EY Security Analyst - SOC 

Sri Lanka, Western Province, Colombo 

241998071

We’re looking for Security Analyst with experience in SIEM, EDR and NSM solutions.

Your key responsibilities

• Operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers.
• First level of monitoring and triaging of security alerts
• Initial data gathering and investigation using SIEM, EDR, NSM solutions.
• Provide near real-time analysis, investigation and, reporting security incidents for customer

Skills and attributes for success

• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
• Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view
• Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus
• Good knowledge and experience in Security Monitoring
• Good knowledge and experience in Cyber Incident Response
• Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop • Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP etc.

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in 24x7 shifts
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Minimum 1 year of Hands-on experience in SIEM, EDR and NSM solution
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language.
• Certification - CEH, ECSA, ECIH, Splunk Power User

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.