דרושים Tc-cs-ngso Tem-application Security Analyst_cyber_3-7 Years ב-Ey ב-India, Bengaluru

Your key responsibilities

• Engage and contribute to the Identity & Access Management projects
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
• Execute the engagement requirements, along with review of work by junior team members
• Help prepare reports and schedules that will be delivered to clients and other interested parties
• Develop and maintain productive working relationships with client personnel
• Build strong internal relationships within EY Consulting Services and with other services across the organization
• Help senior team members in performance reviews and contribute to performance feedback for staff/junior level team members
• Contribute to people related initiatives including recruiting and retaining IAM professionals
• Maintain an educational program to continually develop personal skills
• Understand and follow workplace policies and procedures
• Building a quality culture at GTH
• Manage the performance management for the direct reportees, as per the organization policies
• Foster teamwork and lead by example
• Training and mentoring of project resources
• Participating in the organization-wide people initiatives

Skills and attributes for success

• Hands-on experience on end to end implementation of Identity and Access Management tool.
• Completed at least 2-5 implementations.
• Good understanding of Identity Access Management solutions.
• Hands-on Java development and debugging experience.
• Strong Understanding of Java API’s, libraries, methods and good understanding of XML.
• Should be capable of dissecting large problems and designing modular, scalable solutions.
• Familiarity with any Java Framework (Struts/ Spring) is an additional advantage.
• Should be familiar with application servers such as Tomcat and WebLogic.
• Should have good understanding of RDMS and SQL queries.
• Hands-on experience in setting up the Identity and Access Management environment in standalone and cluster environment.
• Hands-on Development experience on Provisioning Workflows, triggers, Rules and customizing the tool as per the requirements.
• Strong understanding of LDAP (Lightweight Directory Access Protocol).
• Capability of understanding the business requirements and converting that into design.
• Good knowledge of information security, standards and regulations.
• Should be flexible to work on new technologies in IAM domain.
• Worked in capacity of techno-functional role of Identity and Access Management Implementation.
• Worked in client facing role.
• Need to be thorough in their respective tool with hands-on experience involving configuration, implementation & customization.
• Deployment of web application & basic troubleshooting of web application issues.
• Need to liaise with Business stakeholders and seek requirement clarification. Should be able to map business requirements to technical specifications.
• Use case design, Solution Requirements Specification and mapping business requirements to technical requirements (Traceability Matrix).
• Architecture Design (optimising the resources made available – servers and load sharing etc.).
• Involvement in a successful pursuit of a potential client by being part of the RFP response team.

To qualify for the role, you must have

• Bachelor or master’s degree in related field or equivalent work experience
• Strong command on verbal and written English language.
• Experience in HTML, JSP and JavaScript.
• Strong interpersonal and presentation skills.
• 3 - 4 Years relevant Work Experience

Skills Expertise

• Experience in implementing at least two IAM engagements, including requirements gathering, analysis, design,
• development, testing, deployment, and application support (SailPoint/OIM/CyberArk/Beyond trust/Thycotic).
• Experience in carrying out advanced application integration with the IAM solution dealing with advanced provisioning (e.g., multilevel workflows), single sign-on (WIA, Forms, HTTP), and PKI concepts
• Experience in technologies, such as Java, LDAP, SSL RDBMS, and Linux
• Good knowledge of Web/application servers (IIS, WebSphere, WebLogic, JBoss, and Apache)
• Experience in development/configuration of standard/custom IAM integrations using Java, .Net, or other major scripting languages
• Experience in hands-on development, estimations, sizing, and custom IAM integrations
• Advanced documentation and presentation skills and well-versed with software development life cycle processes
• Ability to create, plan, and execute advanced IAM trainings and independently drive proof of concepts involving emerging IAM technologies
• Exposure to process frameworks and methodologies
• Excellent verbal and written communication

Certifications (preferred):

• CyberArk Trustee, CyberArk Defender, CyberArk Sentry
• ITIL or equivalent

Work Requirements:

• Willingness to travel as required
• Willingness to be on call support engineer and work occasional overtime as required
• Willingness to work in shifts as required

What we look for

• Who has hands on experience in setting up the Identity and Access Management environment in standalone and cluster environment.
• Who has hands-on Development experience on Provisioning Workflows, triggers, Rules and customizing the tool as per the requirements.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

As a Senior Consultant in Network Security at EY, you will play a pivotal role in designing, implementing, and managing advanced security solutions for our clients. You will leverage your expertise in next-generation firewalls, proxies, zero trust technologies, and cloud security to enhance our clients' security posture and ensure compliance with industry standards. This person will interface with IT Operations, Network Operations, Infrastructure teams, Legal, Risk Management, etc.

