Senior Incident Orchestrator at EY - ScoutJobs - The AI-curated global job board
Skip to content
ScoutJobs.AI
Log inGet started
Navigate
How it worksThe agent, step by stepFeaturesEverything else it doesPricingSimple plansFAQQuestions everyone asks
Log inGet started. Free.
EY
Posted 2 days ago

Senior Incident Orchestrator

EYCMS-Senior-Incident Orchestrator
Apply now

Requirements

Digital forensics tools experience, SIEM proficiency (Splunk, Sentinel, etc.), EDR/XDR experience (CrowdStrike, Defender, etc.), Knowledge of SANS Top 20 and OWASP Top 10, Understanding of attack lifecycles, Network protocols and OS knowledge, Scripting proficiency (Python, PowerShell), 5+ years security experience, Willingness to work 24/7 shifts

Skills

SplunkMicrosoft SentinelPythonCrowdStrikeDigital Forensics

About the role

Responsibilities

  • Own the end-to-end coordination of security incidents from initial escalation through containment, remediation, and closure
  • Act as the central point of coordination between SOC analysts, threat detection teams, IT responders, and incident response leadership
  • Manage incident bridges and war rooms during major incidents to ensure clear ownership and timely updates
  • Validate escalated alerts to confirm true positives and business impact before initiating response actions
  • Drive containment and mitigation actions by coordinating with relevant resolver groups across endpoint, network, identity, and cloud domains
  • Ensure all incident activities are accurately documented in the designated ticketing platform
  • Prepare incident status updates, timelines, and summaries for SOC leadership and stakeholders
  • Support post-incident reviews (PIRs) by compiling evidence and assessing response effectiveness
  • Identify process gaps and recommend improvements to SOC and IR playbooks and SOPs

Requirements

  • 5+ years of security-related experience in Security Operations, Incident Response, or Forensic Investigation
  • Proficiency with SIEM solutions such as Splunk, Microsoft Sentinel, or equivalent
  • Experience leveraging EDR/XDR solutions like CrowdStrike, Microsoft Defender, or SentinelOne
  • Experience with digital forensics tools and techniques to investigate incidents
  • Strong understanding of attack lifecycles, SANS Top 20, and OWASP Top 10
  • In-depth knowledge of network protocols, operating systems, and security technologies
  • Proficiency in scripting languages (e.g., Python, PowerShell) for task automation
  • Willingness to work in a 24/7 operations center environment (shift work required)
  • Excellent verbal and written communication skills with strong problem-solving abilities

Preferred Qualifications

  • Bachelor’s Degree in Information Technology or a related field
  • Relevant industry certifications such as CEH, CHFI, Sec+, GCFA, GCIH, or CySA+

Benefits

  • Support, coaching, and feedback from engaging colleagues
  • Opportunities to develop new skills and progress your career through individual progression plans
  • Freedom and flexibility to handle your role in a way that works best for you

About the Company

EY exists to build a better working world, helping to create long-term value for clients, people, and society. Enabled by data and technology, our diverse teams provide trust through assurance and help clients grow, transform, and operate across more than 150 countries.

ScoutJobs Agent

Get matches like this delivered daily

Sign up free — we'll pull jobs that fit your CV from across the web and rank them for you.

Get started — it's free

Senior Incident Orchestrator

EY · Trivandrum

Sign up to apply