EY Security Analyst II in Alpharetta, Georgia
Security Analyst II
Core Business Services
Requisition # ALP001MJ
Post Date Mar 09, 2018
Join our Core Business Services (CBS) team and you will help support the important business enablement functions that keep our organization running strong. As a CBS professional, you will work across teams to provide the knowledge, resources and tools that help EY deliver exceptional quality service to our clients, win in the marketplace and support EY’s growth and profitability. Major teams within CBS include Finance, Information Technology, Human Resources, Enterprise Support Services, Brand Marketing and Communications, Business Development, Knowledge and Risk Management.
With so many offerings, you have the opportunity to develop your career through a broad scope of engagements, mentoring and formal learning. That’s how we develop outstanding leaders who team to deliver on our promises to all of our stakeholders, and in so doing, play a critical role in building a better working world for our people, for our clients and for our communities. Sound interesting? Well this is just the beginning. Because whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Under limited supervision the CDRC (Cyber Defense Response Center) Analyst II will report to the US CDRC Manager. He/she will work collaboratively to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations. The CDRC Analyst II will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. The CDRC Analyst II should have familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, and have a working knowledge of defense in depth strategies.
The CDRC Analyst II must be competent to work at a technical level, be capable of identifying threats and vectors that cause security events, and be able to follow defined procedures for mitigating said threats.
**The US CDRC team provides coverage seven days a week between 7:00 AM and Midnight EST. After an initial two week period for on-boarding (Monday – Friday, 07:00 – 16:00), depending on the need the CDRC Analyst will be working Sunday – Wednesday (07:00 – 18:00), Wednesday – Saturday (07:00 – 18:00), with potential to change to other shifts as they become available.
Respond to network and host based security events
Participate in detecting, investigating, and resolving security events
Capable of working independently while supporting CDRC Analyst I as necessary
Identify and propose areas for improvement within the Cyber Defense Response Center
Provide documentation and project support
Act as second and/or third-tier support for the CDRC Analyst I
Act as a peer group leader to help train support staff
Serve as an escalation point for difficult problems and complex inquiries
Server as shift lead when necessary
Serve as a back-up to the CDRC Manager
Knowledge, skills and experience requirements:
Information Security Principles, Technologies, and Practices
Proven experience with multiple security event detection platforms
Thorough understanding of TCP/IP
Demonstrated integrity in a professional environment
Good social, communication and technical writing skills
Comfortable navigating and troubleshooting Linux and Windows system issues
Qualifications, certifications and education requirements:
- Bachelors or Master’s Degree in Computer Science, Information Systems, Engineering or relative work experience.
Minimum of 2-3 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC)
Experience investigating security events, threats and/or vulnerabilities
Understanding of electronic investigation and log correlationProficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
Scripting or programming (Shell scripting, Power Shell, C, C#, Java, etc.)
Desired: Previous leadership experience as a team lead or supervisor.
Desired Certifications: GCIH, CISM, CEH, GCFA, GCIA, GSEC, GIAC, CISSP, Security