EY Manager, Cyber Investigations and Digital Forensics in Toronto, Ontario

Manager, Cyber Investigations and Digital Forensics


Requisition # TOR0033G

Post Date Apr 03, 2018

As cyber-crime continues to threaten businesses large and small, hackers are improving their tactics, techniques and procedures faster than corporate security teams can keep up. Increasingly organized and collaborative, their methods grow more sophisticated each year. Our clients continually look to EY for our knowledge and resources to assist with their cyber risks or events.

The opportunity

Our Fraud Investigation and Dispute Services (FIDS) team is experiencing rapid growth, and as a Cyber Manager you’ll be a key part of that growth. Working with companies across all industries, you’ll develop your career by communicating creative solutions for the client’s specific needs and leading a team of highly skilled professions on a wide range of engagements. This opportunity is for team oriented individuals who want to continually learn, research new technologies or attack patterns and develop new skills to drive innovation as part of a continually evolving service offering.

Your keyresponsibilities

The nature of this role means no two projects will be the same. You’re likely to balance your time between directly liaising with our clients to understand their situation and create an appropriate response plan to performing technical review and analysis of incidents. This will include investigating what happened and helping the client to determine if the attacker is potentially still in their environment or if their systems are being misused. You will be helping clients assess and resolve cyber events from the front lines and managing multiple teams on an ongoing basis for multiple clients at a time. That means thinking differently about the type of security breach, identifying vulnerabilities, and hardening the IT environment to complicate an attacker’s efforts to get back in.

Skills andattributes for success

  • Relationships across a network ofexisting and potential clients, understanding their businesses to providetailored insights to maximize business development opportunities

  • Managing and developing cyberresources, including training and technical oversight

  • Assisting with the growth ofcyber, including strategy, planning and execution

  • Constantly developing yourunderstanding of our clients’ industries, identifying trends, risks andopportunities for improvement

  • Continuously monitor developmentsin the litigation profession and regulatory events to identify trends thatare relevant to your clients

  • Ability to communicate technicalevents and analysis to both technical and nontechnical audiences and an understandingof the potential legal impacts

  • Developing your team throughconstant coaching and feedback, providing challenging goals andguaranteeing your people have the skills, knowledge and opportunities togrow

  • Experience in large scale,complex post-incident investigations, using techniques such as networkforensics, log analysis, timeline creation, and host-based forensics havebeen applied

  • Experience performing host-baseddigital forensics on Microsoft Windows and Mac based systems using bothWindows and Linux based forensic tools

To qualify forthe role you must have

  • A bachelor’s degree, supported byapproximately 5 to 8 years of related work experience

  • An in-depth understanding ofcomputer forensic and cyber security principles including intrusion responseand network monitoring

  • Possess an advanced degree or atleast one professional designation, such as EnCE, CCE, CCFP,GCFA, GNFA, GCFE, CFCE, GCIH, GREM, etc.

  • Excellent project managementskills and the ability to prioritize when working on multiple engagements

  • A history of business developmentand practice development success

  • The ability to travel to clientlocations or work extended hours when necessary in order to respond toclient events

Ideally, you’llalso have

  • Working knowledge of hardwareconfiguration and network/data communications, software development andscripting, and database technology and database exploitation/forensics

  • Experience with evidence seizureand conducting intelligence analysis

  • Ability to automatetasks using a scripting language (Python, Perl, Ruby, etc.) or experienceusing Blue Prism

  • In-depth understanding ofcomputer forensic principles including intrusion response, networkmonitoring, log analysis, cloud based systems, database structures,querying languages and common network tools

  • Understanding of attackerIndicators of Compromise & Tactics Techniques and Procedures andorganizing them sothey can be applied tocurrent and future investigations

  • Knowledge ofintrusion detection systems and how they detect host and network-basedintrusions via intrusion detection technologies

  • Knowledge of Windows, Unix andMac host based forensics and command line

  • Global network, experienceworking with fortune 500 companies, international and frequent travelopportunities

What we look for

We’re interested in passionate leaders, with the intellectual curiosity to actively pursue new knowledge in the rapidly changing world of cyber breach response. Naturally you’ll need a firm technical foundation, as well as the ability to translate complex information into meaningful, actionable insights. But we’re not just looking for strong technical skills – we’re interested in people that have the ability to nurture relations, both internal and external, and are committed to intimately understanding our client’s needs. If you’re looking to become part of a community of advisors where you’ll make a measurable difference across some of the most prestigious businesses around, this role is for you.

About EY

As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Join us inbuilding a better working world. Apply now.

EY is committed to inclusiveness, equity andaccessibility. We encourage all qualified candidates to apply.