Offers “Ernst & Young”

Expires soon Ernst & Young

Tc_Cyber Security_SRCR__Senior

  • Internship
  • Bengaluru (Bangalore Urban)
  • IT development

Job description



  EY- Cyber Security (SRCR) – Technology Consulting – Business Analyst ( Senior)

As part of our EY Strategy, Risk, Compliance and Resilience (SRCR) Technology Consulting team, you would work on various SRCR projects for our customers across the globe. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team. In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop.

The opportunity

We’re looking for Security Analyst / Consultant in the Technology Consulting team to work on various projects for our customers across the globe. Also, the professional shall need to report any identified risks within engagements and share any issues and updates with senior members of the team.

In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards and is reviewed by the next-level reviewer. As an influential member of the team, you’ll help to create a positive learning culture, coach and counsel junior team members and help them to develop

Your key responsibilities

· 
Responsible for understanding and interpreting event discovery and incident response activities

· 
Full-spectrum incident response support including event discovery, alert notification, investigation, facilitation of containment, facilitating of resolution, and event reporting

· 
Perform mitigation activities for current and residual risk

· 
Assist with project planning and identification of mitigation activities

· 
Support tier-1 analysts in performing day-to-day operations

· 
Maintain a professional communicative relationship with clients and management to provide information throughout the incident, problem, and change management cycles

· 
Coordinate and drive efforts among multiple business units during response activities and post-mortem

· 
Proactive monitoring of internal and external-facing environment using specialized security applications

· 
Provide timely, comprehensive and accurate information in both written and verbal communications

· 
Proactively research and monitor security-related information sources to aid in the identification of threats to client networks, systems and intellectual property

· 
Routinely develop and update incident response playbooks to ensure response activities align with best practices, minimize gaps in response and provide comprehensive mitigation of threats

· 
Develop the requisite expertise, knowledge, and ability to perform independently through mentorship; mentor and share expertise with junior staff

Skills and attributes for success

· 
Knowledge of IT governance formulation, and team management.

· 
Some knowledge of IT risk management, IT standards and policies formulation.

· 
Some knowledge of cybersecurity and Agile methodology.

· 
Should be a good team player.

· 
Excellent verbal and written communication skill.

· 
Proficient Documentation and Power Point skills.

· 
Good social, communication and technical writing skills.

· 
Should interface with internal and external clients.

· 
Strong analytical/problem solving skills.

· 
Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.

· 
Should understand and follow workplace policies and procedures.

· 
Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager.

To qualify for the role, you must have:

· 
Bachelor Degree in Computer Science, Mathematics, Engineering, or other related area of study preferred with 3-5 years of overall IT professional experience.

· 
Hands-on experience as an administrator configuring one or more of SIEM, Endpoint Protection, Vulnerability Scanners, or Data Loss Prevention

· 
Ability to participate in after hours on-call rotation when required

· 
Detailed knowledge of applicable security tools, technologies, and trends

· 
Fundamental understanding of defense-in-depth and intelligence-driven strategies

· 
Working knowledge/experience of network systems, security principles, and applications

· 
Experience with utilizing security tools software such as Splunk, LogRhythn, CarbonBlack, Fidelis, and ServiceNow

· 
Hands-on troubleshooting, analysis, and technical expertise to resolve incidents and service requests; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, security operations etc.

· 
Proven experience performing analysis of security events and incidents, to determine root cause and provide resolution; working experience against advanced persistent threats is well seen;

· 
Strong working knowledge of at least three of the following security tools: host-based antivirus, anti-spam gateway solutions, firewalls, IDS/IPS, server and network device hardening, data loss prevention, forensics software, vulnerability management, website security;

· 
Competence in using both internal and external ticketing systems for ITIL-based incident, problem and change management.

· 
Good understanding of Identity Access Management solutions.

· 
Hands on experience in setting up the Identity and Access Management environment in standalone and cluster environment.

· 
Experience in testing Services based Integration (i.e. REST and SOAP) of role-based access control, Active Directory, LDAP, Single Sign-On, End-User provisioning, identity and access governance, and identity data synchronization services with existing applications and systems.

· 
Experience with scripting / programming skills (e.g., Python, PowerShell, Java, Perl etc.) updated and familiarized with the latest exploits and security trends.

· 
Familiarity with dynamic web application vulnerability scanning tools and services (Acunetix, HP WebInspect, IBM AppScan, BurpSuite, IBM AppScan)

· 
Understanding of network security and popular attacks vectors.

· 
Understanding of web-based application vulnerabilities (OWASP Top 10).

· 
Additional certifications and training preferred in the following areas:  Network Security certifications (CISSP, C|EH, Security+, SANS, ISACA, Vendor Certificates), OSCP, OSWP, Project Management training/certification, and Quality Management (ITIL, Six Sigma, TQM, etc.) training/certification 

Ideally, you’ll also have

· 
Professional certifications such as CompTia Security+, CEH, or CISSP. 

What we look for

· 
A team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.

· 
An opportunity to be a part of market-leading, multi-disciplinary team of 1400 + professionals, in the only integrated global transaction business worldwide.

· 
Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries.

What working at EY offers

 

At EY, we’re dedicated to helping our clients, from start–ups to Fortune 500 companies — and the work we do with them is as varied as they are.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

· 
Support, coaching and feedback from some of the most engaging colleagues around

· 
Opportunities to develop new skills and progress your career

· 
The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in Assurance, Tax, Strategy & transactions and Consulting services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world. 

Apply now

Make every future a success.
  • Job directory
  • Business directory