Level 2 (L2) SOC AnalystJob Summary:The role will monitor cybersecurity consoles, dashboards, and/or feeds and perform alert triage and analysis, initial incident scoping and documentation, ticket escalation, and attack disruptions for pre-defined/approved conditions.Key Responsibilities:Monitor SOC mailbox, IT ticketing system, hotline, threat intelligence feeds, endpoint/data loss prevention consoles, and other security tools for alerts.Collect forensic artifacts on suspicious workstations and analyze with forensic analysis tools.Identify and propose areas for operational improvement within the SOC.Coordinate internal response coordination.Provide feedback on security control capability gaps based on security intrusion trends.Develop and maintain analytical procedures to improve security incident identification efficiency.Triage and validate alerts, and if warranted, escalate to Level 3 analysts or Team Lead.Support incident response activities, as needed.Adhere to approved SOC documentation, processes, and procedures.Assist in developing, coordinating, and implementing SOC documentation.Provide input to SOC operation metrics and reports.Provide input to SOC shift change reports to maintain continuity of operations.Knowledge, Skills and Experience Requirements:Minimum of 3 years of professional experience in operating, managing, designing, implementing, maintaining, or supporting cybersecurity technology.Minimum of 3 years of professional experience in SOC operations and/or incident response.Understanding of technologies and solutions utilized in cybersecurity and networks (SIEM, SOAR, Firewalls, IAM, IDS/IPS, Endpoint Protection, Threat Management/Intelligence).Strong understanding of intrusion detection concepts and information security defense.Knowledge of current hacking techniques, vulnerability disclosures, data breach incidents, and security analysis techniques.Experience in SOC documentation development.Understanding of incident response analysis skills, SURGE Collect.Forensic artifact examination with Volatility.Proven experience with multiple security event detection platforms.Thorough understanding of TCP/IP.Understand basic IDS/IPS rules to identify and/or prevent malicious activity.Soft Skills:Full professional proficiency in English, especially in technical writing and verbal communication.Demonstrated integrity in a professional environment.Completed technical higher education in the field of computer science or related field.Possession of certificates or education related to cybersecurity, information technology, or engineering.Possession of cybersecurity certifications, CISSP, GCIH, GMON, GSOC.What working at EY offers:Skills development in the cybersecurity domain.Executive communication skills.Opportunities for professional development at EY.Certifications via external and internal training.Conference attendance.#J-18808-Ljbffr