Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

EY TC-CS-Cyber Detection Response-Incident Response-Senior 
India, Karnataka, Bengaluru 
166252037

01.12.2024

Job Description: Incident Response Analyst

Key Responsibilities:

  • Tier 3 Security Incident Response :
    • Conduct Tier 3 security incident response for application, network, and infrastructure security alert events.
    • Utilize documented procedures and in-house security technologies to manage incidents effectively.
  • Coordination and Task Assignment :
    • Assign containment, eradication, and recovery tasks to appropriate resource teams.
    • Ensure clear communication and coordination with relevant teams during incident response activities.
  • Response Actions and Host Management :
    • Perform response actions on managed hosts where the Security Operations Center (SOC) team has requisite access and permissions.
    • Isolate suspected compromised or infected hosts and execute other pre-approved actions to disrupt cyberattacks.
  • Incident Clarification and Communication :
    • Clarify incident information and recommend containment, eradication, and recovery actions to the cyber defense team.
    • Participate in cyber defense calls related to cybersecurity incidents and provide updates as needed.
  • Peer Review and Quality Assurance :
    • Conduct periodic peer reviews of Tier 2 analyst work to identify trends in effectiveness and areas for improvement.
    • Provide constructive feedback to enhance the overall quality of incident response efforts.
  • Escalation and Reporting :
    • Engage relevant parties for issue escalation and reporting.
    • Ensure timely communication of critical incidents and status updates to stakeholders, including executive management.
  • Coordination and Best Practices :
    • Collaborate with global teams to standardize incident response procedures and share best practices.
    • Adapt response strategies to accommodate different regional and regulatory requirements.
  • Continuous Improvement and Learning :
    • Stay updated with the latest cybersecurity threats, trends, and technologies.
    • Contribute to the development and enhancement of incident response processes and playbooks.
  • Documentation and Analysis :
    • Maintain comprehensive documentation of all incidents, actions taken, and lessons learned.
    • Analyze incident data to identify patterns, improve detection capabilities, and prevent future incidents.

Qualifications:

  • Extensive experience in cybersecurity, particularly in incident response and threat management.
  • Proficiency in using security technologies and tools for incident detection and response.
  • Strong knowledge of application, network, and infrastructure security.
  • Excellent analytical, problem-solving, and decision-making skills.
  • Ability to work under pressure and manage multiple incidents simultaneously.
  • Strong communication and teamwork skills, with the ability to coordinate with cross-functional teams.
  • Familiarity with global cybersecurity standards and regulatory requirements.

Additional Information: The Incident Response Analyst is a critical player in the organization's cybersecurity defense strategy. This role requires a proactive and agile approach to handling security incidents and a strong commitment to protecting the organization's digital assets and reputation. The Analyst must be prepared to respond swiftly and effectively to a wide range of cybersecurity threats, ensuring the organization remains resilient against evolving cyber challenges.



EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.