Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills. The team stays highly relevant by researching and discovering the newest security vulnerabilities, attending and speaking at top security conferences around the world, and sharing knowledge on a variety of topics with key industry groups. The team frequently provides thought leadership and information exchanges through traditional and less conventional communications channels such as speaking at conferences, publishing white papers and blogging.
Our professionals work together in planning, pursuing, delivering and managing engagements to assess, improve, build, and in some cases operate integrated security operations for our clients.
* Lead, coordinate large- scale Information Security engagements.
* Provide both subject matter expertise and project management experience to serve as the "point person" for engagement teams.
* Work with prospective clients to identify opportunities, scope engagements, and build relationships.
* Develop and review reports and presentations for both technical and executive audiences.
* Supervise staff by providing mentorship and coaching to grow their technical and consulting skills.
* Improve EY's business processes and incident response methodologies.
* Routine line management and leadership of staff within the Information Security Management function.
* Leadership and strategic direction for the function, ranging from planning and budgeting to motivational and promotional activities expounding the value of information security.
* Liaison with and offers strategic direction to related governance functions (such as Physical Security/Facilities, Risk Management, IT, HR, Legal and Compliance) plus senior and middle managers throughout the organization as necessary, on information security matters such as routine security activities plus emerging security risks and control technologies.
* Recruitment, leadership and direction for a loose network of information security ambassadors distributed throughout the organization.
* Leads the design, implementation, operation and maintenance of the Information Security Management System based on the ISO/IEC 27000 series standards, including certification against ISO/IEC 27001 where applicable.
* Forms a "centre of excellence" for information security management, for example offering internal management consultancy advice and practical assistance on information security risk and control matters throughout the organization and promoting the commercial advantages of managing information security risks more efficiently and effectively.
* Leads or commissions the preparation and authorizes the implementation of necessary information security policies, standards, procedures and guidelines, in conjunction with the Security Committee.
* Leads the design and operation of related compliance monitoring and improvement activities to ensure compliance both with internal security policies etc. and applicable laws and regulations.
* Leads or commissions suitable information security awareness, training and educational activities.
* Leads or commissions information security risk assessments and controls selection activities.
* Leads or commissions activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties.
To qualify, candidates must have:
* Bachelor's degree and a minimum of 7 years of related work experience, or a Master's degree and minimum 6 years of related work experience in the fields of Computer Science, Information Systems, Engineering, Business or related major.
* Supervisory experience and demonstrated leadership capabilities required.
* Prior Big 4 or other relevant consulting experience required.
* Experience developing new business and meeting revenue targets required.
* Demonstrated characteristics of a forward thinker and self- motivator who thrives on new challenges and adapts to learning new knowledge.
* Strong analytical and problem- solving skills.
* A military/government background is a plus.
* Prior Big 4 or other relevant consulting experiences a plus.
* Able to work collaboratively in a team environment.
* A valid driver's license in the US and a valid passport required; willingness and ability to travel domestically and internationally to meet client needs; estimated 80% travel required.
* The successful candidate must hold professional certifications such as the CISSP or equivalent.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
Ernst & Young (doing business as EY) is a multinational professional services company.