EY TC-CS-Cyber Detection Response-SIEM Elastic-Senior 

India, Karnataka, Bengaluru 

249079562

Key Capabilities:

• Should have experience in end-to-end design, deployment, management, and optimization of the Elastic SIEM solution
• Previous experience in administration and management of SIEM related activities using Elastic SIEM and on some other SIEM solutions like Sentinel, Splunk, QRadar as well.
• Develop and optimize detection rules, queries, and alerts within Elastic SIEM to enhance threat detection, covering multi-cloud, hybrid, and serverless environments.
• Design efficient and secure log ingestion pipelines across various platforms, including serverless architectures and primary cloud services. This includes configuring log parsing, enrichment, and normalization. Also Ingesting logs using logstash.
• Create and refine custom Kibana dashboards, visualizations, and reports, enabling real-time insights into security events, trends, and incident response metrics tailored for diverse infrastructure environments.
• Integrate Elastic SIEM with other security tools and external data sources. Develop API-based automation workflows and scripts to streamline operations and enhance threat intelligence capabilities.
• Work closely with cross-functional teams—security analysts, network engineers, and system administrators—to support incident response and enhance situational awareness across environments.
• Mentor junior team members and provide knowledge transfer sessions on Elastic SIEM configuration, optimization, and troubleshooting, ensuring team readiness and resilience.
• Supporting presales initiatives such as answering RFPs, client presentations, demos.
• If required should be able to lead a team on SIEM deployment/migration activities.

Qualification & Experience:

• 5-7 years of experience in Cyber Security
• 4-5 years of proven experience in designing, implementing, and managing Elastic SIEM solutions
• Familiarity with security frameworks, compliance standards, and regulatory requirements, with the ability to align SIEM operations to these standards
• Strong expertise in Elasticsearch, Kibana, Beats, Logstash, and other Elastic Stack components, with proficiency in scripting (e.g., Python, JS, PowerShell) for automation and customizations.
• Good business acumen to understand client requirements and build strong relationships.
• Strong oral, written and listening skills are an essential component to effective consulting.
• Bachelor’s degree in computer science, Information Security, or a related field. Relevant certifications (e.g., Elastic Certified Engineer, CompTIA Security+) are preferred.

Ideally, you should also be:

• Willing to work from ODC 5 days a week in rotational shift.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.