Cybersecurity - SOAR Engineer - Senior Consultant

$103,800 - $190,300/Yr

Ernst & Young - Providence, RI

posted about 1 month ago

Full-time - Senior
Providence, RI
Professional, Scientific, and Technical Services

About the position

As a Senior Consultant in Cybersecurity - SOAR Engineering at EY, you will play a crucial role in enhancing clients' security operations to effectively counter cybersecurity threats. This position involves deploying advanced security solutions, managing automated playbooks, and collaborating with a global team to address complex information security challenges. Your technical expertise and business acumen will contribute to the mission of improving organizational resilience against cyber threats.

Responsibilities

  • Perform regular updates of existing Playbooks based on requirements provided by operations teams for changes in the Threat Landscape or a client's security controls
  • Drive continuous improvement of existing playbooks to address new threats and tactics employed by attackers
  • Manage an inventory of integrations that enable broader playbook creation
  • Produce new playbooks as threats change and new security tools and controls emerge in the market place based on requirements from operations teams
  • Perform regular reporting on the usage of playbooks and the effectiveness of a playbook to conclusion
  • Develop logic that bridges connectors, tasks and human input to accelerate the response to escalated security incidents
  • Develop connectors that collect, enrich and leverage data from third party and proprietary services
  • Participate in client meetings to further optimize their specific operational plan based on our best practices and operational learnings

Requirements

  • Bachelor's degree with a minimum of 4 years of related work experience, or a Master's degree with approximately 3 years of related work experience in Computer Science, Information Systems, Engineering, Business, or a related field
  • At least 1 year of related work experience with information security systems, including hands-on SOAR technical infrastructure and implementation experience with Microsoft Sentinel, LogicApps, CrowdStrike Falcon Fusion, or Google Chronicle SOAR
  • Knowledge and experience with security orchestration and automation tools such as XSOAR, Falcon Fusion, LogicApps, Splunk SOAR/Phantom, Tines, and ServiceNow SecOps
  • 3+ years of experience in scripting with one or more of the following languages: JavaScript, Python, PowerShell, and various shell scripting
  • Understanding of REST API best practices and usage
  • Excellent analytical and problem-solving abilities, with a strong understanding of leveraging SIEM for enhanced security monitoring and incident response
  • A valid US driver's license and passport are required, with willingness and ability to travel domestically and internationally to meet client needs; estimated travel of 25% - 50% is required

Nice-to-haves

  • Experience working with AI security tools
  • Experience with Microsoft Sentinel, CrowdStrike NextGen SIEM, and Google Chronicle
  • Familiarity with Unix-based command-line tools
  • Proficiency in programming with Python, JavaScript, and/or Bash shell scripting
  • Familiarity with security technologies including Cloud, DLP, firewalls, IDS/IPS, EDR, etc.
  • Familiarity with common open-source research frameworks
  • Possession of or desire to obtain relevant certifications such as CISSP, CISM, CISA, CIPT, CIPM, CRISC, or others

Benefits

  • Comprehensive compensation and benefits package
  • Medical and dental coverage
  • Pension and 401(k) plans
  • Wide range of paid time off options
  • Flexible vacation policy allowing you to decide how much vacation time you need
  • Time off for designated EY Paid Holidays, Winter/Summer breaks, Personal/Family Care, and other leaves of absence

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service