EY TC - CS CDR Cyber Incident Response SOC Staff 

India, Telangana, Hyderabad 

706114127

Key Responsibilities:

• Security Monitoring and Alert Analysis:
  • Monitor security alerts and events from various sources, including SIEM systems, IDS/IPS, and other security technologies.
  • Analyze alerts to determine their severity and potential impact on the organization.
• Incident Triage and Escalation:
  • Perform initial incident triage, including assessing the scope and potential impact of security incidents.
  • Escalate incidents to Tier 3 analysts or appropriate resource teams for further investigation and response, as necessary.
• Incident Response and Containment:
  • Assist in the containment of security incidents by implementing pre-approved actions or recommended measures.
  • Work with the SOC team to execute response actions on managed hosts within the scope of permissions and access rights.
• Communication and Coordination:
  • Communicate incident details and recommended actions to the cyber defense team and other stakeholders.
  • Participate in cyber defense calls to provide updates on incident status and ongoing response efforts.
• Documentation and Reporting:
  • Maintain accurate and detailed documentation of all incidents, including actions taken and lessons learned.
  • Prepare reports for stakeholders, summarizing incident findings and response actions.
• Peer Review and Continuous Improvement:
  • Conduct peer reviews of incident handling and analysis performed by other Tier 2 analysts.
  • Identify trends and areas for improvement in incident response processes and capabilities.
• Threat Intelligence and Analysis:
  • Utilize threat intelligence feeds and other resources to stay informed about emerging threats and vulnerabilities.
  • Incorporate threat intelligence into the analysis and response process to improve detection and mitigation strategies.
• Security Tool Management and Optimization:
  • Assist in the configuration, tuning, and optimization of security tools and technologies.
  • Provide feedback on the effectiveness of security controls and suggest improvements.

Qualifications:

• 2-3 years related experience in cybersecurity operations, particularly in a SOC or similar environment.
• Strong knowledge of cybersecurity principles, including incident response, threat detection, and risk management.
• Proficiency in using security monitoring tools, such as Sentinel SIEM systems, IDS/IPS, EDR – Microsoft Defender, XSOAR – SOAR solutions.
• Excellent analytical and problem-solving skills.
• Strong communication and teamwork skills, with the ability to collaborate effectively with cross-functional teams.
• Basic understanding of network and infrastructure security.
• Familiarity with regulatory and compliance requirements related to cybersecurity.
• Additional Information: The Tier 2 Analyst is a crucial component of the organization's cybersecurity defense. This role requires a proactive approach to identifying and mitigating security threats, as well as a commitment to continuous learning and improvement. The Analyst must be able to work effectively under pressure and be prepared to respond swiftly to a variety of security incidents, ensuring the organization's digital assets and information remain secure.

Special Factors:

• Willing to work from ODC as and when required in rotational shift.
• Weekend availability/flexibility to work weekends is a MUST.
• Willing to support US shift (Night shift)

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.