EY - Lead Analyst - Cyber Security

Description :

Role : EY -Lead Analyst- Cybersecurity

As a global leader in assurance, tax, transaction, and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you training, opportunities, and creative freedom.

At EY, we don't just focus on who you are now, but who you can become. We believe that it's your career and 'It's yours to build' which means potential here is limitless and we'll provide you with motivating and fulfilling experiences throughout your career to help you on the path to becoming your best professional self.

The opportunity :

Our FSRM team is a fast-moving, high-growth area with huge potential. It offers variety, challenge, responsibility, and the opportunity to realize your leadership potential.

Our Financial Services Risk Management (FSRM) practice focuses on risk management, regulatory, quantitative, and technology backgrounds.

The breadth of experiences of FSRM professionals enables the practice to coordinate the delivery of a broad array of risk management services to capital market participants throughout the world in a well-integrated manner.

Key Responsibilities & Attitude :

• Work as a senior member of the Monitoring and Threat Detection team within an Analysis POD tasked with triage of threat detection events from across the entire global HSBC technology estate.
• Collaborate with colleagues across Threat Detection and Incident Management areas to ensure a rapid and focussed identification and escalation of potential threat events.
• Provide support into Incident Response actions, providing SME knowledge to ensure continuity and depth of investigation.
• Involvement in Purple Team and Threat Simulation activities, ensuring that the detection capability is accurately assessed and validated.
• Collaborate with the Threat Hunters on hypothesis driven threat hunt and advanced data analysis.
• Apply structured analytical techniques and critical thinking to ensure consistent triage of threat events.
• Contribute to post-incident reviews, ensuring that output is captured and use to continually improve detection posture.
• Provide quality assurance and oversight to investigation tickets, ensuring that ideas for improvement and training are captured in an objective manner.
• Provide expert-level advice and technical leadership to the team, driving the continued evolution of hunting, monitoring, detection, analysis and response capabilities and processes.
• Train, develop, mentor, and inspire cybersecurity colleagues in area(s) of specialism.
• Review technical threat intelligence reports and apply detailed analysis of Indicators of Attack to ensure that we are able to defend against similar threats.
• Identifying new SIEM detection use cases, taking end-to-end ownership of the delivery including testing, triage documentation and training requirements.
• Identify processes that can be automated and orchestrated to ensure maximum efficiency of Global Cybersecurity Operations resources, reducing manual repetitive tasks where possible.

Functional Knowledge :

(ref : hirist.tech)