EY GDS Consulting Cyber Security - L3 SOC Analyst DFIR/Forensics 

Philippines, Taguig 

605452927

• Lead the response to high-severity incidents, coordinating with other teams as necessary.
• Gather and preserve evidence, perform data collection, conduct a structured analysis of forensic data and present the findings to stakeholders.
• Work closely with other IT and security teams to address security incidents.
• Conduct thorough investigations to determine the root cause of incidents.
• Analyze and interpret packet captures using network protocol analyzers such as Wireshark and TCPdump.
• Perform endpoint analysis, live response, and memory collection and analysis.
• Proactively search for threats and vulnerabilities within the environment.
• Stay updated on the latest security trends, threats, and technologies.
• Analyze threat intelligence to identify potential risks.
• Formulate response and recovery steps for security incidents.
• Review and improve incident response processes and playbooks.
• Document incidents, response actions, and lessons learned for future reference.
• Prepare detailed incident reports and executive summaries for management and stakeholders.
• Participate and/or lead incident response calls.
• Participate in post-incident reviews to assess the effectiveness of the response and identify areas for improvement.
• Provide guidance and mentorship to lower-level incident responders.
To qualify for the role, you must have
• Experience with digital forensics tools and techniques to investigate incidents.
• Proficient in utilizing SIEM solutions such as Splunk, Microsoft Sentinel, LogScale, Google Chronicle, IBM QRadar, or equivalent tools for effective incident response and analysis.
• Experienced in leveraging EDR/XDR solutions like CrowdStrike, Microsoft Defender, SentinelOne, Cortex XSIAM, Carbon Black, or similar platforms
• Understanding of security principles, techniques, and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10
• In-depth knowledge of network protocols, operating systems, and security technologies.
• Proficiency in incident detection and response tools
• Familiarity with malware analysis and reverse engineering.
• Proficiency in scripting languages (e.g., Python, PowerShell) for automating tasks and processes.
• Ideal candidate will have 5+ years of security related experience in areas such Security Operations, Incident Response, and Forensic Investigation.
• Analytical mindset & has the aptitude to learn on the fly.
• Willingness to work in a 24/7 operations center (shift work required)
• Strong problem-solving abilities to analyze complex incidents.
• Excellent verbal and written communication skills.

• Bachelor’s Degree relevant to Information Technology
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, etc

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.