EY Security Analyst -CDRC in Trivandrum, India
Security Analyst -CDRC
Core Business Services
Requisition # GSS004XN
Post Date May 11, 2018
Security Analyst - CDRC
CDRC (Cyber Defense Response Centre) Security Analyst who will be responsible to work collaboratively with peers and supervisors for providing effective security monitoring and incident response through triage, investigation, communication, and reporting.
Essential Functions of the Job :
Operate as First/Second level support to a 24x7 Cyber Defense Response Centre.
Act as the primary point of contact for reporting, monitoring, and tracking reported events and operational events.
Identify, prioritize and respond to security threats.
Will operate in a close team of computer/digital forensic, fraud, and other IT investigative experts.
Ensure that all incidents are recorded and tracked to meet audit, compliance and legal requirements.
Conduct root cause analysis to identify gaps and recommendations ultimately remediating risks to the firm.
Maintain an inventory of the procedures used by the CDRC and regularly evaluate the CDRC procedures and add, remove, and update the procedures as appropriate.
Generate reports on Cyber Defense Centre activities.
Promote a security-first mindset, ensuring decisions are made without compromising core security objectives.
Should be willing to work in shifts (24/7).
Knowledge and Skills Requirements :
Fair Understanding of Linux, TCP/IP, Network Security, encryption standards etc.
Knowledge of various penetration testing and application testing methodology and tools is a definite plus.
Knowledge in application development (Microsoft technologies).
Excellent communication skills; written and verbal.
Good Attitude and Presentation skills
Good investigative, analytical and problem solving skills
Ability to work in a team, with little supervision and using own initiative
Analytical/Decision Making Responsibilities:
Assist in the resolution of events by identifying root cause and solutions
Actively investigates the latest security vulnerabilities, advisories, incidents, and penetration techniques and notifies the manager when appropriate.
Recognizes successful intrusions and compromises through review and analysis of relevant event detail information.
Assist in incident determination, ticketing and incident response, prevention and remediation.
Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors
Coordinate escalations and collaborate with internal technology teams to ensure timely resolution of issues.
Will provide mentoring, support, and direction for other members of the team, as required
- Bachelor’s degree in Computer Science, Information Systems, Engineering or related field.
Minimum of 2-3 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC)
Experience investigating security events, threats and/or vulnerabilities.
Understanding of electronic investigation and log correlation
Proficiency with the latest intrusion detection platforms.
Working knowledge of Linux and/or Windows systems administration (Including AD).
Scripting or programming (Shell scripting, Power Shell, C, C#, Java, etc.)
- CCNA/CCNA Security, RHCE, CCSA/CEH/CIH