Cyber Security Detection and Response Engineer

Beschreibung

Location: Katowice - 2 days in office / 3 days remote Let us introduce you the job offer by EY GDS Poland – a member of the global integrated service delivery center network by EY. We are delighted to extend an invitation for you to join the esteemed Cybersecurity Detection & Response (CDR) team within the GDS PL Consulting division. In this pivotal role, you will have the opportunity to contribute to groundbreaking projects across a multitude of critical domains, including Security Information and Event Management (SIEM), Security Operations Centers (SOC), Cyber Threat Intelligence, Endpoint Detection and Response (EDR), Network Security, and Incident Response. Your expertise will play a key role in shaping the cybersecurity landscape and protecting our clients from emerging threats. The opportunity As an integral part of our dynamic team, you will engage in a wide spectrum of project-based work encompassing areas such as design, deployment, consultancy, modifications, and incident response. It is imperative to acknowledge that the nature of these projects is highly diverse and will require a flexible mindset and readiness to adapt. Your involvement in these projects will be carefully considered, taking into account both your unique skill set and your openness to embrace varied assignments

Wir bieten

• EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across nine locations – Argentina, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.

• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.

• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

Anforderungen

• Scripting knowledge (Python, Bash, PowerShell)

• Modern virtualization solutions (Kubernetes/OpenShift/Docker, KVM, VMWare)

• Familiarity with security automation tooling and DevSecOps paradigm

• Familiarity with OT/ICS and Zero-Trust reference architecture

• Preferably holding one of the relevant Microsoft (MS) certifications (e.g. SC-200, MS-500, AZ-500); and industry standard certifications (e.g. CISSP, SSCP, CCSP, CISM, ECSA)

• Experience in people management roles

• Proficiency in AI and machine learning applications, with experience utilizing Copilot.

• Experience in writing or assisting in the Requests for Proposals process

Zakres obowiązków

• As a valued member of the Cybersecurity Detection & Response team, you will be actively involved in a diverse array of projects, tailored to align with our clients' requirements as well as your professional expertise. Additionally, your participation will extend to contributing to the strategic development and expansion of the Cybersecurity Detection & Response (CDR) team. This will include designing new functionalities and solutions, optimizing existing processes and system components, creating prototypes and proof‑of‑concepts for new or enhanced modules, as well as researching technological possibilities and analyzing emerging trends.

Anforderungen

• Experience in at least one of the leading SIEM solutions on the market (Microsoft Sentinel, Splunk, Elasticsearch, Google Chronicle)

• Good knowledge of distributed IT environments, preferably hands-on experience in major Cloud Infrastructures (Microsoft Azure, Amazon Web Services, Oracle Cloud Infrastructure, Google Cloud Platform)

• Advanced skills in Linux (RedHat, Debian) and Microsoft Windows operating systems security

• Familiarity with cybersecurity frameworks and threat models (MITRE ATT&CK, Cyber Kill Chain, STRIDE)

• Familiarity with cybersecurity standards (ISO27001, NIST, CSIRT, CISA)

• Good understanding of TCP/IP networks and deployment models (cloud, hybrid and on-premises)

• Familiarity with High Availability technologies and other resilience solutions

• Documentation skills, including creating and reviewing policies, procedures, SOPs, playbooks, and post-implementation documents

• Proficiency in English at the C1 level

• Willingness and preparedness for travel as required by project needs