EY Manager, Cyber Investigations and Digital Forensics in Toronto, Ontario
Manager, Cyber Investigations and Digital Forensics
Requisition # TOR0033G
Post Date Apr 03, 2018
As cyber-crime continues to threaten businesses large and small, hackers are improving their tactics, techniques and procedures faster than corporate security teams can keep up. Increasingly organized and collaborative, their methods grow more sophisticated each year. Our clients continually look to EY for our knowledge and resources to assist with their cyber risks or events.
Our Fraud Investigation and Dispute Services (FIDS) team is experiencing rapid growth, and as a Cyber Manager you’ll be a key part of that growth. Working with companies across all industries, you’ll develop your career by communicating creative solutions for the client’s specific needs and leading a team of highly skilled professions on a wide range of engagements. This opportunity is for team oriented individuals who want to continually learn, research new technologies or attack patterns and develop new skills to drive innovation as part of a continually evolving service offering.
The nature of this role means no two projects will be the same. You’re likely to balance your time between directly liaising with our clients to understand their situation and create an appropriate response plan to performing technical review and analysis of incidents. This will include investigating what happened and helping the client to determine if the attacker is potentially still in their environment or if their systems are being misused. You will be helping clients assess and resolve cyber events from the front lines and managing multiple teams on an ongoing basis for multiple clients at a time. That means thinking differently about the type of security breach, identifying vulnerabilities, and hardening the IT environment to complicate an attacker’s efforts to get back in.
Skills andattributes for success
Relationships across a network ofexisting and potential clients, understanding their businesses to providetailored insights to maximize business development opportunities
Managing and developing cyberresources, including training and technical oversight
Assisting with the growth ofcyber, including strategy, planning and execution
Constantly developing yourunderstanding of our clients’ industries, identifying trends, risks andopportunities for improvement
Continuously monitor developmentsin the litigation profession and regulatory events to identify trends thatare relevant to your clients
Ability to communicate technicalevents and analysis to both technical and nontechnical audiences and an understandingof the potential legal impacts
Developing your team throughconstant coaching and feedback, providing challenging goals andguaranteeing your people have the skills, knowledge and opportunities togrow
Experience in large scale,complex post-incident investigations, using techniques such as networkforensics, log analysis, timeline creation, and host-based forensics havebeen applied
Experience performing host-baseddigital forensics on Microsoft Windows and Mac based systems using bothWindows and Linux based forensic tools
To qualify forthe role you must have
A bachelor’s degree, supported byapproximately 5 to 8 years of related work experience
An in-depth understanding ofcomputer forensic and cyber security principles including intrusion responseand network monitoring
Possess an advanced degree or atleast one professional designation, such as EnCE, CCE, CCFP,GCFA, GNFA, GCFE, CFCE, GCIH, GREM, etc.
Excellent project managementskills and the ability to prioritize when working on multiple engagements
A history of business developmentand practice development success
The ability to travel to clientlocations or work extended hours when necessary in order to respond toclient events
Ideally, you’llalso have
Working knowledge of hardwareconfiguration and network/data communications, software development andscripting, and database technology and database exploitation/forensics
Experience with evidence seizureand conducting intelligence analysis
Ability to automatetasks using a scripting language (Python, Perl, Ruby, etc.) or experienceusing Blue Prism
In-depth understanding ofcomputer forensic principles including intrusion response, networkmonitoring, log analysis, cloud based systems, database structures,querying languages and common network tools
Understanding of attackerIndicators of Compromise & Tactics Techniques and Procedures andorganizing them sothey can be applied tocurrent and future investigations
Knowledge ofintrusion detection systems and how they detect host and network-basedintrusions via intrusion detection technologies
Knowledge of Windows, Unix andMac host based forensics and command line
Global network, experienceworking with fortune 500 companies, international and frequent travelopportunities
What we look for
We’re interested in passionate leaders, with the intellectual curiosity to actively pursue new knowledge in the rapidly changing world of cyber breach response. Naturally you’ll need a firm technical foundation, as well as the ability to translate complex information into meaningful, actionable insights. But we’re not just looking for strong technical skills – we’re interested in people that have the ability to nurture relations, both internal and external, and are committed to intimately understanding our client’s needs. If you’re looking to become part of a community of advisors where you’ll make a measurable difference across some of the most prestigious businesses around, this role is for you.
As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Join us inbuilding a better working world. Apply now.
EY is committed to inclusiveness, equity andaccessibility. We encourage all qualified candidates to apply.