EY Advisory Security Operations Center Shift Leader (TMP) Africa, India, Middle East(AIM) in Johannesburg, South Africa

Advisory Security Operations Center Shift Leader (TMP) Africa, India, Middle East(AIM)

Advisory

Requisition # JOH001ZD

Post Date 3 days ago

Cyber Security is one of the fastest growing areas within EY. We have recently launched our Security Operations Center in Muscat and with this comes the opportunity to work with some of the most advanced and up to date technology all while services our clients across the region. Joining the Cyber Security team at EY will give you the chance to grow and develop you career through a wide range of projects, internal trainings and mentorships from some of the leading minds in Cyber Security.

The Opportunity

You should be a passionate and driven individual who wants to join an elite team to make a real difference in protecting some of the world’s leading organizations from the active cyber threat landscape. The SOC shift leader will be responsible to oversee daily shift operations and a great team of analysts within the EY SOC running 24 hours, 7 days a week. You will be the lead decision maker within the operations center’s shift operation and will help identify, assess and coordinate communication and respond to security related incidents and crisis management issues.

Key Responsibilities

  • Manage a shift of passionate and driven security professionals, provide the team with a vision of project objectives, coach and help develop team members

  • Coordinate with all team members to ensure the EY SOC is functionally staffed at all times

  • Willing to travel for a period of 2 years

  • Analyze the security incidents and provide timely resolution to the respective stake holders

  • Prepares operational documentation for operational teams in use of the SOC

  • Handling escalations and work as L3 analyst for remediation of Security Incidents

  • Review Security Controls logs/ alerts, findings, and perform network analysis for malicious activities

  • Ensure all technicians are aware of and properly adhere to procedures and Service Level Agreements

  • Train resources on new processes

Skills and Attribute for Success

  • Excellent team work skills.

  • Passion and drive to succeed and combat cyber threats

  • Ability to develop specific expertise, discern patterns of complex threat actor behavior, and communicate a comprehension of current and developing cyber threats

  • Ability to identify the adversarial activity and methods for detection and prevention.

  • Use a combination of research of exploits or vulnerabilities, including Zero–Day, network flow, log review, event correlation, and PCAP analysis to complete investigations

  • Leadership capabilities and experience to motivate a diverse group of individuals, strong interpersonal skills to foster a team environment, and the ability to create and implement action plans

  • Candidates should be willing to be based for up to 2 years in Middle East whilst maintaining home office in Africa

  • Speaking Arabic is an advantage though not a requirement

To qualify for the role you must have

  • Must have an honors degree in a technical field such as computer science, mathematics, engineering or similar field

  • 4 + years of recent operational security experience (SOC, Incident Response, Malware Analysis, IDS/IPS Analysis, etc.)

  • Experience performing the role of a technical lead in complex global security incident management

  • Good knowledge of SIEM technologies and platforms such as Splunk, Arcsight, QRadar or others – from an Analyst’s point of view

  • Strong analytical and problem solving skills

  • Previous supervisory experience in leading a SOC shift team

Ideally you’ll also have

  • Working knowledge of full packet capture PCAP analysis and accompanying tools (Wireshark, etc.)

  • Strong collaborative skills and proven ability to work in a diverse global team of security professionals

  • Familiarity with system log information and what it means

  • Knowledge of host based firewalls, Anti-Malware, HIDS, endpoint security tools

What we look for

You will perform threat actor based investigations, recommending detection methodologies providing expert support to incident response and monitoring functions. The focus of the shift lead will be to detect, disrupt and eradicate threat actors from our client’s enterprise networks. To execute this mission, the shift lead will use data analysis, threat intelligence, and cutting-edge security technologies. You will be exposed to a wide range of clients ranging from small businesses to large multi-national corporations all the while monitoring and preventing cyber threats to their businesses.

What working for EY offers

We offer a competitive compensation package where you will be rewarded based on your performance and recognized for the value you bring to our business. We also offer:

  • Support and coaching and feedback from some of the most engaging Cyber professionals around

  • Opportunities to develop new skills and progress your career

About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Build your legacy with us.

Apply now.