EY Jobs

GDS Consulting_Security Operations Center Manager

Consulting

Requisition # PHI004MF

Post Date Feb 08, 2021

The opportunity

In your role at EY, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Your key responsibilities

The Security Operations Center Manager is responsible for all internal security operations tasks and management of Security Operations Center and the analyst staff associated with the SOC. The SOC Manager is responsible for the technical and process direction of the Security Operations Center.

The Security Operations Center is responsible to provide 24x7x365 continuous investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security incident. The Security Operation Center is the primary contact for any suspected security incident and work together with the Incident Response team on resolving incidents and remediating threats.

Skills and attributes for success

• 3+ years managing a Security Operations Center

• In-depth familiarity with security policies based on industry standards and best practices

• Knowledgeable in SOC advancements such as EDR and SOAR

• Thorough knowledge of SIEM technologies, like Splunk ES or QRadar

• Experience in designing and building security operations centers

• Incident management process development and/or incident management experience

• 5+ years working within the information security field, with emphasis on security operations, incident management, intrusion analysis

• Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, etc.)

• SOC automation development and cloud operations (e. g. AWS) experience

• Ability to lead and communicate efficiently within a team environment

• Advanced technical writing skill

To qualify for the role, you must have

• Bachelor’s Degree

• Professional certifications such as SANS GIAC/GCIH

• Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM)

Ideally, you’ll also have

• Additional Professional certifications such as CISSP, ISA

What working at EY offers

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and consulting services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities andcreativefreedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.

The opportunity

In your role at EY, you’ll be inspired by a team of the brightest business and technical minds in cyber security. We are passionate champions for our clients and know from experience that the best solutions for our clients’ needs come from working hard together. As part of our team, your voice matters, and you will do important work that has impact, on people, businesses and nations. Our industry and our company move fast, and you can be sure that you will always have room to learn and grow. We’re proud of our team and the important work we do to build confidence for a more connected world.

Your key responsibilities

The Security Operations Center Manager is responsible for all internal security operations tasks and management of Security Operations Center and the analyst staff associated with the SOC. The SOC Manager is responsible for the technical and process direction of the Security Operations Center.

The Security Operations Center is responsible to provide 24x7x365 continuous investigation of correlated security event feeds and the appropriate triage and escalation in case of an identified security incident. The Security Operation Center is the primary contact for any suspected security incident and work together with the Incident Response team on resolving incidents and remediating threats.

Skills and attributes for success

• 3+ years managing a Security Operations Center

• In-depth familiarity with security policies based on industry standards and best practices

• Knowledgeable in SOC advancements such as EDR and SOAR

• Thorough knowledge of SIEM technologies, like Splunk ES or QRadar

• Experience in designing and building security operations centers

• Incident management process development and/or incident management experience

• 5+ years working within the information security field, with emphasis on security operations, incident management, intrusion analysis

• Experience with security device installations, configuration and troubleshooting (e. g., firewall, IDS, etc.)

• SOC automation development and cloud operations (e. g. AWS) experience

• Ability to lead and communicate efficiently within a team environment

• Advanced technical writing skill

To qualify for the role, you must have

• Bachelor’s Degree

• Professional certifications such as SANS GIAC/GCIH

• Knowledge of: Strong Authentication, End Point Security, Internet Policy Enforcement, Firewalls, Web Content Filtering, Database Activity Monitoring (DAM), Public Key Infrastructure (PKI), Data Loss Prevention (DLP), Identity and Access Management (IAM)

Ideally, you’ll also have

• Additional Professional certifications such as CISSP, ISA

What working at EY offers

• Support, coaching and feedback from some of the most engaging colleagues around

• Opportunities to develop new skills and progress your career

• The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and consulting services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities andcreativefreedom to make things better.Whenever you join, however long you stay, theexceptionalEY experience lasts a lifetime.And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.