EY Consulting_Cyber Detection & Response Senior 

Sri Lanka, Western Province, Colombo 

842405597

We’re looking for Security Analyst with expertise in SIEM, EDR and NSM solutions.

Your key responsibilities

• Operational support using SIEM solutions (Splunk, Sentinel), EDR (CrowdStrike, Defender, Carbon Black) and NSM (Fidelis, ExtraHop) for multiple customers.
• Specialized in second level incident validation and more detailed investigation
• Performs incident coordination and communication with client to ensure effective containment, eradication, and recovery
• SIEM support activities which includes adhoc reporting and basic troubleshooting
• Advise customers on best practices and use cases on how to use this solution to achieve customer end state requirements.
• Provide near real-time analysis, investigating, reporting, remediation, coordinating and tracking of security-related activities for customer

Skills and attributes for success

• Customer Service oriented - Meets commitments to customers; Seeks feedback from customers to identify improvement opportunities.
• Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst’s point of view
• Troubleshoot issues associated with SIEM solution.
• Ability to work with minimal levels of supervision or oversight.
• Exposure to IOT/OT monitoring (Claroty, Nozomi Networks etc.) is a plus
• Good knowledge and experience in Security Monitoring
• Good knowledge and experience in Cyber Incident Response
• Knowledge in ELK Stack
• Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop
• Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender etc

To qualify for the role, you must have

• B. Tech./ B.E. with sound technical skills
• Ability to work in 24x7 shifts
• Strong command on verbal and written English language.
• Demonstrate both technical acumen and critical thinking abilities.
• Strong interpersonal and presentation skills.
• Minimum 3 years of Hands-on experience in SIEM/EDR/NSM solutions
• Certification in any of the SIEM platforms
• Knowledge of RegEx, Perl scripting and SQL query language.
• Certification - CCSA, CEH, CISSP, GCIH, GIAC.

Ideally, you’ll also have

• People/Project management skills

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.