Consulting – Cyber Detection & Response Staff

Website EY - Colombo

Consulting – Cyber Detection & Response Staff

EY · Colombo

About EY Global Delivery Services (GDS)

Global Delivery Services (GDS) is EY’s worldwide network of service delivery centers, playing a vital role in the firm’s global growth strategy. Since 2002, GDS has grown into a powerhouse of over 80,000 professionals across ten countries, including Sri Lanka. We provide seamless, high-quality Consulting, Assurance, and Technology support to EY clients globally, helping to build a better working world.

The Opportunity

We are looking for a Security Analyst (TDR Operations Staff) to join our Technology Consulting service line. In this role, you will focus on first-level monitoring and triaging, utilizing advanced SIEM, EDR, and NSM solutions to protect our global clients from emerging cyber threats.

Key Responsibilities

  • Operational Support: Provide 24/7 support using SIEM (Splunk, Sentinel), EDR (Defender, CrowdStrike, Carbon Black), and NSM (Fidelis, ExtraHop) platforms.

  • Alert Monitoring: Conduct first-level monitoring and triaging of security alerts to identify potential threats.

  • Incident Investigation: Perform initial data gathering and investigation into security events across multiple customer environments.

  • Real-time Analysis: Deliver near real-time analysis and detailed reporting of security incidents to ensure rapid response and mitigation.

Skills and Attributes for Success

  • Technical Knowledge: Strong understanding of SIEM technologies (Splunk, Azure Sentinel) and network monitoring platforms (Fidelis XPS, ExtraHop).

  • Endpoint Protection: Knowledge of endpoint tools such as Carbon Black, Tanium, or Microsoft Defender for Endpoint.

  • Incident Response: Familiarity with modern Cyber Incident Response workflows and general security monitoring best practices.

  • Niche Exposure: Experience with IoT/OT monitoring tools (e.g., Claroty, Nozomi Networks) is a significant advantage.

  • Service Mindset: A customer-service-oriented approach with a focus on meeting delivery commitments.

Candidate Requirements

  • Education: B.Tech / B.E. or an equivalent degree with sound technical skills.

  • Experience: Minimum of 1 year of hands-on experience in SIEM, EDR, and NSM solutions.

  • Availability: Ability to work in a 24×7 shift environment.

  • Communication: Strong verbal and written English skills, complemented by solid presentation abilities.

  • Technical Proficiencies: Knowledge of RegEx, Perl scripting, and SQL query language.

  • Certifications: * Required: Certification in any SIEM platform.

    • Preferred: CEH, ECSA, ECIH, or Splunk Power User.

What We Offer

  • Global Exposure: Work within a globally connected powerhouse of diverse teams.

  • Professional Development: Access to continuous learning, mentorship, and future-focused skill-building.

  • Inclusive Culture: A dynamic workplace where integrity, respect, and diversity are at the core of everything we do.

  • Benefits: Premium health and wellness packages, enticing rewards, and cutting-edge learning opportunities.

How to Apply

If you are passionate about cybersecurity and aligned with our commitment to building a better working world, apply today through our recruitment portal. Successful candidates will advance to a competency-based interview.

More Vacancies

To apply for this job please visit lk.linkedin.com.