EY GDS Consulting - Cyber Security Orchestration 

Philippines, Taguig 

922900675

Threat Detection & Response Consulting - Security Orchestration, Automation and Response (SOAR) - Senior

 Excellent teamwork skills, passion and drive to succeed and combat Cyber threats
 Expertise in design and implementation of SOAR solution such as Splunk-Phantom , Paloalto-Demisto XSOAR or Resilient
 Responsible for execution and maintenance of SOAR related analytical processes and tasks
 Manage and administration of SOAR platforms
 Hands-on experience with Incident Response and Threat Intelligence tools.
 Creation of reusable and efficient Python-based Playbooks.
 Use Phantom platform to enable automation and orchestration on various tools and technologies by making use of existing or custom integration Should have worked in a security operations center and gained understanding of SIEM and other log management platforms. Having experience in Splunk content development will be an added advantage
 Should have solid experience in the design/build, test, implementation, and maintenance of integration with other security tools and platforms
 Willing to learn new technologies and take up new challenges. Assist in developing high-quality technical content such as automation scripts/tools, reference architectures, and white papers.
 Knowledge in Network monitoring technology platforms such as Fidelis XPS or others
 Knowledge in endpoint protection tools, techniques and platforms such as Carbon Black, Tanium, Microsoft Defender ATP, Symantec, McAfee or others

Qualification & experience:

 Minimum of 6 years’ experience in cyber security with a depth of network architecture knowledge that will translate over to deploying and integrating a complicated SOAR solution in global enterprise environments.
 Strong oral, written and listening skills are an essential component to effective consulting.
 Strong background in network administration. Ability to work at all layers of the OSI models, including being able to explain communication at any level is necessary.
 Must have knowledge of Vulnerability Management, basic Windows setup, Windows Domains, trusts, GPOs, server roles, Windows security policies, basic Linux setup, user administration, Linux security and troubleshooting.
 Should have strong hands-on experience with scripting technologies like Python, REST, JSON, SOAP, ODBC, XML etc.
 Must have honours degree in a technical field such as computer science, mathematics, engineering or similar field
 Minimum 3 years of working in SOAR
 Certification in any one of the SIEM Solution such as IBM QRadar, Exabeam, Securonix and Splunk will be an added advantage
 Certifications in a core security related discipline will be an added advantage.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.