Cybersecurity Engineer (XDR/ITDR/NDR), Technology Consulting (Associate/Senior)

Location: Other locations: Primary Location Only

Requisition ID: 551344

MSS Resident Engineer, Cybersecurity, Technology Consulting
At EY, we develop you with future-focused skills and equip you with world‑class experiences. We empower you in a flexible environment, and fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams.
We work together across our full spectrum of services and skills powered by technology and AI, so that business, people and the planet can thrive together.
We’re all in, are you?
Join EY and shape your future with confidence.

EY delivers comprehensive Managed Security Services (MSS) to clients, ensuring robust cyber defence through continuous monitoring and incident response. Operating 24x7x365, our services encompass threat detection, triage, investigation, escalation and response across a suite of advanced security technologies including SIEM, Extended Detection and Response (XDR), Antivirus (AV), Mobile Threat Detection and Email Threat Detection.

The role expected is as a Resident Engineer, which requires you to oversee the day-to-day management and maintenance of the client’s managed security platforms. Your primary responsibility will be to ensure the optimal performance, stability, and reliability of the security technologies in use, while providing timely resolution of technical issues.

In this hands‑on role, you will liaise directly with client stakeholders and third‑party vendors to coordinate operational activities, enforce policy governance, and support continuous improvement of the security environment. This position requires strong technical expertise, excellent communication skills, and a proactive approach to problem‑solving in a dynamic and fast‑paced environment.

• Manage and maintain the client’s XDR platforms to ensure optimal performance, stability, and availability.
• Monitor system health and proactively identify and resolve technical issues to minimise downtime and service disruption.
• Collaborate with client stakeholders to provide hands‑on technical support and ensure alignment with operational and security policies.
• Coordinate with third‑party vendors to facilitate troubleshooting, upgrades, and issue resolution across integrated security technologies.
• Assist in the fine‑tuning of detection rules, policy updates, and configuration changes to enhance threat detection capabilities.
• Support the automation of daily operation tasks through SOAR playbooks and scripting.
• Participate in regular service reviews and contribute to reporting activities, including SLA metrics, alert trends, and containment timelines.
• Maintain documentation of system configurations, operational procedures, and incident response actions.
• Provide input into continuous improvement initiatives to strengthen the client’s security posture and operational efficiency.
• Review and analyse telemetry data to identify trends, anomalies, and areas for improvement.
• Collaborate with the team to implement enhancements based on telemetry insights.
• Stay updated on industry best practices and emerging threats to enhance operational effectiveness.
• Work closely with other security teams to ensure a cohesive approach to threat detection and response.
• Participate in incident response activities as needed.

• Communication Skills: Excellent verbal and written communication skills to effectively liaise with stakeholders and team members.
• Problem‑Solving Ability: Proficient in assessing situations quickly and developing effective solutions under pressure.
• Technical Proficiency: Proficient in scripting and query languages such as python, KQL, YARA.
• Team Player: Collaborative mindset with the ability to work effectively within a team environment.
• Adaptability: Comfortable working in a fast‑paced, dynamic environment and able to adjust to changing priorities.
• Continuous Learner: Eagerness to stay updated on the latest security trends, threats, and technologies.
• Leadership Qualities: Ability to guide and mentor junior team members in best practices for alert triaging and incident response.
• Resilience: Capable of maintaining composure and focus during high‑stress situations and incidents.

• A recognised university degree in Computer Science, Computer/Electrical Engineering, Information Technology or equivalent, together with at least three years of relevant experience.
• Hands‑on experience in Sentinel, Microsoft Defender or any SIEM and EDR platforms.
• Strong interest in the field of information security.
• Creative, independent with good problem‑solving skills.
• Excellent communicator with strong analytical, interpersonal and writing skills.

Highly motivated individuals with excellent problem‑solving skills and the ability to prioritise shifting workloads in a rapidly changing industry. An effective communicator, you’ll be a confident team player that collaborates with people from various teams while looking to develop your career in a dynamic organisation.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY is building a better working world by creating new value for clients, people, society and the planet, while building trust in capital markets. Enabled by data, AI and advanced technology, EY teams help clients shape the future with confidence and develop answers for the most pressing issues of today and tomorrow. EY teams work across a full spectrum of services in assurance, consulting, tax, strategy and transactions. Fuelled by sector insights, a globally connected, multi‑disciplinary network and diverse ecosystem partners, EY teams can provide services in more than 150 countries and territories. All in to shape the future with confidence.