Your key responsibilities

• Design and implement network security architectures using next-generation firewalls and proxies.
• Evaluate and deploy zero trust technologies, including Zscaler and Netskope, to secure client environments.
• Conduct security assessments and vulnerability analyses to identify and mitigate risks.
• Collaborate with cross-functional teams to develop and implement security policies and procedures.
• Provide guidance and mentorship to junior consultants and team members.
• Stay updated on the latest security trends, threats, and technologies to ensure best practices are followed.
• Develop and maintain documentation for security policies, procedures, and configurations.
• Lead incident response efforts, including investigation, containment, and remediation of security incidents.
• Conduct training sessions and workshops for clients and internal teams on security best practices and technologies.
• Assist clients in compliance audits and assessments related to industry standards (e.g., ISO 27001, NIST, GDPR).
• Design, implement, and oversee security measures for cloud platforms (such as AWS, Azure, and Google Cloud).
• Create and enforce policies, standards, and best practices for cloud security.
• Monitor and address security incidents and vulnerabilities within cloud infrastructures.
• Establish and manage security controls, including network segmentation, data protection, and threat detection.
• Automate security processes using scripting and infrastructure as code (IaC) methodologies.
• Deploy and configure security tools and solutions native to the cloud (e.g., firewalls, encryption, identity and access management).
• Investigate and address cloud security incidents, including data breaches and unauthorized access.
• Conduct forensic analysis and generate comprehensive reports on security incidents and breaches.
• Work collaboratively with other teams to resolve security challenges and enhance the overall security posture.
• Evaluate and recommend security tools and technologies to enhance the security posture of client environments.
• Collaborate with clients to develop tailored security strategies that align with their business objectives.
• Monitor and analyze security events and alerts to identify potential threats and vulnerabilities.
• Participate in security architecture reviews and provide recommendations for improvements.

Skills and attributes for success

• Should be a good team player.
• Excellent verbal and written communication skill.
• Proficient Documentation and Power Point skills
• Good social, communication and technical writing skills
• Should interface with internal and external clients.
• Strong analytical/problem solving skills.
• Ability to prioritize tasks and work accurately under pressure in order to meet deadlines.
• Should understand and follow workplace policies and procedures.
• Should independently manage the assigned project/engagement with minimal oversight/guidance from the manager.

To qualify for the role, you must have

• Bachelor's degree in Computer Science, Information Security, or a related field.
• 6 to 8 years of professional of experience in network security consulting/operations or a related role.
• Strong knowledge of network security principles and practices.
• Proficiency in configuring and managing next-generation firewalls (e.g., Palo Alto, Fortinet, Check Point).
• Experience with proxy technologies and their integration into security architectures.
• In-depth understanding of zero trust security models and implementation strategies.
• Familiarity with cloud security solutions, particularly Zscaler and Netskope.
• Implementation/operational experience on Zscaler- ZIA, ZPA,ZDX/ Netskope
• Knowledge of cloud platforms (e.g., AWS, Azure, Google Cloud) and their security features.
• Excellent problem-solving skills and the ability to work under pressure.
• Strong analytical skills to assess security risks and develop effective mitigation strategies.
• Ability to communicate complex security concepts to non-technical stakeholders.
• Experience with security information and event management (SIEM) tools.
• Understanding of network protocols and security technologies (e.g., VPN, IDS/IPS).
• Familiarity with scripting or programming languages (e.g., Python, PowerShell) for automation and security tasks.
• Knowledge of data protection regulations and compliance requirements (e.g., GDPR, HIPAA).
• Strong project management skills to lead security initiatives and manage client engagements.

