At EY, we’re all in to shape your future with confidence.
We’ll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go. Join EY and help to build a better working world.

SKILLS AND ATTRIBUTES FOR SUCCESS

• Resolution of security incidents by validating root cause and solutions
• Analyze findings in investigative matters, and develop fact-based reports
• Ability to identify and articulate opportunities for improvement while helping drive lessons learned activities
• Demonstrated integrity and judgment within a professional environment
• Inquisitive approach to analysis and peer review
• Application of emotional intelligence and calm under pressure
• Ability to appropriately balance work/personal priorities

EDUCATION:

• Bachelors or Masters Degree in Computer Science, Information Systems, Engineering, a related field, or equivalent experience

EXPERIENCE:

• 7+ years’ experience in at least two of the following roles:
• Member of a Security Operations Center (SOC)
• Security Incident Response Analyst or supporting function (2 years minimum)
• eDiscovery or related role performing forensic functions
• Deep understanding of security threats, vulnerabilities, and incident response
• Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
• Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
• Understanding of regulatory stipulations regarding security incidents
• Experience with SIEM technologies (i.e. Splunk)
• Deep understanding of both Windows and Unix/Linux based operating systems

YOUR KEY RESPONSIBILITIES

• Coordinate response efforts to cyber incidents caused by external threats that may involve nontraditional working hours
• Serve as a liaison to different businesses and interface with fellow team members and colleagues on other security teams. As-needed, manage relationships with business partners, management, vendors, and external parties
• Drive integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
• Help lead small to medium sized projects as directed by leadership
• Be a champion for process and documentation. Develop and document processes to ensure consistent and scalable response operations, and ensure continuous improvement to the company’s incident response plan
• As requested, develop and deliver metrics to leadership
• Create ready-to-go draft communications and ensure timely reports/updates to leadership during and after an event
• Own and manage the teams internal action playbooks and knowledgebase
• Must be willing to be on-call off-hours in rotation with other team members (Required)