At EY, you’ll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture and technology to become the best version of you. And we’re counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. 

Job Title:  Cloud Security Threat Specialist

Role Overview:

The Senior Cloud Security SME will lead the design, implementation, and optimization of advanced cloud security solutions across multi-cloud environments (AWS, Azure, GCP, OCI). This role focuses on proactive threat detection, WAF configuration and tuning, network traffic analysis, and bot mitigation strategies. The SME will collaborate with cross-functional teams to ensure robust security posture, compliance alignment, incident response and operational efficiency.

Key Responsibilities:

• Configure and tune cloud-native and third-party threat detection platforms across multi-cloud environments.
• Configure and manage Web Application Firewalls (WAFs) to protect against OWASP Top 10 threats and emerging attack vectors.
• Provide subject matter expertise during incident escalation and ability to triage and lead major incident manage calls related to potential availability investigations
• Conduct deep packet inspection and network traffic analysis using tools like Wireshark, Tcpdump, and cloud-native telemetry.
• Develop and implement bot detection and mitigation strategies using behavioral analytics and ML-based tools.
• Align detection frameworks with MITRE ATT&CK, NIST SP 800-53, CIS Benchmarks, and CSA CCM.
• Partner with SIEM and SOAR teams for automated alerting, investigation, and response.
• Provide technical leadership and mentorship to SOC analysts and engineering teams.

Required Skills & Abilities:

• Deep expertise in cloud security across AWS, Azure, GCP, and OCI.
• Hands-on experience with WAFs (e.g., AWS WAF, Azure Front Door, Akamai, Imperva).
• Proficiency in network traffic analysis and anomaly detection.
• Strong understanding of bot behavior, detection techniques, and mitigation tools.
• Familiarity with SIEM platforms (e.g., Splunk, Elastic, Sentinel) and SOAR tools (e.g., Tines, Cortex XSOAR).
• Knowledge of threat intelligence platforms and integration strategies.
• Experience with scripting (Python, Bash, PowerShell) for automation and data parsing.
• Strong analytical and forensic investigation skills.
• Excellent communication and documentation abilities.
• Certifications such as GIAC Cloud Threat Detection (GCTD), GIAC Network Forensic Analyst (GNFA), Security specialization for major cloud platforms such as AWS, GCP, Azure, OCI.

EY | Building a better working world 

 
EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.  

 
Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.  

 
Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.