• Below relevant certifications are a plus: -
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • Cisco Certified Network Professional Security (CCNP Security)
  • Palo Alto Networks Certified Network Security Engineer (PCNSE)
  • Fortinet Network Security Expert (NSE)
  • Zscaler Certified Cloud Security Engineer (ZCCSE)
  • Netskope Certified Security Engineer (NCS)
  • AWS Certified Security – Specialty
  • Microsoft Certified: Azure Security Engineer Associate
  • Google Professional Cloud Security Engineer
• Proficiency in security tools and technologies.
• Excellent problem-solving skills and attention to detail.
• Strong communication and teamwork skills.
• Ability to work independently and manage multiple tasks.
• Willingness to stay current with evolving security technologies and threats.
• Ability to communicate in a clear and concise manner.

Ideally, you’ll also have

• Professional certificate or be actively pursuing related professional certifications such as the CompTia Security+, CEH, CISSP or Vendor/Technical certification. If not, certified candidates are expected to complete one of the business required certifications within 12 months of hire.
• To expect some weekend work and 20%-30% travel based on job requirement.

What we look for

• A Team of people with commercial acumen, technical experience and enthusiasm to learn new things in this fast-moving environment with consulting skills.
• An opportunity to be a part of market-leading, multi-disciplinary team of 1600 + professionals, in the only integrated global transaction business worldwide.
• Opportunities to work with EY Consulting practices globally with leading businesses across a range of industries

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Requisition Id : 1650554

GOV :

Our Global Government & Public Sector (GPS) is a network of highly skilled professionals bestowed to serving our clients by bringing best-in-class international experience and insight combined with local knowledge to solve the most critical problems facing governments today. We actively focus on building solutions that help public sector entities face the challenges of the future and reinvent themselves.

We have a proud record of helping governments meet their challenges head-on, and we work closely with them to build a world that works better for all citizens.

CNS - BC - Transformation Delivery :

It has multiple fields of play such as:

Supply Chain and Operations - we provide a unique combination of industry-specific, strategic, operational and financial insights, digital technology advances and strategic alliance partners to deliver better outcomes and also help clients effect fundamental change in their operations’ performance to support sales growth, become more cost competitive, minimize risk and ensure operational resilience.

Your key responsibilities

Technical Excellence

· Engagement Delivery: Independently leading tracks and manage client facing junior team members in designing, developing and implementing solutions/ engagement delivery by executing the tasks that are part of overall assignment; lead modules of the engagement in small parts; interact with and present ideas / new perspectives to senior client personnel. Scope of work would include, but not limited to:

Project Delivery
project planning and budgeting,
define deliverable content, and
Contribution to People Development: Perform role of coach, provide input and guidance to team members and actively contribute to firm's staffing process.
Person will be responsible to thoroughly understand and communicate stakeholder requirements to appropriate team members, and manage all requirements accordingly to realize each for the stakeholder.
Establish clear ownership for project tasks, ensure that team members have the tools needed, and provide timely feedback.
Coordinate and facilitate delivery of project objectives.
Track progress and review project tasks to make certain deadlines are met appropriately.
Assess project issues and identify solutions to meet productivity, quality and customer goals.
Proactively communicate project status, issues & risks to management.
Conduct regular status meetings with all stakeholders, keeping the stakeholder's needs and requirements continuously in view.
Person should have solid project management skills and be able to work consultatively on an operational level. Person must be self-motivated, enthusiast,ic and show leadership skills
Project delivery - Develops project plans; executes the project plans, Coordinates projects; Communicates changes and progress; Completes projects on time and budget; Manages self and project team activities.
Customer Service - Manages difficult or emotional customer situations; Responds promptly to customer needs; Solicits customer feedback to improve service; Responds to requests for service and assistance; Meets commitments.
Analytical - Synthesizes complex or diverse information; Collects and researches data; Uses intuition and experience to complement data; Designs work flows and procedures.
Problem Solving - Identifies and resolves problems in a timely manner; Gathers and analyses information skilfully; Develops alternative solutions; Works well in group problem solving situations; Uses reason even when dealing with emotional topics.
Quality - Demonstrates accuracy and thoroughness; Looks for ways to improve and promote quality; Applies feedback to improve performance; Monitors own work to ensure quality.

Skills and attributes

To qualify for the role you must have
Qualification

BE. / B.Tech. or MPA + MPP + MA + MSW + MBA (preferably from a reputed institute with a good academic background GESI public policy

· 5 Years of experience in Project Management and delivery. Out of this at least 3 years should be supervisory role.

