GDS Consulting_Cyber Detection & Response Senior

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all.

Service line: Cyber Security - Position Title: Senior Incident Response Analyst
At EY, we're all in to shape your future with confidence.
We'll help you succeed in a globally connected powerhouse of diverse teams and take your career wherever you want it to go.
Join EY and help to build a better working world.
About Global Delivery Services
Global Delivery Services refers to EY's worldwide network of service delivery centers. The GDS team plays an important role in EY's strategy by ensuring effective support to EY's growth agenda.
Our journey started in 2002 with approximately 200 people. Today we stand at 80,000+ professionals in ten locations around the world. We operate in Argentina, China, Hungary, India, Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom.
Client service is focused on providing Consulting, Assurance, Tax, Strategy & Transactions, and Knowledge support to our clients around the world. The teams enable account teams worldwide to provide seamless, high-quality, value-added support, helping deliver exceptional client service.
Enablement Services provides cost-effective, high-skilled, and innovative services to support EY's global and local enablement teams. Markets, BMC, AWS, Finance and Accounting, Risk Management, Procurement, People Shared Services, IT Service Delivery and IT Global Infrastructure services, are among the services offered by Enablement Services.
Our innovation specialists serve the GDS Client Service and Enablement Services teams, along with Service Lines, Core Business Services and Sectors. The team brings the desired environment, technologies and skilled teams together for facilitation, rapid prototyping and innovative thinking. The competencies offered include analytics, digital, user experience, mobile technology, infrastructure, Microsoft technologies and open innovation.

The Opportunity
As a Senior Incident Response Analyst, you will play a pivotal role in EY's global cybersecurity operations, leading efforts to detect, investigate, contain, and remediate complex security incidents across cloud, on-premise, and hybrid environments. You will work with cutting-edge technologies and global teams to protect EY's infrastructure, assets, and data from evolving cyber threats.
In this role, you will leverage your technical expertise and analytical skills to perform advanced threat analysis, digital forensics, and root cause investigations. You will guide and mentor junior analysts, enhance detection and response capabilities, and contribute to the continuous improvement of incident response processes and playbooks.
This opportunity allows you to be part of a global, high-impact cyber defense team, where you'll collaborate with leading experts, utilize advanced security tools, and help shape EY's proactive defense strategy. You'll play a key role in ensuring organizational resilience, operational readiness, and trust in EY's digital ecosystem.

Your Key Responsibilities
. Tier 3 Security Incident Response:
. Conduct Tier 3 security incident response for application, network, and infrastructure security alert events.
. Utilize documented procedures and in-house security technologies to manage incidents effectively.
. Coordination and Task Assignment:
. Assign containment, eradication, and recovery tasks to appropriate resource teams.
. Ensure clear communication and coordination with relevant teams during incident response activities.
. Response Actions and Host Management:
. Perform response actions on managed hosts where the Security Operations Center (SOC) team has requisite access and permissions.
. Isolate suspected compromised or infected hosts and execute other pre-approved actions to disrupt cyberattacks.
. Incident Clarification and Communication:
. Clarify incident information and recommend containment, eradication, and recovery actions to the cyber defense team.
. Participate in cyber defense calls related to cybersecurity incidents and provide updates as needed.
. Peer Review and Quality Assurance:
. Conduct periodic peer reviews of Tier 2 analyst work to identify trends in effectiveness and areas for improvement.
. Provide constructive feedback to enhance the overall quality of incident response efforts.
. Escalation and Reporting:
. Engage relevant parties for issue escalation and reporting.
. Ensure timely communication of critical incidents and status updates to stakeholders, including executive management.
. Coordination and Best Practices:
. Collaborate with global teams to standardize incident response procedures and share best practices.
. Adapt response strategies to accommodate different regional and regulatory requirements.
. Continuous Improvement and Learning:
. Stay updated with the latest cybersecurity threats, trends, and technologies.
. Contribute to the development and enhancement of incident response processes and playbooks.
. Documentation and Analysis:
. Maintain comprehensive documentation of all incidents, actions taken, and lessons learned.
. Analyze incident data to identify patterns, improve detection capabilities, and prevent future incidents.
. Responsible for decision-making, optimizing processes, resource management, and overseeing team management as needed for task execution.

