EY Incident Coordinator - EY Global Delivery Services 

Argentina, Autonomous City of Buenos Aires, Buenos Aires 

478808974

Your key responsibilities

• Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
• Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
• Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
• Help lead small to medium sized projects as directed by leadership
• Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company’s incident response plan
• As requested, develop and deliver metrics to leadership
• Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
• Own and manage the teams internal action playbooks and knowledgebase
• Must be willing to be on-call off-hours in rotation with other team members (Required)

Skills and attributes for success

• Resolution of security incidents by validating root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
• Demonstrated integrity and judgment within a professional environment
• Inquisitive approach to analysis and peer review
• Application of emotional intelligence and calm under pressure
• Ability to appropriately balance work/personal priorities

To qualify for the role, you must have

• Education:
  • Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience
• Experience:
  • 7+ years’ experience in at least two of the following roles:
    • Member of a Security Operations Center (SOC)
    • Security Incident Response Analyst or supporting function (2 years minimum)
    • eDiscovery or related role performing forensic functions
  • Deep understanding of security threats, vulnerabilities, and incident response
  • Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
  • Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
  • Understanding of regulatory stipulations regarding security incidents
  • Experience with SIEM technologies (i.e. Splunk)
  • Deep understanding of both Windows and Unix/Linux based operating systems

Ideally, you’ll also

• Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISA, CISM, CISSP, or CCIM

What we look for

• Demonstrated integrity in a professional environment
• Ability to work independently
• Have a global mind-set for working with different cultures and backgrounds
• Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
• Excellent organizational skills and strong attention to detail
• Excellent teaming skills
• Excellent social, communication, and writing skills
• Excellent customer service skills required