4 Defender Atp Jobs

A career in our Advisory Service Delivery Centre is the natural extension of PwC's leading-class global delivery capabilities. We provide premium, cost-effective, high-quality services that support process quality and,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. As part of our EY-cyber security team, you will work as a SOC analyst who will assist clients in detecting and responding to security incidents with the support of their SIEM, EDR, and NSM solutions. We are looking for a Security Analyst with experience in SIEM, EDR, and NSM solutions. Your key responsibilities include: - Providing operational support using SIEM solutions (Splunk, Sentinel), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Handling the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, and NSM solutions. - Providing near real-time analysis, investigation, and reporting security incidents for customers. Skills and attributes for success: - Customer Service oriented - meets commitments to customers and seeks feedback from customers to identify improvement opportunities. - Good knowledge of SIEM technologies such as Splunk, Azure Sentinel from a Security analyst's point of view. - Exposure to IOT/OT monitoring (Claroty, Nozomi Networks, etc.) is a plus. - Good knowledge and experience in Security Monitoring. - Good knowledge and experience in Cyber Incident Response. - Knowledge in Network monitoring technology platforms such as Fidelis XPS, ExtraHop. - Knowledge in endpoint protection tools, techniques, and platforms such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. To qualify for the role, you must have: - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Demonstrate both technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification - CEH, ECSA, ECIH, Splunk Power User. Working at EY offers: At EY, we're dedicated to helping our clients, from startups to Fortune 500 companies, and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: - Support, coaching, and feedback from some of the most engaging colleagues around. - Opportunities to develop new skills and progress your career. - The freedom and flexibility to handle your role in a way that's right for you. EY | Building a better working world: EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform, and operate. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of yourself. And EY is counting on your unique voice and perspective to help the organization become even better. Join us and build an exceptional experience for yourself, and contribute to creating a better working world for all. As a CMS-TDR Staff at EY, you will be part of the cyber security team and work as a SOC analyst to assist clients in detecting and responding to security incidents with the support of SIEM, EDR, and NSM solutions. **The Opportunity:** We are seeking a Security Analyst with experience in SIEM, EDR, and NSM solutions. **Your key responsibilities include:** - Providing operational support using SIEM solutions (Splunk, Sentinel, CrowdStrike Falcon LogScale), EDR Solution (Defender, CrowdStrike, Carbon Black), NSM (Fidelis, ExtraHop) for multiple customers. - Performing the first level of monitoring and triaging of security alerts. - Conducting initial data gathering and investigation using SIEM, EDR, NSM solutions. - Providing near real-time analysis, investigation, and reporting of security incidents for customers. **Skills and attributes for success:** - Customer Service oriented with a commitment to meeting customer needs and seeking feedback for improvement. - Hands-on knowledge of SIEM technologies like Splunk, Azure Sentinel, CrowdStrike Falcon LogScale from a Security analyst's perspective. - Exposure to IOT/OT monitoring tools like Claroty, Nozomi Networks is a plus. - Good knowledge and experience in Security Monitoring and Cyber Incident Response. - Familiarity with Network monitoring platforms like Fidelis XPS, ExtraHop and endpoint protection tools such as Carbon Black, Tanium, CrowdStrike, Defender ATP, etc. **To qualify for the role, you must have:** - B. Tech./ B.E. with sound technical skills. - Ability to work in 24x7 shifts. - Strong command of verbal and written English language. - Technical acumen and critical thinking abilities. - Strong interpersonal and presentation skills. - Hands-on experience in SIEM, EDR, and NSM solutions. - Certification in any of the SIEM platforms. - Knowledge of RegEx, Perl scripting, and SQL query language. - Certification such as CEH, ECSA, ECIH, Splunk Power User. **What working at EY offers:** At EY, you will work on inspiring and meaningful projects with a focus on education, coaching, and personal development. You will have opportunities for skill development, career progression, and the freedom to handle your role in a way that suits you best. EY offers support, coaching, and feedback from engaging colleagues, along with an environment that emphasizes high quality and knowledge exchange. EY is dedicated to building a better working world, creating value for clients, people, and society, and building trust in the capital markets. With diverse teams in over 150 countries, EY provides trust through assurance and helps clients grow, transform, and operate across various domains.,

Key Responsibilities: Lead advanced incident response, including triage, containment, eradication, and root cause analysis. Perform forensic investigations, malware analysis, and threat hunting activities. Manage and fine-tune enterprise security solutions: SIEM, EDR, NDR, firewalls, IDS/IPS, DLP, WAF, VPNs , etc. Act as a subject matter expert (SME) for escalated security events from L1/L2 teams. Review and update runbooks, threat detection rules, and incident response procedures. Collaborate with threat intelligence teams to analyze IOCs, TTPs, and emerging threats. Perform regular vulnerability assessments and coordinate patch management with IT/DevOps. Conduct security reviews of infrastructure, applications, and network architecture. Ensure compliance with ISO 27001, NIST, GDPR, PCI-DSS , or other applicable standards. Automate security operations and incident response workflows using tools/scripts (e.g., Python, PowerShell). Mentor junior engineers and conduct technical training sessions. Required Skills and Qualifications: Bachelor's or Master's degree in Information Security, Computer Science, or related field. 510 years of hands-on experience in cybersecurity, with at least 23 years in an L3 or advanced SOC role. Expertise in managing and troubleshooting security tools: SIEM (Splunk, QRadar, ArcSight, etc.) EDR/XDR (CrowdStrike, SentinelOne, Defender ATP) Firewalls (Palo Alto, Fortinet, Cisco ASA) IDS/IPS, DLP, VPN, NAC, etc. Strong knowledge of cyberattack techniques , threat detection , and incident response lifecycle . Familiarity with MITRE ATT&CK , Cyber Kill Chain , STIX/TAXII , and YARA rules . Proficiency in scripting or automation (Python, Bash, PowerShell). Excellent documentation, troubleshooting, and analytical skills.