Description - External
Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centres to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So, whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Qualifications - External
The EY cyber security team is looking for several staff members across levels from Associate to Assistant Manager. As a Cyber Security Consultant, you will contribute technical insights to client engagements and internal projects. An important part of your role will be to actively establish, maintain and strengthen internal and external relationships. You’ll also identify potential business opportunities for EY within existing engagements and the market. The more senior the role, the higher the expectation around winning market opportunities.
Ideally you will have experience with a globally recognised professional services firm or large corporations with industry experience in several the following areas:
· Experience in assessing an implementing security and risk standards including ISO 2700X, NIST, ITIL, COBIT
· Systems security skills in assessment, design, architecture, management and reporting
· Conduct Information Security Assessment against EY Methodology and leading practice frameworks and common standards.
· Conduct attack and penetration on infrastructure, network, web application and source code review.
· Assist client in managing and transforming their Information Security Programs.
· Assist client in managing their Business continuity and disaster recovery.
· Assist clients in designing and implementing them identify and access management solutions
· Assist client in managing their information protection and data privacy.
· Evaluate and analyse threat, vulnerability, impact and risk to security issues discovered from security assessments.
· Advise clients on the IT security issues, including explanation on the technical details and how they can remediate the vulnerabilities in the systems.
Application control and security implementation, program and project delivery design, architecture and solution design,
· Industry related certification required (e.g. CISSP, CISM, CISA, CIA, CIA)
To qualify all applicants must have:
At least 4 years of professional experience in either a technical IT Risk or an IT Security role
Strong project management skills and interpersonal skills
Advanced written and verbal communication skills and presentation skills, Strong analytical, interpersonal.
Strong interest in the field of information security
Creative, independent with good problem-solving skills
Be willing to travel as required
Client service delivery and able to manage multiple engagement teams and projects
Experience in coaching and supervising junior team members
Demonstrated integrity within a professional environment
Have a drive to build a team and grow your technical information security career to the next level
You may also have a bachelor’s and/or post graduate degree in computer science, information systems, engineering, or a related major (such as accounting).
The successful candidate must hold or be willing to pursue related professional certifications such as the CISSP, CISM, and/or CISA /CA / CIA advantageous