Cyber Managed Services - Threat Detection & Response - Senior Analyst
Dallas (Dallas) Teaching
Job description
EY’s Threat Detection and Response (TDR) Managed Service provides organizations with the people, process and technology coordinated to detect, respond to, and contain cyber attacks before business assets are impacted. The TDR team provides 24x7x365 threat monitoring, triage and analysis for malicious activity wherever digital assets reside; assessing alerts to identify and disrupt malicious activity; hunting for behavioral indications of attacks that have evaded current detection countermeasures; managing and enhancing security technologies to identify attacks better, faster and more accurately; and working collaboratively with client personnel to identify improvements to their cybersecurity plans and programs.
Your key responsibilities
As a Senior Analyst in EY’s TDR Managed Service, you will serveas a primary point of contact to clients for cybersecurity threat detection, threat response, threat hunting, cyber threat intelligence, program management and technology management activities directly related to the client organization. You will serve as part of a Core Team that works with analysts from Cybersecurity Centers around the globe, coordinates with other EY teams providing services to the client, and periodically visits client personnel at their facilities to collaborate and develop strategy with client cybersecurity stakeholders for service enhancement. Senior Analysts are positioned to understand the client environment and cybersecurity risks and challenges, are critical to identifying and actioning continuous improvement opportunities, and help develop strategic risk reduction recommendations for EY clients.
To qualify for the role, you must have
· A minimum of 2 years of experience working in cybersecurity intrusion analysis and/or endpoint monitoring, detection, and response (e.g. SOD analyst), or as an incident response analyst, forensic analyst, or in related cybersecurity roles.
· A valid driver's license in the US; willingness and ability to travel domestically and internationally to meet client needs; estimated up to 40% travel required.
· Proficiency with Security Information Event Management (SIEM) software (e.g., Splunk, Sentinel, QRadar or other SIEM platforms)
· Proficiency with Endpoint Detection and Response (EDR) software (e.g., Carbon Black, CrowdStrike, Tanium, MS Defender for Endpoint and O365, or other EDR platforms)
· Proficiency with Network Security Monitoring (NSM) software (e.g., Fidelis Network, ExtraHop, or other NSMs)
· Proficiency with security alert triage and analysis methods (e.g., use of correlations, behaviors and patterns, pivoting, enriching alert data and providing remediation recommendations)
· Proficiency with threat hunting methodologies (e.g., analyst-driven, tactic- or technique-driven, threat intelligence-driven and scenario-based threat hunting)
· Ability to participate in after hours on-call rotation when required
Preferred candidates will also have
· A bachelor's degree or a master's degree preferred in Information Systems, Computer Science, or a related discipline), or be working towards a bachelor’s degree.
· One or more technical cybersecurity certifications such as GIAC Certified Incident Handler (GCIH), GIAC Certified Intrusion Analyst (GCIA), EC-Council Certified Ethical Hacker (CEH), or similar.
· Competence using ticketing system software (e.g., ServiceNow or other ticketing systems) for incident documentation, problem tracking, and change management
· Working knowledge of detection rule logic management (e.g., creation, tuning and management methods)
· Working knowledge of cybersecurity frameworks (e.g., MITRE ATT&CK, VERIS, Cyber Kill Chain, Diamond Model, and other frameworks)
· Experience with cloud infrastructures and cloud security monitoring (Azure, AWS, and Google Cloud)
· Knowledge of network communication concepts including ports, protocols, and encryption
· Knowledge of identity, access and privileged account monitoring concepts
· Knowledge of incident response and coordination methods
· Knowledge of threat intelligence integration concepts including adding threat feeds with cybersecurity technology and security monitoring processes
Skills and attributes for success
· Ability to effectively communicate when interacting with clients, senior leaders, technical SMRs, support staff, vendors and business partners in both technical and nontechnical terms.
· Ability to engage with clients by listening and understanding their needs.
· Recognize when to escalate risks and issues to appropriate client and EY leadership.
· Create and deliver high quality work products, client reports and presentations.
· Adhere to service quality standards and program management requirements.
· Work collaboratively in a cross-functional team environment that is culturally diverse and with geographically dispersed teams.
What we look for
We are most interested in your ability to succeed in a team environment while growing your personal and professional capabilities. A drive to provide exceptional attention to detail and consistently deliver high-quality work is key to success at EY.
What working at EY offers
We offer a competitive compensation package where you will be rewarded based on your performance and recognized for the value you bring to our business. Our comprehensive Total Rewards package includes medical and dental coverage, pension and 401(k) plans, a flexible vacation policy with 19 observed holidays, and a range of programs and benefits designed to support your physical, financial and social well-being. Plus, we offer:
· Support and coaching from some of the most engaging colleagues in the industry
· Opportunities to develop new skills and progress your career
EY is committed to being an inclusive employer. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
About EY
As a global leader in assurance, tax, transaction and consulting services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Make your mark. Apply today.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability status.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.