Vacancy expired!
Digital Forensics Incident Response Senior AnalystCore Business ServicesRequisition # ALP0027KPost Date 1 day agoEY Technology:Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.EY Technology supports our technology needs through three business units:Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY toidentify new technology-based opportunities faster and pursue those opportunities more rapidly.Enterprise Technology (ET) – ETsupports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. ET will also support our internal technology needs by focusing on a better user experience.Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.The opportunityThe Digital Forensics & Incident Response (DFIR) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY. The candidate will work as an escalation point for suspect or confirmed security incidents. Responsibilities include performingdigital forensic analysis, following security incident response best practices, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.Your key responsibilities
Lead, investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
Forensically analyze end user systems and servers found to have possible indicators of compromise
Analysis of artifacts collected during a security incident/forensic analysis
Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
Provide consultation and assessment on perceived security threats
Maintain, manage, improve and update security incident process and protocol documentation
Regularly provide reporting and metrics on case work
Resolution of security incidents by identifying root cause and solutions
Analyze findings in investigative matters, and develop fact based reports
Be on-call to deliver global incident response
Skills and attributes for success
Resolution of security incidents by identifying root cause and solutions
Analyze findings in investigative matters, and develop fact-based reports
Demonstrated integrity and judgment within a professional environment
Ability to appropriately balance work/personal priorities
To qualify for the role, you must have
Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
7+ years’ experience in at least two of the following roles:
SOC Analyst
Security Incident Response Analyst or supporting function (3 years minimum)
eDiscovery or related role performing forensic functions
Deep understanding of security threats, vulnerabilities, and incident response
Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
Experience with SIEM technologies (i.e. Splunk)
Deep understanding of both Windows and Unix/Linux based operating systems
Ideally, you’ll also
Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH
Programming skills in Powershell, Python and/or C/C;
Understanding of the best security practices for network architecture and server configuration.
What we look for
Demonstrated integrity in a professional environment
Ability to work independently
Have a global mind-set for working with different cultures and backgrounds
Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
Excellent teaming skills
Excellent social, communication, and writing skills
What working at EY offersWe offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
Support, coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way that’s right for you
EY is committed to be an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.About EYAs a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.Join us in building a better working world.Apply now.EY provides equal employment opportunities toapplicants and employees without regard to race, color, religion, age, sex,sexual orientation, gender identity/expression, national origin, protectedveteran status, disability status, or any other legally protected basis, inaccordance with applicable law.
Vacancy expired!