Cyber Triage and Forensic Senior Analyst

Cyber Triage and Forensic Senior Analyst

Join EY as a Cyber Triage and Forensic Senior Analyst and help secure data and information systems across a global, diverse team.

• Investigate, coordinate, bring to resolution, and report on security incidents.
• Conduct forensic analysis of end‑user systems and servers with potential indicators of compromise.
• Collect and analyze artifacts from security incidents and forensic investigations.
• Perform hunting operations within SIEM, EDR, and other security tools to identify incidents.
• Interface with system owners, custodians, and IT contacts to obtain access, collect digital artifacts, and execute containment and remediation actions.
• Provide consultation and assessment of perceived security threats.
• Maintain, manage, improve, and update security incident processes and documentation.
• Generate reporting and metrics on case work.
• Identify root cause and recommend solutions for incident resolution.
• Prepare fact‑based investigative reports.
• Serve as an on‑call global incident response resource.

• 7+ years of experience in incident response, computer forensics, and/or malware reverse engineering.
• Esteemed integrity and judgment in a professional environment.
• Proficiency in Windows and Unix/Linux operating systems.
• Understanding of security threats, vulnerabilities, and incident response life‑cycle.
• Familiarity with forensic tools, electronic discovery, and legalities surrounding electronic analysis.
• Experience with EDR and SIEM technologies (e.g., Splunk).
• Strong analytical, investigative, and problem‑solving skills.
• Excellent communication and writing skills; ability to present findings clearly.
• Self‑motivated to work independently and globally.
• Bachelor’s or Master’s degree in Computer Science, Information Systems, Engineering, or related field.

• Professional certifications such as GCFE, GCFA, or GREM.
• Experience with cloud‑based security incident response (e.g., Azure).
• Programming skills in Power Shell, Python, or C/C++.
• Knowledge of best security practices for network architecture and server configuration.

• Mid‑Senior level
• Full‑time
• Information Technology & Management – Professional Services

EY is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, age, sex, sexual orientation, gender identity or expression, pregnancy, genetic information, national origin, protected veteran status, disability status, or any other legally protected basis, including arrest and conviction records. EY invites applicants with disabilities to request reasonable accommodation by calling 1‑800‑EY‑HELP3 or emailing