Cyber Managed Services Threat Detection & Response Threat Hunter

Ernst & Young LLP Dallas , TX 75201

Posted 2 months ago

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Job Summary:

Cyber threats continue to evolve and pose serious risks within the business environment. EY's Cybersecurity Managed Service (CMS) offering addresses the ongoing operational requirements through the following services:

  • Threat Detection and Response

  • Threat Exposure Management

  • Identity & Access Management

  • Data Protection

Clients retain CMS to defend their environment and respond when threats are detected. As a CMS security professional you will belong to a globally connected team of security professional delivering 24x7 services from our Dallas Cyber Center.

What this means for you:

At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in "building a more secure and trusted working world," being part of a dynamic team, serving clients and reaching your full potential, EY Advisory Services is for you. Apply today!

Key Responsibilities:

  • Responsible for understanding and interpreting event discovery and incident response activities

  • Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting

  • Document or communicate clearly and concisely results of threat hunt sessions to a wide array of audiences that includes engineers, analysts, CTI, and/or executives

  • Assist with project planning and identification of mitigation activities

  • Support tier-1 analysts in performing day-to-day operations

  • Use MITRE ATT&CK, VERIS, Kill Chain concepts to develop prioritization and rationalization of threat hunting scenarios relative to objectives.

  • Coordinate and drive efforts among multiple business units during response activities and post-mortem

  • Proactive monitoring of internal and external-facing environment using specialized security applications

  • Manipulate data and/or processes in automated or custom ways to produce timely output from complex threat analysis requirements

  • Assess available data, relevant security controls/technologies, risk, and from those assessments come up with a methodology to hunt for threats iteratively and repeatable.

  • Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property

  • Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats

  • Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor and share expertise with junior staff

To qualify, candidates must have:

  • Bachelor Degree in Computer Science, Mathematics, Engineering, or other related area of study preferred with 3-5 years of overall IT professional experience.

  • At least 2+ years of work experience in Information Security, preferably in a security operations and/or incident response type role.

  • Ability to participate in after hours on-call rotation when required; Due to the nature of the business the Cyber analyst position covers all shifts 24/7

  • Detailed knowledge of applicable security tools, technologies, and trends that can be used to aid threat analysis

  • Deep understanding of different threat hunting types, methods based on available technologies, and defining targets, hypothesis, and goals based on constrained data/requirements.

  • Experience with utilizing security tools software such as Splunk, LogRhythm, CarbonBlack, Fidelis, and ServiceNow

  • Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.

  • Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;

  • Strong working knowledge of 3 or more of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;

  • Competent in using ticketing systems for ITIL-based incident, problem and change management.

  • Additional certifications and training preferred in the following areas: GCIH, GCIA, GCFA, GCNA, GPYC, CCTHP, Project Management training/certification, and Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification

EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Cyber Managed Services Threat Detection & Response Operations Center Manager

Ernst & Young LLP

Posted 4 days ago

VIEW JOBS 11/8/2019 12:00:00 AM 2020-02-06T00:00 Job Summary: Cyber threats continue to evolve and pose serious risks within the business environment. EY's Cybersecurity as a Service (CaaS) offering addresses the ongoing operational requirements through the following services: * Threat Detection and Response * Threat Exposure Management * Identity & Access Management * Data Protection Clients retain CaaS to defend their environment and respond when threats are detected. As a CaaS security professional, you will belong to a globally connected team of security professional delivering 24x7 services from our Dallas Cyber Center. What this means for you At EY, we believe your career is a journey and we are committed to providing you an array of exciting opportunities to help you find the career path that is right for you. In this role, you will have the opportunity to team with a wide variety of clients to deliver professional services and to actively participate in a rapidly growing practice. With each engagement, you can expect to build leadership, communication and client-management skills, as well as sharpen your problem-solving capabilities. EY Security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. If you are interested in "building a more secure and trusted working world," being part of a dynamic team, serving clients and reaching your full potential, EY Cybersecurity as a Service is for you. Apply today! Key Responsibilities: * The TEM Operations Manager operates out of the Dallas Cybersecurity Center and is responsible for TEM managed services operations and the supervision and guidance of personnel. * Lead a team of Senior Analysts and Analysts performing proactive risk assessment and mitigation services using vulnerability management, configuration management, and similar methodologies. * Develop and implement standardized operating procedures for TEM services and engagements. Identify, track, and review relevant metrics to measure the efficiency and effectiveness of services. Participate in research and provide recommendations for continuous improvement. * Manage project planning, engagement administration, budget management, and successful completion of engagements * Demonstrate and apply a thorough understanding of complex enterprise systems. Use knowledge of the current IT environment and industry trends to identify engagement and client service issues. Communicate with the engagement teams, client management, and CaaS Leadership through written correspondence and verbal presentations. * Consistently deliver quality client services. Drive high- quality work products within expected timeframes and on budget. Monitor progress, manage risk and ensure key stakeholders are kept informed about progress and expected outcomes. * Provide technical leadership, supervision, and guidance to Senior Analysts and Analysts. Manage individual and shift performance to consistently meet performance standards. * Coordinate operations and service level projections with partners and stakeholders; provide high level QA of services rendered. * Prepare and coordinate staffing schedules for the site; ensure that scheduling is handled effectively to meet operating requirements * Manage recruitment, training, and development of CaaS TEM personnel. * Business continuity and disaster recovery process integration. * Foster an innovative and inclusive team- oriented work environment. Play an active role in counseling and mentoring junior consultants within the firm. To qualify, candidates must have: * Bachelor Degree in Computer Science, Mathematics, Engineering or other related area of study. * 7+ years of overall IT professional experience. * 2+ years of work experience leading Information Security teams. * Proven success developing, implementing, sustaining, and enhancing enterprise information security and risk management programs. * Experience with vulnerability management, vulnerability assessment, prioritization of risk, and coordination of remediation activities across large enterprises. * Experience with a broad range of technologies including: vulnerability management technologies, network technologies, SIEM, visualization platforms, Microsoft Office. * One security- related certification such as the CISSP, CISA, CISM, GIAC or other relevant certification required; non- certified hires are required to become certified within 1 year from the date of hire. * Excellent project management skills. Project Management training/certification preferred. * Experience working with and managing the expectations of diverse stakeholders. Proven ability to inspire teamwork and responsibility within cross-functional groups, and use technology and tools to enhance the effectiveness of deliverables and services. * Demonstrable analytical expertise, decision-making capabilities, attention to detail, critical thinking, logic, solution orientation, and an ability to learn and adapt quickly. * Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification preferred. EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Ernst & Young LLP Dallas TX

Cyber Managed Services Threat Detection & Response Threat Hunter

Ernst & Young LLP