· Drawing on existing skills and experience to date person will work as part of a fast growing practice to deliver complex assignments. This could include relevant areas of experience like SOP preparation, process improvement, strategic planning, city planning etc )

· Should have good documentation and report writing skills

What we look for

People with the ability to work in a collaborative manner to provide services across multiple client departments while following the commercial and legal requirements. You will need a practical approach to solving issues and complex problems with the ability to deliver insightful and practical solutions. We look for people who are agile, curious, mindful and able to sustain postivie energy, while being adaptable and creative in their approach.

What we offer

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

KEY Capabilities:

• Experience in working with Splunk Enterprise, Splunk Enterprise Security & Splunk UEBA
• Minimum of Splunk Power User Certification
• Good knowledge in programming or Scripting languages such as Python (preferred), JavaScript (preferred), Bash, PowerShell, Bash, etc.
• Assist in remote and on-site gap assessment of the SIEM solution.
  • Work on defined evaluation criteria & approach based on the Client requirement & scope factoring industry best practices & regulations
  • Assist in interview with stakeholders, review documents (SOPs, Architecture diagrams etc.)
  • Asist in evaluating SIEM based on the defined criteria and prepare audit reports
• Good experience in providing consulting to customers during the testing, evaluation, pilot, production and training phases to ensure a successful deployment.
• Experience in onboarding data into Splunk from various sources including unsupported (in-house built) by creating custom parsers
  • Verification of data of log sources in the SIEM, following the Common Information Model (CIM)
  • Experience in parsing and masking of data prior to ingestion in SIEM
  • Provide support for the data collection, processing, analysis and operational reporting systems including planning, installation, configuration, testing, troubleshooting and problem resolution
  • Assist clients to fully optimize the SIEM system capabilities as well as the audit and logging features of the event log sources
  • Assist client with technical guidance to configure their log sources (in-scope) to be integrated to the SIEM
• Experience in SIEM content development which includes :
  • Hands-on experience in development and customization of Splunk Apps & Add-Ons
  • Builds advanced visualizations (Interactive Drilldown, Glass tables etc.)
  • Build and integrate contextual data into notable events
  • Experience in creating use cases under Cyber kill chain and MITRE attack framework
  • Capability in developing advanced dashboards (with CSS, JavaScript, HTML, XML) and reports that can provide near real time visibility into the performance of client applications.
  • Sound knowledge in configuration of Alerts and Reports.
  • Good exposure in automatic lookup, data models and creating complex SPL queries.
  • Create, modify and tune the SIEM rules to adjust the specifications of alerts and incidents to meet client requirement
  • Experience in creating custom commands, custom alert action, adaptive response actions etc.

Qualification & experience:

• Minimum of 3 years’ experience in Splunk and 3 to 5 years of overall experience with knowledge in Operating System and basic network technologies
• Experience in SOC as L1/L2 Analyst will be an added advantage
• Strong oral, written and listening skills are an essential component to effective consulting.
• Good to have knowledge of Vulnerability Management, Windows Domains, trusts, GPOs, server roles, Windows security policies, user administration, Linux security and troubleshooting
• Certification in any other SIEM Solution such as IBM QRadar, Exabeam, Securonix will be an added advantage
• Certifications in a core security related discipline (CEH, Security+, etc.) will be an added advantage.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Your key responsibilities

• A Security- Design & Architect professional who is responsible for designing, building, testing and implementing security within an organisation’s IT infrastructure- On Prem & Cloud.
• Professional is expected to have a thorough understanding of complex IT systems and stay up to date with the latest security standards, systems and authentication protocols, as well as best practice security products.
• Identify requirements, design document and implement technical solutions for scalable and resilient network architecture.
• Well versed with Zero Trust use cases , business & technical requirements
• Experience in Zero Trust Security Architecture and Solution Design
• Experience in Zero-Trust and micro-segmentation solutions including Guardicore and Illumio
• Individual should possess experience in planning, design, deployment, configuration, integration and management of network protection controls including Next gen firewalls- Palo Alto, Checkpoint, Fortinet, SDN Security, DDoS Protection, IPS, VPN, Wireless security, NAC and network authentication solutions to protect IT assets and should be responsible for deployment of any changes, plug-ins, or configuration as requested by client.
• Plan, design, deploy, configure, integrate, and manage WAF, proxy/Zscaler solutions.
• Possess hands on experience in segmenting networks, applications, and data to limit exposure to attacks.
• Plan, design, deploy, configure, integrate and manage platform protection controls including virtualisation protection solutions on Hypervisors and thin client’s security solutions.
• Good understanding of security concepts and technologies including, but not limited to TCP/IP, LDAP, DHCP, DNS, web filtering etc.
• Should be well-versed with network documentation that includes network drawings, text descriptions and equipment configurations, designing HLDs and LLDs.

