As a truly worldwide organization, EY Global Delivery Services spans all geographies, practices, service lines, sectors and competencies with deeply-integrated services. With 18,000 people working from nine centres in five countries, GDS is online everywhere, helping deliver exceptional client service all the time; providing what you need, where you need it.
EY GDS Poland has been in operation since 2011, supporting 30 countries across 12 services in English and non-English languages. Join one of our innovative and highly skilled teams and gain valuable experiences that will last a lifetime.
We are looking for:
The Digital Forensics & Incident Response (DFIR) Analyst will work to address security incidents, hunt down security risks or incidents within the environment, and act as a supporting team member in Cyber Defense. This position requires a thorough understanding of technology, tools, policies, and standards related to security systems and incident response. The incumbent must be competent to work at a high technical level of digital forensic, security incident response, and malware analysis, capable of identifying vectors of threats and security incidents, able to remediate or coordinate remediation efforts of a security incident, and develop documentation to support the security incident response process. Risk assessment techniques and good communication skills are a plus.
Responsibilities:
- Lead investigate, coordinate, bring to resolution, and report on security incidents as they are escalated or identified
- Forensically analyze end user systems and servers found to have possible indicators of compromise
- Analysis of artifacts collected during a security incident/forensic analysis
- Identify security incidents through ‘Hunting’ operations within SIEM
- Interface and communicate with server owners, system custodians, and IT contacts to pursue security incident response activities, including: obtaining access to systems, digital artifact collection, and containment and/or remediation actions
- Provide consultation and assessment on preserved security threats
- Maintain, manage, improve and update security incident process and protocol documentation
- Regularly provide reporting and metrics on case work
Skills and experience requirements
Education:
- Bachelors or Master’s Degree in Computer Science, Information Systems, Engineering or a related field
Experience:
- 5+ years of experience in one or more of the following:
- Deep understanding of security threats, vulnerabilities, and incident response
- Understanding of electronic investigation, forensic tools, and methodologies, including: log correlation and analysis, forensically handling electronic data, knowledge of the computer security investigative processes, malware identification and analysis
- Be familiar with a basic understanding of legalities surrounding electronic discovery and analysis
- Experience with SIEM technologies (i.e. Splunk)
- Deep understanding of both Windows and Unix/Linux based operating systems
- Demonstrated integrity in a professional environment
- Knowledgeable in business industry standard security incident response process, procedures, and life-cycle
- Excellent teaming skills
- Good social, communication and writing skills
Certification Requirements:
- Candidates must hold or be willing to pursue related professional certifications such as GCFE, GCFA, GCIH, CISM, or CISSP
We offer:
- Work in prestigious stable company
- Contact of employment
- Fair salary
- Relocation package
- Participating in interesting projects
- Work in a professional, dynamic, truly global team
- Development opportunities in international multilingual environment
- Attractive social package (sport card, medical insurance, life insurance, wellness & spa program, sport events and many others)
- Language courses
- Modern office space near market square