Cyber Managed Services Application Security Engineer Senior Analyst

Ernst & Young LLP Dallas , TX 75201

Posted 4 weeks ago

Clients worldwide look to our Cybersecurity Managed Services team to provide 24x7 support for a company's environment. Our consultants and analysts work in conjunction with our client teams to identify and resolve potential issues long before they even happen. As senior analysts on our threat intelligence team, you'll be right at the heart of that mission, using your experience to manage tools and technologies in an ever-changing environment. Working closely with consultants across the business you'll help define the future of threat detection for our clients.

The Opportunity

In EY's Cyber Center based in Dallas, Texas, there is no such thing as a typical day every day brings forth new objectives and challenges to solve. We are seeking experienced analysts keen to support our client challenges and provide exceptional client service

As an Application Security Engineer, you will play a critical role in providing the quality support services to organizations managing their environment. We look for individuals who have a passion for identifying and fixing vulnerabilities in software and applications. You can expect to work across multiple industries, support complex environments, and develop key client relationships.

Your Key Responsibilities

  • Support center services with dynamic application security testing including troubleshooting, task scheduling, and continuous process improvement

  • Interface with our clients and work with offshore teams to execute dynamic testing and triaging

  • Assist and lead continuous process and quality improvement initiatives

  • Develop metrics (e.g., tracking, dashboards, aggregation of data) associated with monthly and quarterly reporting

  • Develop and deliver meaningful hands-on training for our clients and internal teams.

Skills and Attributes for Success

  • Supporting a wide range of threat exposures services, including web, application, software security, vulnerability management and testing

  • Staying informed on the latest industry and trends, risks and opportunities, especially regarding vendors and competitors

  • Communicating issues and escalating where necessary to promote collaboration, innovation and timely service

  • Build trusted relationships with client stakeholders.

  • Collaboration with global team members

To qualify for the role you must have

  • A bachelor's degree in Information Systems, Computer Science, Cybersecurity, or related field

  • Three to five years of work experience in dynamic application security testing to configure/analyze/troubleshoot scans

  • Direct experience in Tier 2/3 application security including scripting and automation associated with DAST tools

  • Troubleshooting experience such as looking at stack trace and logs

  • Understanding of web application and web services architecture

  • Knowledge and understanding of security vulnerability including OWASP 10

  • Work with scanning tools such as WebInspect, Fortify Software Security Center, Qualys, Acunetix, and Burp

  • Skills to combine sound technical and security principles with a problem solving approach

  • Foresight to prioritize effectively when working on multiple projects, often with strict deadlines

Ideally, you'll also have

  • Experience preparing SQL statements with MySQL, SQL server, Access

  • Experience with build environments/tools (e.g., VSTS, Jenkins, Maven, GIT)

  • Experience with postman and swagger for REST API and RESTful web services testing using DAST tools

  • Experience with ticketing and workflow tools like ServiceNow, Archer, Jira

  • Knowledge of automation frameworks preferably Selenium

  • SANS associated certs and training

  • Other security/IT community certifications a plus preferably CISSP

What we look for

We're most interested in your attention to detail, and ability to deliver high quality work every time. A drive to provide high quality client service support is key to success at EY.

What working at EY offers

We offer a competitive compensation package where you'll be rewarded based on your performance and recognized for the value you bring to our business. In addition, our Total Rewards package includes medical and dental coverage, both pension and 401(k) plans, a minimum of 22 days of vacation plus ten observed holidays and three paid personal days, and a range of programs and benefits designed to support your physical, financial and social well-being. Plus, we offer:

  • Support, coaching and feedback from some of the most engaging colleagues around

  • Opportunities to develop new skills and progress your career

  • The freedom and flexibility to handle your role in a way that's right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Build your legacy with us.

Apply now.

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Managed Services Threat Detection & Response Security Operations Manager

Ernst & Young LLP

Posted Yesterday

VIEW JOBS 11/14/2019 12:00:00 AM 2020-02-12T00:00 Job Summary: Cyber threats continue to evolve and pose serious risks within the business environment. EY's Cyber Managed Services offering addresses the ongoing operational requirements through the following services: * Threat Detection and Response * Threat Exposure Management * Identity & Access Management * Data Protection Clients retain CMS to defend their environment and respond when threats are detected. As a CMS security professional, you will belong to a globally connected team of security professional delivering 24x7 services from our Dallas Cyber Center. What this means for you At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in "building a more secure and trusted working world," being part of a dynamic team, serving clients and reaching your full potential, EY Cyber Managed Services is for you. Apply today! Key Responsibilities: * The Threat Detection & Response Operations Manager operates out of the Dallas Cybersecurity Center and is responsible for TDR managed services operations and the supervision and guidance of personnel. * Lead a team of Senior Analysts and Analysts performing proactive risk assessment and mitigation services using security monitoring, incident response, threat intelligence, and similar methodologies. * Develop and implement standardized operating procedures for TDR services and engagements. Identify, track, and review relevant metrics to measure the efficiency and effectiveness of services. Participate in research and provide recommendations for continuous improvement. * Manage project planning, engagement administration, budget management, and successful completion of engagements * Demonstrate and apply a thorough understanding of complex enterprise systems. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues. Communicate with the engagement teams, client management, and CMS Leadership through written correspondence and verbal presentations. * Consistently deliver quality client services. Drive high- quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. * Provide technical leadership, supervision, and guidance to Senior Analysts and Analysts. Manage individual and shift performance to consistently meet performance standards. * Coordinate operations and service level projections with partners and stakeholders; provide high level QA of services rendered. * Prepare and coordinate staffing schedules for the site; ensure that scheduling is handled effectively to meet operating requirements * Manage recruitment, training, and development of CMS TDR personnel. * Business continuity and disaster recovery process integration. * Foster an innovative and inclusive team- oriented work environment. Play an active role in counseling and mentoring junior consultants within the firm. To qualify, candidates must have: * Bachelor Degree in Computer Science, Mathematics, Engineering or other related area of study. * 7+ years of overall IT professional experience. * 2+ years of work experience leading Information Security teams. * Proven success developing, implementing, sustaining, and enhancing enterprise information security and risk management programs. * Experience with security monitoring, threat detection, incident response, threat intelligence, prioritization of risk, and coordination of remediation activities across large enterprises. * Experience with a broad range of technologies including: vulnerability management technologies, network technologies, SIEM, visualization platforms, Microsoft Office. * One security- related certification such as the CISSP, CISA, CISM, GIAC or other relevant certification required; non- certified hires are required to become certified within 1 year from the date of hire. * Excellent project management skills. Project Management training/certification preferred. * Experience working with and managing the expectations of diverse stakeholders. Proven ability to inspire teamwork and responsibility within cross-functional groups, and use technology and tools to enhance the effectiveness of deliverables and services. * Demonstrable analytical expertise, decision-making capabilities, attention to detail, critical thinking, logic, solution orientation, and an ability to learn and adapt quickly. * Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Ernst & Young LLP Dallas TX

Cyber Managed Services Application Security Engineer Senior Analyst

Ernst & Young LLP