EY
Cyber Triage and Forensics – Junior Analyst
We’re all in at EY to shape your future with confidence. Join a globally connected powerhouse of diverse teams and take your career wherever you want it to go. We help you succeed and build a better working world.
Today's world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and every member of EY Information Security plays a critical role. Join a global team of almost 950 people who collaborate to support the business by protecting EY and client information assets.
Opportunity The Cyber Triage and Forensics (CTF) – Cyber Defense Response Center is responsible for monitoring and detecting information security events that could adversely impact EY information assets and resources. Its mission aligns with both the incident response and attack lifecycles.
Key Responsibilities
Perform front‑line accurate and precise real‑time monitoring and analysis, correlating logs/alerts from a multitude of security devices to determine what constitutes security incidents.
Work multi‑functionally to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations.
Work at a technical level, identifying threats and vectors that cause security events and following defined procedures for mitigating those threats.
Skills and Attributes for Success
Respond to network, cloud and host‑based security events.
Participate in detecting, investigating, and resolving security events.
Work independently.
Identify and propose areas for improvement within Cyber Triage and Forensics.
Possess good interpersonal skills.
Qualifications To qualify for the role you must have:
Bachelor’s in Computer Science, Information Systems, Engineering or 2–3 years of related work experience.
Minimum of 1–2 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC).
Investigating security events, threats and/or vulnerabilities.
Demonstrating incident handling ability.
Analyzing log output from various devices.
Understanding electronic investigation and log correlation.
Proficiency with the latest intrusion detection platforms.
Working knowledge of Windows systems administration (including AD) and/or Linux.
Preferred Qualifications
Information Security principles, technologies and practices.
Experience with multiple security event detection platforms.
Thorough understanding of TCP/IP.
Demonstrated integrity in a professional environment.
Good social, communication and technical writing skills.
Comfortable navigating and troubleshooting Windows system issues.
Desired certifications – any security certification.
What We Look For Under limited supervision, the CTF Analyst I will report to the CTF Global Service Manager. The analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. Familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, cloud security, and defense‑in‑depth strategies is expected.
Compensation & Benefits The base salary range for this position in the U.S. is $60,400 to $109,600. For the New York City Metro Area, Washington State and California (excluding Sacramento) the range is $72,500 to $124,500. Salaries within those ranges are determined by a variety of factors including education, experience, skills and geography.
We offer a comprehensive compensation and benefits package that includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time‑off options.
Our flexible vacation policy allows you to decide how much time off you need and includes EY paid holidays, winter/summer breaks, personal and family care leave, and other absences.
How to Apply EY accepts applications for this position on an ongoing basis. If you live in California, additional information is available. EY is committed to high‑ethical standards and integrity and expects all candidates to demonstrate these qualities.
Equal Employment Opportunity EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you have a disability and need assistance applying online or during any part of the application process, please contact 1‑800‑EY‑HELP3, option 2 for candidate inquiries, then option 1 for candidate queries, and finally option 2 for candidates with a disability inquiry, which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.
Scope of Seniority and Employment
Seniority Level: Entry level
Employment Type: Full‑time
Job Function: Other, Information Technology, and Management
Industry: Professional Services
#J-18808-Ljbffr
Today's world is fueled by vast amounts of information. Data is more valuable than ever before. Protecting data and information systems is central to doing business, and every member of EY Information Security plays a critical role. Join a global team of almost 950 people who collaborate to support the business by protecting EY and client information assets.
Opportunity The Cyber Triage and Forensics (CTF) – Cyber Defense Response Center is responsible for monitoring and detecting information security events that could adversely impact EY information assets and resources. Its mission aligns with both the incident response and attack lifecycles.
Key Responsibilities
Perform front‑line accurate and precise real‑time monitoring and analysis, correlating logs/alerts from a multitude of security devices to determine what constitutes security incidents.
Work multi‑functionally to detect and respond to information security incidents, develop, maintain, and follow procedures for security event alerting, and participate in security investigations.
Work at a technical level, identifying threats and vectors that cause security events and following defined procedures for mitigating those threats.
Skills and Attributes for Success
Respond to network, cloud and host‑based security events.
Participate in detecting, investigating, and resolving security events.
Work independently.
Identify and propose areas for improvement within Cyber Triage and Forensics.
Possess good interpersonal skills.
Qualifications To qualify for the role you must have:
Bachelor’s in Computer Science, Information Systems, Engineering or 2–3 years of related work experience.
Minimum of 1–2 years of experience in one or more of the following:
Working in a Security Monitoring/Security Operations Center environment (SOC).
Investigating security events, threats and/or vulnerabilities.
Demonstrating incident handling ability.
Analyzing log output from various devices.
Understanding electronic investigation and log correlation.
Proficiency with the latest intrusion detection platforms.
Working knowledge of Windows systems administration (including AD) and/or Linux.
Preferred Qualifications
Information Security principles, technologies and practices.
Experience with multiple security event detection platforms.
Thorough understanding of TCP/IP.
Demonstrated integrity in a professional environment.
Good social, communication and technical writing skills.
Comfortable navigating and troubleshooting Windows system issues.
Desired certifications – any security certification.
What We Look For Under limited supervision, the CTF Analyst I will report to the CTF Global Service Manager. The analyst will perform tasks including monitoring, research, classification and analysis of security events that occur on the network or endpoint. Familiarity with the principles of network and endpoint security, current threat and attack trends, a basic understanding of the OSI model, cloud security, and defense‑in‑depth strategies is expected.
Compensation & Benefits The base salary range for this position in the U.S. is $60,400 to $109,600. For the New York City Metro Area, Washington State and California (excluding Sacramento) the range is $72,500 to $124,500. Salaries within those ranges are determined by a variety of factors including education, experience, skills and geography.
We offer a comprehensive compensation and benefits package that includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time‑off options.
Our flexible vacation policy allows you to decide how much time off you need and includes EY paid holidays, winter/summer breaks, personal and family care leave, and other absences.
How to Apply EY accepts applications for this position on an ongoing basis. If you live in California, additional information is available. EY is committed to high‑ethical standards and integrity and expects all candidates to demonstrate these qualities.
Equal Employment Opportunity EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records, in accordance with applicable law. EY is committed to providing reasonable accommodation to qualified individuals with disabilities, including veterans with disabilities. If you have a disability and need assistance applying online or during any part of the application process, please contact 1‑800‑EY‑HELP3, option 2 for candidate inquiries, then option 1 for candidate queries, and finally option 2 for candidates with a disability inquiry, which will route you to EY’s Talent Shared Services Team (TSS) or email the TSS at ssc.customersupport@ey.com.
Scope of Seniority and Employment
Seniority Level: Entry level
Employment Type: Full‑time
Job Function: Other, Information Technology, and Management
Industry: Professional Services
#J-18808-Ljbffr