Threat Detection and Response - Experienced Analyst - SDC/VC4 - Location OPEN
Dallas, TX, US, 75219
Full Time Entry-level / Junior USD 37K - 87K
EY
EY provides consulting, assurance, tax and transaction services that help solve our client’s toughest challenges and build a better working world for all.SDC - Threat Detection and Response - Experienced Analyst
The opportunity
Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Your key responsibilities
Cyber threats continue to evolve and pose serious risks within the business environment. EY Security addresses the ongoing operational requirements through the Threat Detection and Response service.
Clients retain EY Security to defend their environment and respond when threats are detected. As an EY cybersecurity professional, you will belong to a globally connected team of security professional delivering 24x7 services such as:
- Perform front line accurate and precise real-time monitoring, analysis, and correlation of logs/alerts from a multitude of security devices with a focus on the determination of what events constitute security incidents.
- The successful candidate will collaborate to detect and respond to information security incidents by developing, maintaining, and following procedures for security event alerting, and by participating in security investigations.
- The TDR analyst must be competent to work at a technical level, be capable of identifying threats and vectors that cause security events, and able to follow defined procedures for mitigating said threats.
Skills and attributes for success
At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in “building a more secure and trusted working world,” being part of a dynamic team, serving clients and reaching your full potential, EY Consulting Services is for you. Apply today!
- Responsible for understanding and interpreting both network and host based event discovery and incident response activities
- Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting
- Understanding the “how,” “when,” “where,” and “why” of the incident threat
- Perform mitigation activities for current and residual risk
- Assist with project planning and identification of mitigation activities
- Perform the activities necessary for the immediate, short-term rapid resolution of incidents to minimize risk exposure and production down-time
- Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles
- Coordinate and drive efforts among multiple business units during response activities and post-mortem
- Proactive monitoring of internal and external-facing environment using specialized security applications
- Provide feedback on security control capability gaps based on security intrusion trends
- Provide timely, comprehensive and accurate information in both written and verbal communications
- Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property
To qualify for the role you must have
- Bachelor Degree in Computer Science, Mathematics, Engineering, or other related area of study.
- At least 1 year in Information Security, especially in a Security Monitoring/Operations, Forensics, or Incident Response role
- Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.
- Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;
- Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;
- Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.
- Ability to mesh sound technical and security practices to problem solving capabilities
- Willingness to work a flexible shift with schedules that include nights, weekends, and holidays. Shifts can change based on business needs.
Desired Certifications
- Cybersecurity certifications (Security+, CySA+, GCIH, Vendor Certificates),
- Project Management training/certification and Quality Management (ITIL, Six Sigma, TQM, etc.)
Ideally, you’ll also have
- Demonstrated integrity in a professional environment
- Willingness to learn new technologies
What we look for
- Fundamental understanding of defense-in-depth and intelligence-driven strategies
- Working knowledge/experience of network systems, security principles, and applications
- Familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, and have a working knowledge of defense in depth strategies.
- Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
- Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
- Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
- Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.
Tags: Antivirus Computer Science Cyber crime Endpoint security Firewalls Forensics GCIH IDS Incident response IPS ITIL Mathematics Monitoring Privacy Strategy Threat detection Vulnerability management
Perks/benefits: Career development Flex hours Flex vacation Health care Team events
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Penetration Tester jobs
- Open IT Security Analyst jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Security Researcher jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open Cybersecurity Specialist jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open IAM-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open Security Clearance-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs