Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

EY Cyber Managed Services - Threat Detection & Response Analyst 
United States, Texas, Dallas 
102403598

01.12.2024

PRACTICE DESCRIPTION:

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

JOB SUMMARY

Cyber threats continue to evolve and pose serious risks within the business environment. EY’s Cybersecurity Managed Services (CMS) offering addresses the ongoing operational requirements through the following services:

  • Threat Detection and Response
  • Threat Exposure Management
  • Identity & Access Management
  • Data Protection

Clients retain CMS to defend their environment and respond when threats are detected. As a CMS security professional you will belong to a globally connected team of security professional delivering 24x7 services from our Dallas Cyber Center.

KEY RESPONSIBILITIES:

  • Responsible for understanding and interpreting event discovery and incident response activities
  • Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting
  • Perform mitigation activities for current and residual risk
  • Assist with project planning and identification of mitigation activities
  • Support tier-1 analysts in performing day-to-day operations
  • Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
  • Coordinate and drive efforts among multiple business units during response activities and post-mortem
  • Proactive monitoring of internal and external-facing environment using specialized security applications
  • Provide timely, comprehensive and accurate information in both written and verbal communications
  • Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property
  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats
  • Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor and share expertise with junior staff

To qualify, candidates must have:

  • Bachelor Degree in Computer Science, Mathematics, Engineering, or other related area of study preferred with 3-5 years of overall IT professional experience.
  • At least 2+ years of work experience in Information Security, especially in an Information operations / incident role
  • Ability to participate in after hours on-call rotation when required; Due to the nature of the business the Cyber analyst position covers all shifts 24/7
  • Detailed knowledge of applicable security tools, technologies, and trends
  • Fundamental understanding of defense-in-depth and intelligence-driven strategies
  • Working knowledge/experience of network systems, security principles, and applications
  • Experience with utilizing security tools software such as Splunk, Sentinel, LogRhythm, CarbonBlack, Fidelis, and ServiceNow
  • Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
  • Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;
  • Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;
  • Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.
  • Additional certifications and training preferred in the following areas: Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates), Project Management training/certification, and Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification
What we offer
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $57,700 to $94,800. The salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $69,000 to $107,100. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options. Join us in our team-led and leader-enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40-60% of the time over the course of an engagement, project or year. Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well-being.
  • Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
  • Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
  • Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
  • Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.