Advisory Senior Consultant - Cybersecurity - Incident Response Ey
Mclean, VA

Job Description

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Job Summary:

Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.

Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.

Key Responsibilities:

* Develop attack scenarios for tabletops and live- war game events.


* Create tailored incident response plans for major domestic and international clients.


* Detect and respond to potential and actual threats in client's networks using the latest tools, techniques, and best practices.


* Document findings and create well- written technical and executive level intrusion reports.


* Constantly enhance and expand technical knowledge within areas of expertise.


* Deliver guidance and technical training to team members.



To qualify, candidates must have:

* Bachelor's degree and a minimum of 2 years of related work experience; or a Master's degree and 1- 2 years of related work experience.


* Understanding of the IR process and familiarity with known IR standards.


* Windows disk and memory forensics.


* Network Security Monitoring (NSM), network traffic analysis, and log analysis.


* Unix or Linux disk and memory forensics.


* Static and dynamic malware analysis.


* Development and deployment of network- or endpoint- based signatures and correlation rules.


* Applied knowledge in at least one scripting or development language (such as Python).


* Thorough understanding of enterprise security controls in Active Directory and Windows environments.


* Hands- on experience in responding to incidents or penetration tests against Windows, Unix, or web application targets.


* Familiarity with Windows in an enterprise environment is a plus.


* A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required.


* The successful candidate must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISM, or CISSP.



EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.