Skills and attributes for success

• Serve as highly technical security expert to bring security transformation to both new and legacy infrastructure.
• Deep technical understanding of architecture and solutioning of infrastructure security components.
• Deep knowledge of services and service delivery approach and methodology for infrastructure security including governance and operating models.
• Proven track record in building and maintaining trusted relationships with key internal and external stakeholders.
• Willingness to travel and flex work timings as and when required.
• Ability to change and adapt in a hyper-growth environment.
• Self-starter and strategic thinker.
• Drive C-suite/senior leadership level meetings and discussion.
• Excellent oral and written communication skills and executive presence that enable effective engagement with senior stakeholders.
• Ability to work independently and communicate the technical and security related issues to client/business stakeholders.
• Clearly demonstrates proven extensive abilities with leveraging creative thinking and problem-solving skills, individual initiative, and utilizing Office 365, MS Office (Word, Excel, Access, PowerPoint) and Google Docs.
• Communicating in an organized and knowledgeable manner in written and verbal formats including delivering clear requests for information and communicating potential conflicts.
• Must communicate consistently and drive objectives, relying on fact-based decisions about risk that optimize the trade-off between risk mitigation and business performance.
• Good presentation, project management, facilitation and delivery skills as well as strong analytical and problem-solving capabilities.
• Ability to create domain specific training content and deliver training effectively.
• Develop/Implement automation solutions and capabilities that are clearly aligned to client business, technology and threat posture.
• Demonstrates ability to track developments and changes in the digital business and threat environments to ensure that they're adequately addressed in client’s security strategy plans and architecture artefacts.

To qualify for the role, you must have

6+ years of experience in Information Technology experience, with specialization in Cyber Security roles that include multiple areas of specialization. Professional-level knowledge in areas from the following:

• Zero Trust Security Strategy and Implementation
• Security Engineering & Architecture assessments
• Possess understanding in firewalls, VPNs, NAC, SDWAN, WAF, Proxy, EDR/XDR etc.
• Expert level experience with deployment, maintenance and operations of one or more major network security Devices
• Cloud Security Architecture
• Entrepreneurial approach to solving security problems with consultative skills

Ideally, you’ll also have

• Good soft skills i.e. verbal & written communication, technical document writing etc
• Strong project management, negotiation and interpersonal skills
• Prior experience working in Advisory or Technology Consulting industry
• Customer orientation skills
• Industry related certification (e.g. CISSP, CISA, CISM, SABSA, PRINCE2, TOGAF)

What we look for

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Job Summary:

You will work in close coordination with business stakeholders, data architects, and engineers to deliver scalable analytics aligned with enterprise data strategies.

Essential Functions of the Job:

• Lead the end-to-end implementation of SAP SAC solutions for reporting, planning, and visualization.
• Build SAC stories, dashboards, and planning models to support real-time analytics across SAP BDC data.
• Integrate SAC with SAP S/4HANA, BW/4HANA, and external cloud data sources such as Snowflake and Azure Synapse.
• Translate business requirements into technical solutions within SAC and collaborate on enterprise reporting strategy.
• Optimize dashboard performance, visual aesthetics, and data refresh strategies.
• Collaborate with data engineers and platform architects to align SAC with data platform architecture and data pipelines.
• Train business users and provide technical support and documentation.
• Monitor SAP SAC usage and apply new features for continuous improvement.
• Ensure governance and compliance of analytics solutions with EY’s enterprise standards.