. Accountable for allocating personnel, supervising team members, assigning tasks, ensuring that the team has the necessary tools and support to succeed in their roles and optimizing and evaluating their performance to meet organizational goals.

Skills and attributes for success
Ideally, you'll also
. Proven experience in incident response, threat hunting, and digital forensics within enterprise or managed security environments.
. Strong knowledge of cyberattack tactics, techniques, and procedures (TTPs), aligned with frameworks such as MITRE ATT&CK.
. Proficiency with SIEM tools (e.g., Splunk, Microsoft Sentinel), EDR platforms (e.g., CrowdStrike, Defender for Endpoint), and SOAR automation frameworks.
. Experience conducting log analysis, packet inspection, and malware triage to identify and mitigate threats.
. Expertise in analyzing incidents involving cloud environments (AWS, Azure, GCP) and hybrid infrastructure.
. Familiarity with threat intelligence integration, playbook automation, and incident post-mortem reporting.
. Strong understanding of network protocols, operating systems, and security controls.
. Ability to communicate technical findings clearly to both technical and non-technical stakeholders.
. Experience mentoring or guiding junior analysts, fostering knowledge sharing and operational maturity.
. Strong documentation and reporting skills to support compliance, governance, and continuous improvement efforts.
. Relevant professional certifications such as GCIH, GCFA, GCIA, CEH, CISSP, or CCIR will be a strong advantage.

What we look for
. 3-5 years related experience in cybersecurity operations, particularly in a SOC or similar environment.
. Proficiency in using security monitoring tools, such as Sentinel SIEM systems, IDS/IPS, EDR - Microsoft Defender, XSOAR - SOAR solutions.
. Strong knowledge of application, network, and infrastructure security.
. Excellent analytical, problem-solving, and decision-making skills.
. Ability to work under pressure and manage multiple incidents simultaneously.
. Strong communication and teamwork skills, with the ability to coordinate with cross-functional teams.
. Familiarity with global cybersecurity standards and regulatory requirements.
What we offer you
At EY, we'll develop you with future-focused skills and equip you with world-class experiences. We'll empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn more.
Are you ready to shape your future with confidence Apply today.
To help create an equitable and inclusive experience during the recruitment process, please inform us as soon as possible about any disability-related adjustments or accommodations you may need.

Our Commitment: As a commitment, we persistently endeavour to embody our values, fulfil our purpose, and champion inclusiveness. Our dedication is to cultivate EY into an environment where diverse perspectives are celebrated, creating a supportive atmosphere for individuals to authentically be themselves and contribute their utmost.
Professional Development: From entry-level employees to senior leaders, we believe in continuous learning. We offer opportunities to build new skills, take on leadership roles, and connect and grow through mentorship.
People and Culture: In our dynamic workplace, diversity, equity, and inclusiveness are ingrained in our culture. We're united by a commitment to create an environment where every individual's differences are valued, practices are equitable, fostering a sense of belonging. Our shared values include integrity, respect, teaming, inclusiveness, energy, enthusiasm, courage to lead, and building relationships based on doing the right thing.
Benefits: Embark on a transformative career journey with us and indulge in a suite of premium benefits, encompassing exclusive health and wellness packages, enticing rewards, and cutting-edge learning opportunities that empower you to continually grow and excel in your professional and personal development.
How to Apply: If you are passionate to join us and are aligned with our commitment to building a better working world, we invite you to apply by completing our user-friendly form with personal and professional information and by providing your consent to data privacy.
Successful candidates advance to a competency-based interview. If mutual interest persists, a job offer awaits.
We are an equal opportunity employer and are committed to Diversity, Equity & Inclusion.

EY | Building a better working world
EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets.
Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow.
EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fueled by sector insights, a globally connected, multi-disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.