EY Security Analyst - CDRC in Trivandrum, India
Security Analyst - CDRC
Core Business Services
Requisition # TVM00066
Post Date Sep 28, 2018
Security Analyst -CDRC
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly.
Enterprise Workplace Technology (EWT) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
CDRC (Cyber Defense Response Center) Security Analyst who will be responsible to work collaboratively with peers and supervisors for providing effective security monitoring and incident response through triage, investigation, communication, and reporting
Skills and attributes for success
Essential Functions of the Job :
Operate as First/Second level support to a 24x7 Cyber Defense Response Centre.
Act as the primary point of contact for reporting, monitoring, and tracking reported events and operational events.
Identify, prioritize and respond to security threats
Will operate in a close team of computer/digital forensic, fraud, and other IT investigative experts.
Ensure that all incidents are recorded and tracked to meet audit, compliance and legal requirements.
Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm.
Maintain an inventory of the procedures used by the CDRC and regularly evaluate the CDRC procedures and add, remove, and update the procedures as appropriate
Publish reports to applicable teams
Generate reports on Cyber defence centre activities
Analytical/Decision Making Responsibilities:
Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies the manager when appropriate.
Recognizes successful intrusions and compromises through review and analysis of relevant event detail information.
Assist in incident determination, ticketing and incident response, prevention and remediation
To qualify for the role you must have
Fair Understanding of Linux, TCP/IP, Network Security, encryption standards etc.
Aware of Types of attacks (DOS, DDOS etc.)
Aware of log monitoring.
Idea about various penetration testing and application testing methodology and tools is a definite plus.
Knowledge in application development (Microsoft technologies).
Soft Skills - Excellent communication skills; written and verbal.
Good Presentation skills
Good Investigative, analytical and problem solving skills
Ability to work in a team, with little supervision and using own initiative
Minimum of 2-3 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC)
Experience investigating security events, threats and/or vulnerabilities
Understanding of electronic investigation and log correlationProficiency with the latest intrusion detection platforms; working knowledge of Linux and/or Windows systems administration (Including AD).
Scripting or programming (Shell scripting, Power Shell, C, C#, Java, etc.)
Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues
Will provide mentoring, support and direction for other members of the team, as required
- Should be willing to work in shifts (24/7)
Qualifications, certifications and Edication requirements:
- Under Graduate/Post Graduate Degree in Computer Science or Engineering or related domain (MCA/MTech/BTech/BCA /BSc CS or BSc IT).
- CCNA/CCNA Security, RHCE, CCSA/CEH/CIH
What working at EY offers
We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
Support, coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way that’s right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.