Technology Consulting - Cyber Security - Cyber Operation - SOC Engineer - HK

The opportunity

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As a cyber security professional, you will lead the implementation support of security solutions for EY clients and support the clients in their desire to protect the business. You will belong to an international connected teams of professionals helping clients with their most complex information security needs and contributing toward their business resilience. You will be working with EY Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime. We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with leading class talent in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Your key responsibilities

• Review the logs generated by the security device and process the alarm tickets on the SOC (Security Operation Center) platform
• Conduct emergency response and traceability analysis of security incidents such as viruses, Trojan horses and network attacks, and generate emergency response reports and solutions
• Deploy, maintain, upgrade, repair, and optimize SOC-related solutions
• Optimize the audit strategy and the rules of SOC to improve the efficiency and accuracy
• Provide advice on the customer's SOC operation status
• Assist service managers to improve customer satisfaction through incident closed-loop, emergency response, etc.
• Participate in system architecture design and technical exchanges
• Assist in solving security technical problems in other projects

Skills and attributes for success

• Practical working experience in the daily operation of SOC such as security incident investigation, tracking and traceability, and response
• Knowledge in principles, intrusion, and detection tools of various types of malwares
• Knowledge in phenomena, hazards, and transmission methods of zombies, Trojans, worms, mining, and ransomware
• Knowledge in principles, hazards, exploits and fixes of common web security vulnerabilities
• Familiar with OWASP TOP10 and common Windows and Linux security mechanisms
• Familiar with logging and monitoring technologies, including but not limited to various SIEM platforms (e.g., Splunk, ELK, IBM Qarader), SOAR, Kafka, Apache Nifi, etc

To qualify for the role you must have

• Bachelor’s degree in Computer Science, Information Systems or related disciplines
• 1 to 3 years’ relevant experience in support and implementation of cyber security infrastructure
• Ability to Threaten Hunting and knowledge in Mitreat frameworks
• Experience in security incident handling and traceability analysis
• Good command of English and Chinese languages, both spoken and written

Ideally, you’ll also have

• Ability to develop USECASE based on the MITRE ATT&CK framework and alert in a timely manner
• Proficiency in Bash, PowerShell, and Python
• Related qualifications and/or industry certifications such as CISSP, CCSP, CCIE, CEH, OSCP, CREST, or equivalent.

What working environment at EY offers

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

About EY

As a global leader in assurance, tax, transaction and advisory services, we hire and develop the most passionate people in their field to help build a better working world. This starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. So that whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Make your mark.

Apply now.