Senior Consultant - Cyber Defensive Security - Sector Focus Industries, Machelen
Client:
EY
Location:
Machelen, Belgium
Job Category:
Other
EU work permit required:
Yes
Job Reference:
662c0f9527b3
Job Description:
The opportunity
We have ambitious plans to expand our market leading Cybersecurity practice. We continue to build our Cybersecurity practice and are looking for strong individuals with experience and expertise in cyber, more specifically in the domain of Defensive Security.
You will join a team of experts providing cybersecurity services to a wide range of clients in industry and government, both nationally and internationally. You will become part of our Defensive Security team, helping our clients improve their defensive capabilities and protect themselves against evolving threats. Depending on your level of experience, you will also support our go-to-market and solutions in this domain.
Your key responsibilities
Taking into account your experience and maturity, your involvement will vary from assisting in delivering these projects, acting as a subject matter expert or leading a team towards excellent client experience.
In this role, you will be part of the Defensive Security team, focusing on enhancing our clients' security operations and technologies. You will help build and improve defensive security capabilities as part of our project delivery, including designing and managing SIEM and SOAR solutions, conducting SOC assessments, and implementing robust security strategies.
You will also help to enhance and run our CSIRT capabilities for our clients as part of our project delivery. In case of a cyber incident, you will be part of the Incident Response team, respond to cyber incidents and perform forensics investigations.
Defensive Security Implementations & Assessments
* Analyze modern attack techniques and perform intelligence gathering on cyber adversaries.
* Design, implement, and manage Security Information and Event Management (SIEM) systems to enhance security monitoring and incident detection.
* Develop and deploy Security Orchestration, Automation, and Response (SOAR) solutions to streamline and automate security operations.
* Evaluate and assess clients’ defensive setup to improve the effectiveness of existing security operations.
* Perform technical assessments of IT architectures, security design evaluations, network setup and logging and monitoring capabilities.
* Provide guidance and training to clients on best practices for security operations, incident response, and security technology implementation.
* Lead and participate in security tool evaluations and proof-of-concept projects to determine the best fit for clients' needs.
CSIRT & DFIR
* Work with Cyber Threat Intelligence to finetune monitoring capabilities and to perform threat hunting as part of our clients’ CSIRT.
* Build and improve CSIRT Standard Operating Procedures (SOP) and automate incident response.
* Monitor and perform incident analysis and triage.
* Perform incident containment, eradication, and recovery.
* Execute forensic data collection (evidence handling and data acquisitions) and handle the “crime scene.”
* Perform forensic analysis and reporting.
* Malware analysis and reverse engineering.
* Report and present analysis outcomes.
Profile
* You have a Bachelor's or Master’s degree in Computer Science, Cybersecurity, Information Systems, Information Technology, Engineering or a related major.
* You have relevant experience in blue / purple teaming or CSIRT operations, more specifically defensive security implementations, security assessments, incident handling and triage, incident response, forensics or malware analysis.
* You have a strong interest in one of the 2 (or both) domains: Defensive Implementations and Assessments and CSIRT & DFIR.
* You have experience in working independently or as part of a large team to deliver cybersecurity services on its own or within large complex projects.
* Experience may include IT infrastructure, network security and EDR, XDR principles and solutions, Cyber Threat Intelligence platforms (MISP), Incident Response automation tools (The Hive), SANS SIFT and forensics acquisition and analysis tools.
* Experience with SIEM solutions and SOAR.
* Experience implementing and working with MS Defender, SentinelOne AZ Sentinel, Splunk, QRadar or similar solutions.
* You are familiar with the malware anatomy, mode of operations and Indicators of Compromise, MITRE ATT&CK framework.
* You keep up-to-date with latest exploits, tactics, techniques and procedures (TTP), vulnerability remediation and security trends.
* You have knowledge of Windows, Linux, Unix and preferably some of the following: MacOS, Android, iOS and any other major operating systems.
* Knowledge of cloud technologies and Azure AD is considered a plus.
* You have experience with scripting / programming skills (Python, PowerShell, Java, Perl, Ruby etc.).
* Possession of relevant qualifications: GCFE, GCFA, GCT, GREM, GRID, GASF, GNFA, BTL(1,2) or similar are an asset.
* You have an analytical mindset, strive for quality and are able to work in a result-oriented environment.
* You have the ability to work both independently as well as within a team.
* You provide technical leadership and advice to other team members on defensive security.
* Fluent in either Dutch or French - Professional knowledge of English.
Our Offer
A career with EY is not comparable with any other. With us, your competencies and your areas of interest will determine your future, so we offer you:
* A strong team with ambitious growth, which will allow you to work with prominent national and global organizations.
* A clear career path and the opportunity to shape your own career.
* A dynamic working environment, working with our experts on hot cyber topics.
* Challenging project journeys and a position with a high degree of autonomy and responsibility.
* An environment that continuously stimulates personal development, provides extensive trainings and renowned certifications.
* Flexible working arrangements, support for a good work-life balance.
* A competitive remuneration package.
Here at EY, you’ll have the chance to build a truly exceptional experience. We’ll empower you with the latest technology, surround you with high-performing teams, and provide the global scale and diverse and inclusive culture you need to discover your full potential. Through our coaching and training programs, you’ll develop the skillsets you need to stay relevant today and in the future – all while building a network of colleagues, mentors, and leaders who will be on the journey with you at EY and beyond.
#J-18808-Ljbffr