Cyber Triage and Forensic Senior Analyst

Overview Cyber Triage and Forensic Senior Analyst role at EY. EY is a global professional services firm focused on protecting information assets and enabling secure, trusted services. The Information Security team supports the business by protecting EY and client information assets, detecting and responding to security events, and enabling secure products and services. Your Responsibilities Investigate, coordinate, bring to resolution, and report on security incidents as they are identified Forensically analyze end user systems and servers with possible indicators of compromise Analyze artifacts collected during a security incident or forensic analysis Identify incidents through hunting using SIEM, EDR, and other tools Interact with server owners, system custodians, and IT contacts to pursue incident response activities, including access, artifact collection, containment, and remediation Provide consultation and assessment on perceived security threats Maintain and update incident response process and protocol documentation Provide regular reporting and metrics on case work Resolve incidents by identifying root causes and implementing solutions Analyze findings in investigations and develop fact-based reports Be on-call to deliver global incident response Skills & Attributes for Success Ability to resolve security incidents by identifying root causes and solutions Ability to analyze findings and develop fact-based reports Integrity and judgment within a professional environment Ability to balance work/personal priorities Qualifications Bachelors or Masters Degree in Computer Science, Information Systems, Engineering or related field 7+ years of experience in incident response, computer forensics analysis and/or malware reverse engineering Understanding of security threats, vulnerabilities, and incident response Experience with electronic investigation, forensic tools, methodologies (log analysis, handling electronic data, malware identification/analysis) Familiarity with legalities surrounding electronic discovery and analysis Experience with EDR and SIEM technologies (e.g., Splunk) Strong knowledge of Windows and Unix/Linux operating systems Ideally, you’ll also have Hold or pursue related professional certifications such as GCFE, GCFA or GREM Security incident response experience in cloud environments (e.g., Azure) Programming skills in PowerShell, Python, and/or C/C++ Understanding of best security practices for network architecture and server configuration What We Look For Demonstrated integrity in a professional environment Ability to work independently Global mindset for working with diverse cultures Knowledge of standard security incident response processes and lifecycle Positive attitude and strong teamwork, communication, and problem-solving skills What We Offer You The compensation ranges comply with US pay transparency laws. EY offers a comprehensive compensation and benefits package, flexible work arrangements, and a diverse and inclusive culture. Total rewards consider education, experience, knowledge, skills, and geography. Base salary ranges for the US: $128,100 to $239,600; NYC Metro/Washington/CA ranges: $153,800 to $272,300. Salaries are determined by multiple factors. Benefits include medical, dental, pension and 401(k), and paid time off. Hybrid work model: expect to work in person 40-60% of the time in client-serving roles Flexible vacation policy with designated holidays and other leaves to support well-being Additional Information EY focuses on high ethical standards and integrity. EY provides equal employment opportunities regardless of race, color, religion, age, sex, sexual orientation, gender identity/expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis. Reasonable accommodations are available for qualified individuals with disabilities. Location: San Francisco, CA (example listing). EY accepts applications on an ongoing basis. #J-18808-Ljbffr

Created: 2025-09-17