EY GDS Consulting_Cyber Detection & Response Senior 

Philippines, Taguig 

581350473

Your key responsibilities

The Security Operations Center (SOC) Level 2 (L2) manages multiple Security technologies and produces enhancements that allow SOC team members to work collaboratively and efficiently while responding to threats. The individual in this role will work as part of a cybersecurity operations team responsible for carrying out 24x7 onsite security monitoring operations. Skills and attributes for success • Ability to manage multiple priorities simultaneously. • Moderate knowledge of networking fundamentals (TCP/IP, Network Layers, etc.) • Moderate knowledge of malware operation and indicators • Moderate knowledge of current threat landscape (threat actors, APT, cyber-crime, etc.) • Moderate knowledge of security related technologies and their functions (IDS, IPS, EDR, IRP, FW, WAF, SIEM, etc.) • Basic knowledge of audit requirements (PCI, HIPPA, SOX, etc.) • Basic programming skills in various disciplines including scripting language.

To qualify for the role, you must have:

• Generate Executive Summary report (high level)

• Ideal candidate will have 3+ years of security related experience in areas such as intrusion detection, incident response/handling, firewall administration, etc. Solid understanding of core security and infrastructure technologies, such as: firewall, VPN, IDS/IPS/SIEM, Antivirus, E-mail, DNS, Microsoft OS, & Linux OS

• Preferably 2 years Information Security (IS) experience required Analytical mindset & aptitude to learn quickly Reliable & willing to work in a 24/7 operations center (shift work required)

• Experience with command line interface and some level of exposure to administering systems and services for various operating systems (Windows PowerShell and Unix).

• Knowledge of security incident and event management, log analysis, network traffic analysis, malware investigation/remediation, SIEM correlation logic and alert generation

• Demonstrated ability to analyze, triage and remediate security incidents.

• Understanding of Security principles, techniques, and technologies such as SANS Top 20 Critical Security Controls and OWASP Top 10

• Knowledge and Experience of SIEM solution such as Splunk, RSA Security Analytics, ArcSight, LogRhythm, QRadar, Splunk or similar. Familiar in creating use cases in SIEM.

• Knowledge and Experience of XDR solution such as Cortex XDR, Crowdstrike XDR/EDR, Carbon Black XDR/EDR or similar • Knowledge and Experience of Email Security Solution such as Cofense and Proofpoint and the ability to analyse email threat, header analysis, attachments, and malicious link analysis.

Ideally, you’ll also have:

• Bachelor’s degree relevant to Information Technology

• Can work under pressure

• Related Certification: Example: CEH, Comptia A+, Sec+, ITILv3

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

Make your mark.

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.