Security Consultant

At EY, you'll have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we're counting on your unique voice and perspective to help EY become even better, too. Join us and build an exceptional experience for yourself, and a better working world for all. **Security Consultant** **Job Summary:** As an Information Security Consultant, you will be responsible for providing security guidance to IT project teams responsible for delivering business solutions leveraging new market technologies in the Travel, Meeting & Events industry. You will identify and prioritize security-related requirements, promote secure-by-default designs, and ensure that information systems and infrastructure are secured throughout the system development life cycle (SDLC). Additionally, you will perform risk assessments of third-party information systems and infrastructure, develop appropriate risk treatment and mitigation options, and effectively articulate findings and recommendations to IT project teams, suppliers, and management. The successful candidate should have a solid background in application and/or infrastructure development, broad experience over an array of information security and technical disciplines, and be able to provide pragmatic, business-aligned security guidance. You will be expected to work on multiple projects and tasks concurrently. **EY Technology:** Technology has always been at the heart of what we do and deliver at EY. We need technology to keep an organization the size of ours working efficiently. We have 280,000 people in more than 140 countries, all of whom rely on secure technology to be able to do their job every single day. Everything from the laptops we use, to the ability to work remotely on our mobile devices and connecting our people and our clients, to enabling hundreds of internal tools and external solutions delivered to our clients. Technology solutions are integrated into the client services we deliver and are key to us being more innovative as an organization. **Your Key Responsibilities:** This position is an individual contributor capable of supporting multiple project teams in the design, implementation, and certification of security controls across IT systems constituting new platforms/products used within EY. You will require knowledge of various IT system architecture and technology like Travel solutions, Meeting & Events leaders apps, etc., hosted in different Cloud environments with mobile apps offerings, as well as supporting technology such as IAM, network security, firewalls, user account management, audit & logging, and other security concepts as outlined in ISO27001, OWASP, and related security standards. You should also have knowledge of how to assess third-party security assessments and the applicability of SOC1, SOC2 reports, and concepts of vendor risk management. **Skills And Attributes For Success:** - Significant working security experience (with automation platform is a plus) and knowledge in the design, implementation, and operation of security controls in any two or more of the following areas (Application Security & Mobile Security preferable) - Cloud Security Technical understanding of virtualization, cloud infrastructure, and public cloud offerings and experience designing security configuration and controls within cloud-based solutions in Microsoft Azure and Azure PAAS services - Mobile Security Technical understanding of Mobile Security standards, mobile platforms, mobile testing and experience designing security configuration and controls within mobile device-based solutions. Add-on experience of Mobile app integration with Microsoft InTune platform will be an advantage - Infrastructure Security Experience with the integration of common infrastructure security technologies and solutions into business solution architectures - Agile & DevOps Methodologies Experience as a contributing member of a balanced team within an Agile development or DevOps environment - Identity and Access Management Active Directory-based Identity and Access Management and Authorization design experience and integration with IDaaS and Federation technologies **To qualify for the role you must have:** - Eight or more years of IT industry experience with a minimum of eight years of relevant experience in Information Security discipline - A Bachelor's/Masters degree in Computer Science or a related discipline, or equivalent work experience - Experience in reviewing Mobile applications & platforms, with knowledge of Cloud Environment set up, and knowledge of common information security requirements for such platforms is a plus - Experience providing and validating security requirements related to information system design and implementation - Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies - Experience in the use of tools and methods to identify security exposures and business risks - Familiarity with information system attack methods and vulnerabilities **What We Look For:** - Ability to team well with others to facilitate and enhance the understanding & compliance to security policies - Ability to work effectively with customers, management, staff members, vendors, and consultants and articulate findings and recommendations - Strong English communication and writing skills are required - Strong judgment and analytical ability - Excellent interpersonal, communication, organizational, and project management skills - Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change - Demonstrated integrity in a professional environment - Willingness to work in CET timezone, to support US & EU initiatives, being flexible when required **What Working At EY Offers:** We offer a competitive remuneration package where you'll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development. Plus, we offer opportunities to develop new skills, progress your career, and the freedom and flexibility to handle your role in a way that's right for you. EY is committed to being an inclusive employer and we are happy to consider flexible working arrangements. EY exists to build a better working world, helping to create long-term value for clients, people, and society and build trust in the capital markets. Working across assurance, consulting, law, strategy, tax, and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.,