Cybersecurity Specialist

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will perform cybersecurity assessments for our clients and support the clients in their desire to protect the business.

The opportunity

We will support you with career-long training and coaching to develop your skills. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

Our security professionals possess diverse industry knowledge, along with unique technical expertise and specialized skills.

Our Cybersecurity team aims to build a full service offerings providing clients with tailored services to deploy and run vulnerability management programs, enhance their resilience to cyber treat and perform penetration testing. As a Cybersecurity Specialist, you will serve on client engagement teams to assist in delivering the full range of services and work with EY Cybersecurity leadership to develop the firm’s cybersecurity service offering.

Your key responsibilities

• Assist engagement teams in evaluating client vulnerability management programs across people, process, and technology.
• Perform external and internal penetration testing for clients in various industries
• Assist engagement teams in other project on topics related to cybersecurity
• Develop Cybersecurity framework, Strategy and policies for client in various industries
• Perform and control vulnerability assessments to identify control weaknesses and assess the effectiveness of existing controls.
• Perform social engineering exercises and campaigns for clients (eg. Phishing campaign, Spear Phishing campaign, Baiting attacks, etc)
• Consult clients on various security mechanisms in order to enhance resilience to cyber attacks (eg. SIEM configurations, Firewall configurations, etc)
• Conduct root cause analysis against vulnerabilities and determine feasible technical solutions.
• Assist in the project management of cybersecurity projects including development of project charters, project plans, and status updates.
• Developing rapport with others by demonstrating an understanding of their concerns, needs and issues, and focusing on developing an internal network of relationships that can provide advice and support. Consistently deliver quality client services
• Stay abreast of current business and industry trends relevant to the client's business and cybersecurity.
• Reference: 773UPrN_A6Eiq3FgcUXSEImiQgM5NavZ5SdHC3UFDxg.

To qualify for the role, you must have

• Bachelor’s degree in the field of Computer Science, Information Systems, Engineering, Business or related field and a minimum of 3 years of related work experience
• Familiarity with security and risk standards including ISO 27001-2, NIST, ITIL, COBIT, OWASP TOP 10
• Hands on operational experience with vulnerability management tools (e.g. Nessus, Tenable, Burp Suite, Open VAS, Rapid7, etc.) including the ability to deploy, configure, and run these tools.
• Hands on operational experience with penetration testing tolls (e.g. Kali linux toolset)
• Understanding of various operating systems (Windows, Unix, MacOS etc.); cloud concepts; knowledge of networking fundamentals
• Ability to report issues clearly and succinctly and adapt communication styles to demonstrate vulnerability severity to client technical stakeholders and leadership
• Knowledge of general cybersecurity concepts and methods including, but not limited to secure configuration management, data protection and privacy, security monitoring, incident response, governance, risk and compliance, patch management, enterprise security strategies and architecture
• Fluency in English language
• Good verbal and written communication skills

Ideally, you’ll also have

• Prior consulting experience
• Experience working with SIEM tools and configuration of network equipment
• CISSP or CEH or Comptia Security+ or OSWP or other relevant cybersecurity certifications

What we look for

We’re interested in intellectually curious people with a genuine passion for cybersecurity. With your expertise, we’ll turn to you to speak up with innovative ideas that could make a lasting difference not only to us – but also to the industry as a whole. If you have the confidence in both your presentation and technical abilities to grow into a leading expert here, this is the role for you.

What working at EY offers

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you
• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.

Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.