EY GDS Consulting Cyber Security - SOC Manager 

Philippines, Taguig 

474938072

• Planning, design, build, implementing, managing and upgrading security systems to protect data, systems and network
• Ensuring that the client data and infrastructure are protected by continuously reviewing, enabling and implementing appropriate security controls & enterprise infrastructure. Identifying use cases on existing security systems and provide recommendations to improve current state
• Conduct regular capacity planning assessments on security appliances and licenses, provide quarterly recommendations to the relevant stakeholders. Determine the hardware and software asset’s lifecycle, plan ahead the recommendation on hardware refresh before it reaches its EOL/EOS state
• Process security project communications and track with various technical teams until it reaches completion, document project steps & lessons learned and work with other technical teams on integration, deployment & enhancement projects and any other engineering tasks
• Develop and design security project plans for SIEM, NDR, XDR, NGAV, NGFW, MDM, DLP, SWG, UEBA, primarily on cloud, DevOps and application security based on zero trust framework in compliance with applicable regulatory and data privacy requirements
• Contribute to the development of the various TechOps strategies and roadmaps as required to enable realization of the business strategies and objectives
• Ensure that all the client SLAs and metrics are being met, conduct process & operational stability initiatives, stakeholder management, people management and driving delivery and operational excellence

• Ideal candidate must have a minimum of 7+ years of cybersecurity design, build and implementation experiences in a complex or large-scale environment or at least a minimum of two combined qualifications and/or experiences below:
• At least 3 years of hands-on experience in implementing, deploying & managing SIEM tools such as Splunk, Microsoft Sentinel, Qradar, Mcafee, Arcsight, LogRhythm, including python scripting, usage of regular expressions and natural language queries or;
• Extensive knowledge and hands-on experience in the areas of endpoint security (wintel & linux), web security, network (IDS, IPS, FW) security, data loss prevention (DLP) deployment or;
• Experience with Security Assessment tools (NMAP, Nessus, Metasploit, Netcat), vulnerability analysis, penetration testing, remediation and compliance, usage of automation tools for patch and vulnerability management or;
• Hands-on design and build experience for EDR, XDR and NGAV solutions such as Crowdstrike, Microsoft Defender, Cortex XSIAM, Carbon Black, Sophos, etc. or;
• Understanding of security principles, techniques, and technologies such as SANS Critical Security Controls, OWASP Top 10, Mitre Attack, Cyber Kill Chain, PCI-DSS, ISO 27001/02, SOC2, GDPR and other regulatory compliance frameworks, or;
• Combined hands-on experience on DevSecOps, Windows & Linux Server Administration, Network Administration, Storage & Backup, Systems Administration, Middleware, Application Administration and Endpoint Security Engineering. Network security zone administration, configurations, IDS/IPS policies, systems communications from Layer 1 to 7, packet capture and analysis log formats & analysis, ability to aggregate and parse log data for syslog, http logs, DB logs for discovery & investigation purposes or;
• Strong domain expertise, implementation and/or integration skills in data classification, data discovery, information rights management, encryption, tokenization, data access governance and data masking technology solutions.

General Qualifications:
• Bachelor’s Degree relevant to Information Technology or Computer Science
• Can work under pressure, displays high level of ownership & accountability with very minimal supervision to execute tasks and deliverables
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, and other cybersecurity engineering-related certifications

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.