GPS - Incident Response Analyst - Associate
Ernst & Young Advisory Services Sdn Bhd, Atlanta, GA, United States
Location: Atlanta
Other locations: Primary Location Only
Date: Apr 21, 2026
Requisition ID: 1703648
The opportunity
As an Incident Response Analyst – Associate, you will support security incident response efforts related to information security events or incidents stemming from suspected internal or external threats. This role focuses on executing defined incident response tasks under guidance while gaining hands‑on experience supporting new and evolving enclave security processes. The role provides exposure to multiple security domains and an opportunity to grow technical and investigative skills within a structured incident response program.
Your Key Responsibilities
Assist with acquisition and collection of computer artifacts (e.g., malware, system/user logs, data artifacts) in support of Cyber Defense engagements
Support triage of system assets and assist in determining evidentiary value
Assist with correlating forensic findings to network events
Collect and document system state information (e.g., running processes, network connections)
Support forensic triage activities to help determine scope, urgency, and potential impact
Track and document forensic analysis activities under supervision
Assist with collection, processing, preservation, analysis, and presentation of computer‑related evidence while maintaining chain‑of‑custody requirements
Support coordination efforts with GPS Enclave staff to validate and investigate alerts
Assist with tuning and building alerts and analytics within SIEM platforms
Support Vulnerability Management and DLP solution activities by assisting with validation and documentation
Participate in developing and maintaining incident response procedures and documentation
Assist with analysis of forensic images and contribute to forensic write‑ups
Support documentation and publication of Computer Network Defense (CND) guidance and reports
To qualify for the role, you must have
Bachelor’s Degree in Computer Science, Cybersecurity, Computer Engineering or related field; or equivalent relevant experience
0–2 years of relevant experience or internships in cybersecurity, incident response, or digital forensics
Foundational understanding of Windows operating systems
Basic understanding of SaaS, PaaS, and IaaS cloud concepts
Familiarity with evidence handling procedures and chain‑of‑custody principles
Understanding of common cyber‑attack techniques and MITRE ATT&CK framework
Ability to work collaboratively across physical and virtual locations
Action‑oriented with a proactive approach to learning and problem solving
Ability to operate in high‑security, least‑privilege environments
Ability to obtain and maintain a Top Secret Security Clearance
Ideally, you’ll also have
Exposure to Microsoft Azure and Microsoft 365 environments
Basic familiarity with PowerShell or another scripting language
Introductory experience supporting cloud or endpoint security operations
Awareness of NIST 800‑171 and CMMC security concepts
Entry‑level certifications such as AZ‑900, Security+, or equivalent
What we offer you
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $60,400 to $109,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $72,500 to $124,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40–60% of the time over the course of an engagement, project or year.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well‑being.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities.
#J-18808-Ljbffr
Other locations: Primary Location Only
Date: Apr 21, 2026
Requisition ID: 1703648
The opportunity
As an Incident Response Analyst – Associate, you will support security incident response efforts related to information security events or incidents stemming from suspected internal or external threats. This role focuses on executing defined incident response tasks under guidance while gaining hands‑on experience supporting new and evolving enclave security processes. The role provides exposure to multiple security domains and an opportunity to grow technical and investigative skills within a structured incident response program.
Your Key Responsibilities
Assist with acquisition and collection of computer artifacts (e.g., malware, system/user logs, data artifacts) in support of Cyber Defense engagements
Support triage of system assets and assist in determining evidentiary value
Assist with correlating forensic findings to network events
Collect and document system state information (e.g., running processes, network connections)
Support forensic triage activities to help determine scope, urgency, and potential impact
Track and document forensic analysis activities under supervision
Assist with collection, processing, preservation, analysis, and presentation of computer‑related evidence while maintaining chain‑of‑custody requirements
Support coordination efforts with GPS Enclave staff to validate and investigate alerts
Assist with tuning and building alerts and analytics within SIEM platforms
Support Vulnerability Management and DLP solution activities by assisting with validation and documentation
Participate in developing and maintaining incident response procedures and documentation
Assist with analysis of forensic images and contribute to forensic write‑ups
Support documentation and publication of Computer Network Defense (CND) guidance and reports
To qualify for the role, you must have
Bachelor’s Degree in Computer Science, Cybersecurity, Computer Engineering or related field; or equivalent relevant experience
0–2 years of relevant experience or internships in cybersecurity, incident response, or digital forensics
Foundational understanding of Windows operating systems
Basic understanding of SaaS, PaaS, and IaaS cloud concepts
Familiarity with evidence handling procedures and chain‑of‑custody principles
Understanding of common cyber‑attack techniques and MITRE ATT&CK framework
Ability to work collaboratively across physical and virtual locations
Action‑oriented with a proactive approach to learning and problem solving
Ability to operate in high‑security, least‑privilege environments
Ability to obtain and maintain a Top Secret Security Clearance
Ideally, you’ll also have
Exposure to Microsoft Azure and Microsoft 365 environments
Basic familiarity with PowerShell or another scripting language
Introductory experience supporting cloud or endpoint security operations
Awareness of NIST 800‑171 and CMMC security concepts
Entry‑level certifications such as AZ‑900, Security+, or equivalent
What we offer you
We offer a comprehensive compensation and benefits package where you’ll be rewarded based on your performance and recognized for the value you bring to the business. The base salary range for this job in all geographic locations in the US is $60,400 to $109,600. The base salary range for New York City Metro Area, Washington State and California (excluding Sacramento) is $72,500 to $124,500. Individual salaries within those ranges are determined through a wide variety of factors including but not limited to education, experience, knowledge, skills and geography. In addition, our Total Rewards package includes medical and dental coverage, pension and 401(k) plans, and a wide range of paid time off options.
Join us in our team‑led and leader‑enabled hybrid model. Our expectation is for most people in external, client serving roles to work together in person 40–60% of the time over the course of an engagement, project or year.
Under our flexible vacation policy, you’ll decide how much vacation time you need based on your own personal circumstances. You’ll also be granted time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence when needed to support your physical, financial, and emotional well‑being.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status or any other legally protected basis, including arrest and conviction records, in accordance with applicable law.
EY is committed to providing reasonable accommodation to qualified individuals with disabilities including veterans with disabilities.
#J-18808-Ljbffr