Knowledge and Skills Requirements:

• Strong expertise in SAP Analytics Cloud (Stories, Planning, Predictive).
• Expertise with SAP BDC
• Deep understanding of SAP data models (Datasphere, S/4HANA, BW/4HANA, CDS views).
• Experience connecting SAC to cloud-based sources (Databricks, Snowflake, Azure, GCP).
• Data visualization best practices and dashboard UX/UI principles.
• Strong SQL and data transformation experience.
• Ability to work within a global, distributed team and with global stakeholders and business functions.
• Knowledge of Integration between SAC and PaPM will be highly desirable
• Knowledge of the context of SAC as part of SAP BDC and Datasphere

Other Requirements:

• Familiarity with enterprise data platform components (Databricks, Azure Data Factory, etc.).
• Understanding of data security, access controls, and data governance.
• Agile delivery experience and collaboration with offshore teams.
• Prior experience in data migration or SAP transformation projects is a plus.

Job Requirements:

Bachelor’s or Master’s degree in Computer Science, Data Analytics, or related field.

Minimum 3 years of analytics/reporting experience with at least 3-5 years focused on SAP SAC implementations.

GDS India

EY Technology supports our technology needs through three business units:

• Client Technology (CT) - focuses on developing new technology services for our clients. It enables EY to identify new technology-based opportunities faster and pursue those opportunities more rapidly.
• Enterprise Workplace Technology (EWT) – EWT supports our Core Business Services functions and will deliver fit-for-purpose technology infrastructure at the cheapest possible cost for quality services. EWT will also support our internal technology needs by focusing on a better user experience.
• Information Security (Info Sec) - Info Sec prevents, detects, responds and mitigates cyber-risk, protecting EY and client data, and our information management systems.

Your key responsibilities

• Define security architectures and provide pragmatic security guidance that balance business benefit and risks.
• Design and develop cloud platform-specific security policies, standards, and procedures for management group and account/subscription management and configuration (e.g. Azure Policy, Azure Security Center, AWS Config), identity management and access control, firewall management, auditing and monitoring, security incident and event management, data protection, user and administrator account management, SSO, conditional access controls and password/secrets management.
• Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls
• Perform risk assessments of information systems and infrastructure
• Maintain and enhance the Information Security risk assessment methodology
• Define security configuration standards for platforms and technologies
• Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
• Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders
• Provide knowledge sharing and technical assistance to other team members
• Act as Subject Matter Expert (SME) in responsible technologies and have deep technical understanding of responsible portfolios

Skills and attributes for success

• Experience with Cloud Identity and Access management solutions (AAD, Federation services, SAML, Ping) in implementation and operations.
• experience with Big Data and advanced analytics, AI/ML services (such as /Azure SQL/Google Cloud SQL /Azure HDInsight/Key management solutions, Storage and backup, Load balancing, Security Management, Databases and EC2 or VM machine hosting Databricks, Data Factory, Data Lake Storage/BigQuery, Azure Analysis Services, Synapse Analytics, Machine Learning, etc.)
• Experience in working with different Cloud platforms (Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS)) and environments (Public, Private, Hybrid) in a security role.
• hands-on technical experience implementing security solutions for leading Cloud service providers e.g., Amazon AWS, Microsoft Azure, Google Cloud.
• Ability to appropriately balance firm security needs with business impact & benefit
• Ability to facilitate compromise to incrementally advance security strategy and objectives
• Ability to team well with others to facilitate and enhance the understanding & compliance to security policies
• Experience facilitating meetings with multiple customers and technical staff, including building consensus and mediating compromise
• Five or more years Working experience with the architecture, design and engineering of web-based multi-tier information systems or network infrastructures
• Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
• Experience working with common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT

To qualify for the role, you must have

• Five or more years of experience in the management of a significant Information Security risk management function
• 5 or more years of experience in an Information Security or Information Technology discipline
• Experience in managing the communication of security findings and recommendations to IT project teams and management

Ideally, you’ll also have

• Exceptional judgment, tact, and decision-making ability
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
• Outstanding management, interpersonal, communication, organizational, and decision-making skills
• Strong English language skills are required
• Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM or Azure certifications (AZ500, AZ303, AZ304, AZ900)

We offer a competitive remuneration package where you’ll be rewarded for your individual and team performance. Our comprehensive Total Rewards package includes support for flexible working and career development, and with FlexEY you can select benefits that suit your needs, covering holidays, health and well-being, insurance, savings and a wide range of discounts, offers and promotions. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you