L1 Security Analyst – Cybersecurity Operations Consultant

About the role

Join EY's Technology Consulting team as an L1 Security Analyst in the Cybersecurity Operations Centre. You will be the first line of defence, monitoring security events, performing initial triage, and escalating incidents to protect the confidentiality, integrity, and availability of client systems and data.

Key responsibilities

• Monitor alerts from security analytics and AI‑driven threat detection platforms.
• Perform initial investigation and triage of security incidents, validating false positives.
• Escalate incidents to L2/L3 analysts or relevant teams according to response procedures.
• Document findings, maintain incident tickets, and update case tracking systems.
• Support reporting of detected incidents, vulnerabilities, and trends.
• Follow established SOPs and contribute to continuous improvement.
• Assist in creating and maintaining security knowledge‑base articles and playbooks.
• Stay updated on emerging cyber threats, attack methods, and best practices.
• Provide basic troubleshooting for threat‑detection tools and other related duties.

Required profile

• Bachelor’s degree in Computer Science, Information Technology, or a related STEM field.
• 0–2 years of relevant experience (advantageous).
• Professional certifications such as CompTIA Security+, CySA+, Microsoft SC‑200, or Certified Ethical Hacker (CEH) are a plus.
• Basic understanding of networking, firewalls, IDS/IPS, SIEM tools, and malware threats.
• Strong analytical and problem‑solving abilities with attention to detail.
• Willingness to work in a 24/7 shift environment.

Required skills

• Security analytics and AI‑driven threat detection platforms.
• SIEM tools.
• Firewalls and intrusion detection/prevention systems.
• Fundamental networking concepts.
• Malware analysis basics.
• Incident ticketing and case‑tracking systems.
• Creation of security knowledge‑base articles and playbooks.
• CompTIA Security+, CySA+, Microsoft SC‑200, Certified Ethical Hacker (CEH) (certifications).