serve client needs.

Employer will accept any suitable combination of education, training, or experience.

What we offer

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on yourperformance and recognized for the value you bring to the business. The base salary for this job is $171,180.00 per year. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

•Continuous learning:You’ll develop the mindset and skills to navigate whatever comes next.

•Success as defined by you:We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

•Transformative leadership:We’ll give you the insights, coaching and confidence to be the leader the world needs.

•
Diverse and inclusive culture:You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

This particular position at Ernst & Young in the United States requires the qualified candidate to be a "United States worker" as defined by the U.S. Department of Labor regulations at 20 CFR 656.3. You can review this definition at at the bottom of page 750. Please feel free to apply to other positions that do not require you to be a "U.S. worker".

Full time employment, Monday – Friday, 40 hours per week, 8:30 am – 5:30 pm.

MINIMUM REQUIREMENTS:

Must have a Bachelor’s degree in Business, Marketing, Communications, English, Journalism, Digital Media, or a related field with 7 years of progressive, post-baccalaureate related work experience. Alternatively, will accept a Master’s degree in Business, Marketing, Communications, English, Journalism, Digital Media, or a related field with at least 6 years of related work experience.

Must have 5 years of experience in combination of consulting and/or editing experience in digital media.

Of the required experience, must have 5 years of experience in combination of working at a multinational corporation or a media company.

Must have 3 years of experience in digital content design, including Adobe Experience Manager.

Must have 6 years of experience in editing, optimizing and managing digital media projects.

Must have 3 years of experience in working with website or social media platform content management.

Must have 5 years of experience preparing written or verbal materials, leading a team, and providing formal feedback.

Must have 3 years of experience supervising and reviewing content and design created by page builders and editors.

Employer will accept any suitable combination of education, training, or experience.

What we offer

We offer a comprehensive compensation and benefits package where you’ll be rewarded based on yourperformance and recognized for the value you bring to the business. The base salary for this job is 141,580.00 per year. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

This particular position at Ernst & Young in the United States requires the qualified candidate to be a "United States worker" as defined by the U.S. Department of Labor regulations at 20 CFR 656.3. You can review this definition at at the bottom of page 750. Please feel free to apply to other positions that do not require you to be a "U.S. worker".