Cybersecurity Incident Response Coordinator

At EY youll have the chance to build a career as unique as you are with the global scale support inclusive culture and technology to become the best version of you. And were counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself and a better working world for all.

Cyber & Investigative Services Senior Cyber Incident Response Coordinator

EY Technology:
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250000 people in more than 140 countries all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use to the ability to work remotely on our mobile devices and connecting our people and our clients to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
Enterprise Workplace Technology (EWT) EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
Information Security (InfoSec) - InfoSec prevents detects responds and mitigates cybersecurity risk protecting EY and client data and our information management systems.

The opportunity
The Cyber & Investigative Services (CIS) Senior Cyber Incident Response Coordinator will exercise exemplary incident management techniques to coordinate incident response to cybersecurity events or incidents stemming from suspected threats on a global scale. Candidates for the role must have an exceptional comprehension of cybersecurity incident response plans and coordination of activities establish and foster relationships on a global scale and have superb verbal and written communication skills. Additionally candidates must have a sense of diplomacy ability to anticipate obstacles and decision-making skills to handle the fast-paced world of cybersecurity incident management. Advanced skills in cybersecurity incident response incident management chain-of-custody forensics cybersecurity event analysis and hands-on cybersecurity/digital-forensics skills are required.

Your key responsibilities
Coordinate response efforts to cybersecurity incidents caused by external threats that may involve nontraditional working hours
Serve as a liaison and relationship manager to different businesses and interface with fellow team members and colleagues on other Information Security teams as well as manage relationships with business partners management vendors and external parties
Establish foster and maintain relationships with General Counsel Data Privacy/Protection and Risk Management key contacts
Drive and manage integration with other corporate incident management programs to ensure consistency and alignment with peer support teams within IT
Lead process and documentation development and improvements by the Cyber & Investigative Services team
Develop and document processes to ensure consistent and scalable response operations and ensure continuous improvement to the firms global cybersecurity incident response plan
Collaborate with Cyber Incident Response lead to review team performance and deficencies in order to identy areas for improvement as well as institue programs for correction or enhancement
Draft communications and ensure timely reports/updates to leadership for their own cases and the cases of those reporting to them during and after an event/incident
Own and manage the teams internal action playbooks and knowledgebase
Must be willing to be on-call off hours in rotation with other team members (Required)

Skills and attributes for success
An very good comprehension of the incident response lifecycle in theory and practice
The ability to coordinate complex global cybersecurity incidents from the point of incident declaration through resolution
Drive cybersecurity incident gap identification and post incident lessons learned efforts to resolution
Have comprehensive knowledge in all domains of Information Security and associated technologies in the support of collaboration with partnering teams eradication and remediation efforts in support of cybersecurity incidents and appropriate identification and assignment of gaps identified during response efforts
Comfortable managing through ambiguity making thoughtful and sound judgments during stressful environments
Analyze findings in investigative matters and develop fact-based reports
Ability to identify and articulate opportunities for improvement while driving lessons learned activities
Demonstrate integrity and judgment within a professional environment
Inquisitive approach to analysis and peer review
Application of emotional intelligence and calm under pressure
Ability to appropriately balance work/personal priorities
s
To qualify for the role you must have
Education:
o Bachelors or Masters Degree in Computer Science Information Systems Engineering a related field or equivalent experience
Experience:
o 7 years experience in at least two of the following roles:
Security Operations Center (SOC) Analyst/Manager (3 years minimum)
Cybersecurity Incident Coordinator
Cybersecurity Threat Intelligence
Cybersecurity Detection Engineering
Other relevant Cyber Defense functions
Attack & Penetration Testing (Active Defense)
eDiscovery or related role performing forensic functions
o Deep understanding of security threats vulnerabilities and incident response
o Understanding of electronic investigation forensic tools and methodologies including: log correlation and analysis forensically handling electronic data knowledge of the computer security investigative processes malware identification and analysis
o Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
o Understanding of regulatory stipulations regarding security incidents
o Experience with SIEM technologies (i.e. Splunk Sentinel)
o Understanding of both Windows and Unix/Linux based operating systems

Ideally youll also
Candidates must hold or be willing to pursue related professional certifications such as GCFE GCFA GCIH CISA CISM CISSP or CCIM

What we look for
Demonstrated high level of integrity in a professional environment
Ability and experienced in working independently
Have a global mind-set for working with different cultures and backgrounds while fostering and building lasting relationships
Knowledgeable in business industry standard security incident response process procedures and life-cycle
Excellent organizational skills and strong attention to detail
Excellent teaming and management skills
Excellent social communication and writing skills
Excellent customer service skills required

What working at EY offers
We offer a competitive remuneration package where youll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development and with FlexEY you can select benefits that suit your needs covering holidays health and well-being insurance savings and a wide range of discounts offers and promotions. Plus we offer:

Support coaching and feedback from some of the most engaging colleagues around
Opportunities to develop new skills and progress your career
The freedom and flexibility to handle your role in a way thats right for you

EY is committed to be an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly and at times be based at client sites our flexible working arrangements can help you to achieve a lifestyle balance.

About EY
As a global leader in assurance tax transaction and advisory services were using the finance products expertise and systems weve developed to build a better working world. That starts with a culture that believes in giving you the training opportunities and creative freedom to make things better. Whenever you join however long you stay the exceptional EY experience lasts a lifetime.

If you can confidently demonstrate that you meet the criteria above please contact us as soon as possible.
Join us in building a better working world.

Apply now.

EY Building a better working world

EY exists to build a better working world helping to create long-term value for clients people and society and build trust in the capital markets.

Enabled by data and technology diverse EY teams in over 150 countries provide trust through assurance and help clients grow transform and operate.

Working across assurance consulting law strategy tax and transactions EY teams ask better questions to find new answers for the complex issues facing our world today.