EY GDS Consulting Cyber Security - L2 SOC Analyst 

Philippines, Taguig 

158583674

Join our EY Cyber Security team as a Senior SOC Analyst L2, where you will play a crucial role in assisting clients with the monitoring, investigation and response to security incidents.

Skills and attributes for success

• Effectively assess security incidents, determine their scope, and manage response efforts with efficiency and precision.
• Escalate incidents to appropriate authorities as necessary, while strictly adhering to established incident response protocols.
• Maintain a comprehensive awareness of the current threat landscape, including malware, phishing attacks, and advanced persistent threats (APTs).
• Provide guidance and leadership to the team during critical situations, ensuring effective decision-making and response.
• Exhibit excellent verbal and written communication skills for clear incident reporting and seamless team collaboration.
• Foster collaboration with cross-functional teams to enhance the overall security posture of the organization.
• Mentor and train junior analysts, sharing knowledge and best practices to strengthen team capabilities.
• Actively participate in post-incident reviews to identify lessons learned and recommend improvements to processes and technologies.

To qualify for the role, you must have

• A minimum of 4 years of experience in SOC operations, with a focus on investigation and incident response.
• Proficiency in SIEM tools such as Splunk, Microsoft Sentinel, Logscale, or similar platforms, along with a solid understanding of various log sources and their functions.
• Strong knowledge of Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) technologies, including CrowdStrike, Microsoft Defender, XSIAM, Tanium, Sentinel One, Trellix, and others.
• Expertise in analyzing endpoint and network logs, as well as alerts from security tools such as EDR, operating systems, firewalls, Intrusion Prevention Systems (IPS), email security, Web Application Firewalls (WAF), proxies, authentication systems, and VPN logs.
• Ability to develop logic and SIEM queries to correlate diverse logs, enabling effective investigation of security alerts and incidents.
• Experience in developing SOC use cases, including the creation of new monitoring use case logic and presenting proposals to stakeholders.
• Proven experience in conducting investigations across various environments, including endpoints, networks, web applications, databases, and cloud resources.
• A solid understanding of recent vulnerabilities and attack vectors.
• Knowledge of Cyber Threat Intelligence, including the analysis of intelligence alerts, threat hunting, and providing actionable recommendations.

Ideally, you’ll also have

• Bachelor’s Degree relevant to Information Technology
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, etc

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.