Ernst & Young
Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 250,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated in the client services we deliver and is key to us being more innovative as an organization.
EY Technology supports our technology needs through three business units:
Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster, and pursue those opportunities more rapidly.
Enterprise Workplace Technology (EWT) - EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.
The role of the Security Architecture - Solution Architect is designed to directly support the Solution Architecture Lead for Security Architecture within Information Security. This role will serve in an individual contributor capacity with strong collaboration with corresponding Domain Architects as well as other Security Architecture Solution Architects who span various security domains including: Data Security, Endpoint/Server Security, Application/Platform Security, Network/Infrastructure Security, Security /Vulnerability Management and Cyber Defense. The Solution Architect will drive and deliver on the design, planning, and implementation of technologies as driven by Information Security and direction as defined by key stakeholders within the organization.
Your key responsibilities
Primary responsibilities include:
* Drive the delivery of security technology investment efforts
* Lead technology selection efforts from a technical perspective
* Frame and conduct various technology selection approaches including RFI/RFP/streamlined vendor
* Frame subsequent proof-of-concept and implementation activities
* Finding the best technical solution among all possible to solve the existing business problems
* Develop and enhance target architectures as well as target operate models for new/existing architectures and services
* Develop/maintain infrastructure architecture diagrams to facilitate engineering material builds
* Provide input into strategic direction and technology decision activities
* Support ad-hoc architecture service requests for efforts such as research, architecture/use case modelling, and architecture assessments/reviews
* Develop Minimum Security Baseline configurations for new technologies
* Develop security technology standard proposals
* Lead and facilitate architecture presentations to project teams, working groups, design authorities, and leadership based upon need
Analytical/decision making responsibilities:
Individuals in this role must be well versed and educated in common Information Security practices and the CISSP domains, as well as possess general Information Technology experience. They must be able to leverage these experiences and education to identify opportunities to influence the speed and direction of a project effort and to hasten ultimate project delivery and implementation.
Although this role is an individual contributor role, it requires significant cross-teaming within the Information Security as well as greater EY Technology organization. EY Technology's organizational structure will challenge Solution Architects in their ability to drive and motivate others to help speed to market and delivery of projects, technologies, and services without a direct management line influence.
Skills and attributes for success
Individuals in this role must demonstrate an ability to think beyond standard constructs, in a creative, yet grounded fashion. This role requires a delivery-focused mindset and speed to market. This person must be willing to think broadly in terms of overall project approach and show great adaptability as customer ask or leadership direction shifts. Experience working with AGILE methodologies and with a nimble, agile mindset are a plus given the shifting nature and demands of EY. Opportunities to collaborate and lean on others will be plentiful, but by the same token, the individual must possess the ability to quickly become near-subject-matter-experts in areas where he or she is less-familiar or experienced. This role requests significant dexterity due to the ever-changing world of technology and the dynamic nature of EY / EY Technology.
Understanding and value for the end customer is critical. This role requires experience in client-service relationships and an appreciation for the voice of the customer.
Individuals in this role must have significant experience presenting to and developing written collateral/artifacts for executive and leadership levels within an organization. Domain leads are expected to possess exceptional communication skills and keen awareness and appreciation for his/her audience.
* Experience developing detailed security and infrastructure architectures (to support material builds)
* Familiarity in the development and maturation of operate models
* Wide array of technology experience (ranging from system/application development to operations/engineering to architecture)
* Knowledge of Data Security: Data Classification, Data encryption (Vormetric, TDE), Data Loss Prevention, Data-Centric Audit and Protection, Data Masking, Data Governance, data discovery
* Supporting the DLP system implementation from design to deployment and upgrade
* Knowledge of different encryption technologies, HSM, Key life cycle management, Key Vault
* Define and implement the security product roadmap for enterprise data, implementation and data management for new data sources, data consolidation within enterprise, and data sharing with other entities.
* Knowledge of Vulnerability Management, Remediation/Mitigation, Scanning/Identification, Classifying, Prioritizing and Patching.
* Understanding the security compliance requirements, such as PCI, ISO, BITS, FISMA and HIPAA
* Ideally, the individual within this role will have held a wide array of roles within an IT organization
* Knowledge of Agile software development cycle, DevSecOps, CI/CD, Automation
* Cloud experience/exposure -- particularly with regard to Microsoft cloud service offerings (e.g., O365 architecture) and Azure is a plus
* Experience in IT or security organizations supporting mobile or "disconnected" workforce
Travel requirements < 10%
To qualify for the role you must have
Bachelor's and/or Master's degree in Computer Science, Information Systems, CyberSecurity, or related field of study.
* 12+ years of experience in IT or related field; 10+ years of experience in an architecture or engineering capacity; direct information security experience is highly favorable, but not required
Ideally, you'll also have
While none of the below items are required, they are preferred:
* SANS Certifications including: GSEC, ECSA, ECSP, Security+
* Familiarity/experience with SABSA or TOGAF methodology
What we look for
This role requires keen technical knowledge and the ability to translate driving requirements to the delivery of a technology. It will be the responsibility of the Solution Architect to define more technical architectures from Conceptual/Target architectures provided at earlier phases of work. Solution Architects will help identify security tools and architectures to support business needs and ready these technologies for Engineering and Operations teams to inevitably assume final implementation and operational ownership. Key artifacts for the Solution Architect to help drive and deliver are Target Architectures, Target Operate Models, Infrastructure Architecture Diagrams as well as key project material such as POC/Implementation plans, Technology Findings documents, and overall direction for carrying out product selection by way of RFI's, RFP's, or streamlined vendor approaches.
What working at EY offers
We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:
* Support, coaching and feedback from some of the most engaging colleagues around
* Opportunities to develop new skills and progress your career
* The freedom and flexibility to handle your role in a way that's right for you
EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. We strive to achieve the right balance for our people, enabling us to deliver excellent client service whilst allowing you to build your career without sacrificing your personal priorities. While our client-facing professionals can be required to travel regularly, and at times be based at client sites, our flexible working arrangements can help you to achieve a lifestyle balance.
As a global leader in assurance, tax, transaction and advisory services, we're using the finance products, expertise and systems we've developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we'll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status.
About Ernst & Young
Ernst & Young (doing business as EY) is a multinational professional services company.