EY Government Public Sector - Service Delivery 

United States, Texas, San Antonio 

303919812

Government & Public Sector - Cyber Security – NextGen Security Operations Center (SOC) Analyst

The Service Delivery Center is made up of high-performing, US-based resources who work closely with our experienced professionals to deliver project-based work and managed services to our federal clients. The Service Delivery Center is a core component of the Government & Public Sector practice (GPS).

Cyber threats continue to evolve and pose serious risks within the business environment. Our Cybersecurity – NextGen Security Operations Center (SOC) services assist our clients to defend their environment and respond when threats are detected utilizing sophisticated tools available to fight against cybercrime.

Your Key Responsibilities

• Assist in supporting the Cyber Center client engagement team in the NextGen SOC service operations and delivery
• Assist in supporting on-site GPS NextGen SOC consultants in identifying process improvements, enhancing existing NextGen SOC solutions and operating NextGen SOC processes as required
• Assist in NextGen SOC program management, service delivery model and strategy planning
• Areas of support could be:
  • Perform configuration and deploy vulnerability scanning, dynamic application security scanners, and network assessment tools
  • Track vulnerabilities from discovery through remediation
  • Analyze persistent vulnerabilities, perform root cause analysis and investigate potential false positives
  • Provide guidance on vulnerability remediation, countermeasures, and risk mitigation
  • Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting
  • Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
  • Proactive monitoring of internal and external-facing environment using specialized security applications
  • Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property
  • Use MITRE ATT&CK, VERIS, and Kill Chain concepts to develop, prioritize and execute threat hunting and attack and penetration scenarios relative to objectives.
  • Assess available data, relevant

Skills and attributes for Success

• Ability to produce high-quality work products within expected timeframes
• Strong client and relationship building skills
• Strong communications (both written and verbal) skills
• Strong presentation skills

To qualify for the role, you must have

• Bachelor’s degree in a related field
• Minimum of 2 years of related experience
• Must be able to obtain and maintain a Secret-level clearance or higher
• Must be willing to work in a 24/7 environment: 8 and 12 hour shift work – flexibility to be on call after hours, weekends and holidays
  • Working knowledge in one or more of the following areas:
  • Troubleshooting, analysis, and technical expertise to resolve incidents and service requests
  • Troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
  • Analysis of security events and incidents, to determine root cause and provide resolution
  • Internal and external ticketing systems for ITIL-based incident, problem and change management
  • Common scripting languages (Python, Bash, PowerShell, etc.) or SQL
  • SIEM integration and dashboard development (e.g. Splunk, QRadar)
  • Security Orchestration and Automation technologies or development.
  • Integrating or implementing ITSM/ticketing systems solutions (e.g. Service Now, Remedy)
  • Common exploitation techniques and the applications of Common Weakness Enumeration (CWE) and Common Vulnerability Scoring System (CVSS)
  • Vulnerability scanning tools such as Qualys Vulnerability Management and Policy Compliance, Rapid7 Nexpose or InsightVM, Tenable Nessus or Security Center, etc.
• Flexibility to travel up to 20%

Ideally you’ll also have

• Prior experience in a service delivery center or similar environment

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.