Offers “Ernst & Young”

Expires soon Ernst & Young

Digital Forensics & Incident Response – Incident Analyst

  • Internship
  • Alpharetta, USA
  • IT development

Job description



EY Technology:

Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day.  Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients.  Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.

 

EY Technology supports our technology needs through three business units:

 

Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY toidentify new technology-based opportunities faster and pursue those opportunities more rapidly.

Enterprise Technology (ET) – ET supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. ET will also support our internal technology needs by focusing on a better user experience.

Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.  

The opportunity
 

The Digital Forensics & Incident Response (DFIR) Incident Analyst will work as a senior member of the technical team responsible for security incident response for EY.  The candidate will work as an escalation point for suspect or confirmed security incidents.  Responsibilities include performingdigital forensic analysis, following security incident response best practices, malware analysis, identify indicators of compromise, support remediation or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process.

Your key responsibilities

·  Investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
·  Forensically analyze end user systems and servers found to have possible indicators of compromise
·  Analysis of artifacts collected during a security incident/forensic analysis
·  Identify security incidents through ‘Hunting’ operations within a SIEM and other relevant tools
·  Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
·  Provide consultation and assessment on perceived security threats
·  Maintain, manage, improve and update security incident process and protocol documentation
·  Regularly provide reporting and metrics on case work
·  Resolution of security incidents by identifying root cause and solutions
·  Analyze findings in investigative matters, and develop fact based reports
·  Be on-call to deliver global incident response 
Skills and attributes for success
·  Resolution of security incidents by identifying root cause and solutions
·  Analyze findings in investigative matters, and develop fact-based reports
·  Demonstrated integrity and judgment within a professional environment
·  Ability to appropriately balance work/personal priorities 
To qualify for the role, you must have
·  Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or a related field
·  5+ years experience in incident response, computer forensics analysis and/or malware reverse engineering;
·  Understanding of security threats, vulnerabilities, and incident response;
·  Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis;
·  Be familiar with legalities surrounding electronic discovery and analysis;
·  Experience with SIEM technologies (i.e. Splunk);
·  Deep understanding of both Windows and Unix/Linux based operating systems; 
Ideally, you’ll also
·  Hold or be willing to pursue related professional certifications such as GCFE, GCFA or GCIH
·  Background in security incident response in Cloud-based environments, such as Azure
·  Programming skills in Powershell, Python and/or C/C++
·  Understanding of the best security practices for network architecture and server configuration 
What we look for
·  Demonstrated integrity in a professional environment
·  Ability to work independently
·  Have a global mind-set for working with different cultures and backgrounds
·  Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
·  Excellent teaming skills
·  Excellent social, communication, and writing skills 
What working at EY offers
 

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

·  Support, coaching and feedback from some of the most engaging colleagues around
·  Opportunities to develop new skills and progress your career
·  The freedom and flexibility to handle your role in a way that’s right for you  

EY is committed to be an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.

 
About EY
 

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

 

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Make your mark.
 
Apply now.
  EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law. 

Make every future a success.
  • Job directory
  • Business directory