דרושים Ey Technology Information Security Control ב-Ey ב-Philippines, Taguig

• Serve as the primary security consultant for client engagements, providing expert guidance on application security best practices.
• Plan, execute, and document vulnerability & penetration tests on web, mobile, and cloud-based applications.
• Identify and exploit vulnerabilities using both manual techniques and automated tools.
• Ensure testing methodologies align with OWASP Top 10, NIST SP 800-115, and other relevant frameworks.
• Collaborate with development and DevOps teams to integrate security into the software development lifecycle (SDLC).
• Provide detailed findings and actionable remediation guidance to engineering teams.
• Lead threat modeling sessions and risk assessments for client applications and architectures.
• Advocate for secure coding and security-by-design practices and assist in implementing security controls.
• Evaluate and recommend security tools and technologies to enhance testing capabilities.
• Participate in code reviews and architecture assessments to identify potential security flaws.
• Develop and maintain documentation related to testing procedures, findings, and remediation tracking.
• Prepare reports on application security posture, vulnerabilities, and mitigation progress for stakeholders.
• Assist in incident response and forensic analysis related to application-level breaches.
• Stay current with emerging threats, vulnerabilities, and security technologies.
• Recommend and implement continuous improvement initiatives to enhance application security.
• Support incident response efforts and forensic investigations for client-reported application security incidents.
• Maintain documentation of testing methodologies, client interactions and remediation tracking.

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field or;
• Minimum of 5 years of experience in application security, vulnerability management, penetration testing, or ethical hacking.
• Hands-on experience with tools such as Burp Suite, OWASP ZAP, Metasploit, custom scripts, etc.
• Familiarity with secure coding practices and common development frameworks (e.g., Java, .NET, Python, JavaScript).
• Relevant certifications such as Offensive Security Certified Professional (OSCP), GIAC Web Application Penetration Tester (GWAPT), or Certified Ethical Hacker (CEH) are a huge plus.
• Strong understanding of application architectures, APIs, authentication mechanisms, and encryption protocols.
• Proficiency in vulnerability management platforms and SIEM tools.
• Excellent communication and interpersonal skills, with the ability to translate technical findings into business impact.
• Detail-oriented with a strong commitment to quality, security, and compliance.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Senior Consultant – International Tax and Transaction Services

As our Tax Senior Consultant, you will play a pivotal role in providing expert tax structuring, due diligence and other transaction support to a diverse range of clients, including large multinational, private equity, private and other institutions, across a broad range of sectors. You will be joining the market leading M&A practice, evidenced by EY being retained as the no. 1 advisor on value and volume of deals in Oceania, as recognized by MergerMarket. As a result, you will be working on market leading transactions with respect to household brand names.

Your key responsibilities

• Advising clients on domestic and international tax matters associated with all aspects of the M&A life cycle, including due diligence, structuring and other advisory engagements.
• Project managing both clients and internal teams to ensure a multidisciplinary project is delivered seamlessly across specialties and geographies
• Providing support and guidance to junior team members, while staying up to date with tax law changes and industry trends

Skills and attributes for success

• At least 2 years’ experience in Australian tax consulting within a top tier accounting firm, corporate, tax consulting or legal environment
• Inbound and outbound transaction consulting with international tax research, planning and compliance experience and/or tax due diligence, deal structuring, and post-acquisition planning experience.
• Ability to succinctly and clearly communicate complex tax concepts to clients.

Ideally, you’ll also have the skills and attributes below but don’t worry if you don’t tick all the boxes. We’re interested in your aptitude, attitude and willingness to learn.

• Experience managing budgets, projects and people.
• Ability to develop relationships with clients and provide a high level of client service

What we offer you

At EY, we’ll fuel you and your extraordinary talents in a diverse and inclusive culture of globally connected teams. Learn .

• Career development: At EY, your career is yours to shape! We’ll develop you with future-focused skills and equip you with world-class experiences
• Flexible work arrangements: Our flexible work policies empower you to balance your professional and personal life, fostering a culture of trust and autonomy.
• A comprehensive benefits package : From a yearly wellness incentive, to access to additional 8 weeks of flex leave per year, and family-friendly policies, including 26 weeks of gender-neutral paid parental leave, we cater to your diverse needs to help you thrive both personally and professionally
• Salary: We offer a competitive salary which is open to negotiation pending on skills and experience.

Acknowledgement of Country

Our preferred applicant will be required to undertake employment screening by EY or our external third-party provider.

© 2025 Ernst & Young Australia. A member firm of Ernst & Young Global Limited. All Rights Reserved. Liability limited by a scheme approved under Professional Standards Legislation.

Join our EY Cyber Security team as a Senior SOC Analyst L2, where you will play a crucial role in assisting clients with the monitoring, investigation and response to security incidents.

Skills and attributes for success

• Effectively assess security incidents, determine their scope, and manage response efforts with efficiency and precision.
• Escalate incidents to appropriate authorities as necessary, while strictly adhering to established incident response protocols.
• Maintain a comprehensive awareness of the current threat landscape, including malware, phishing attacks, and advanced persistent threats (APTs).
• Provide guidance and leadership to the team during critical situations, ensuring effective decision-making and response.
• Exhibit excellent verbal and written communication skills for clear incident reporting and seamless team collaboration.
• Foster collaboration with cross-functional teams to enhance the overall security posture of the organization.
• Mentor and train junior analysts, sharing knowledge and best practices to strengthen team capabilities.
• Actively participate in post-incident reviews to identify lessons learned and recommend improvements to processes and technologies.

To qualify for the role, you must have

• A minimum of 4 years of experience in SOC operations, with a focus on investigation and incident response.
• Proficiency in SIEM tools such as Splunk, Microsoft Sentinel, Logscale, or similar platforms, along with a solid understanding of various log sources and their functions.
• Strong knowledge of Endpoint Detection and Response (EDR) and Network Detection and Response (NDR) technologies, including CrowdStrike, Microsoft Defender, XSIAM, Tanium, Sentinel One, Trellix, and others.
• Expertise in analyzing endpoint and network logs, as well as alerts from security tools such as EDR, operating systems, firewalls, Intrusion Prevention Systems (IPS), email security, Web Application Firewalls (WAF), proxies, authentication systems, and VPN logs.
• Ability to develop logic and SIEM queries to correlate diverse logs, enabling effective investigation of security alerts and incidents.
• Experience in developing SOC use cases, including the creation of new monitoring use case logic and presenting proposals to stakeholders.
• Proven experience in conducting investigations across various environments, including endpoints, networks, web applications, databases, and cloud resources.
• A solid understanding of recent vulnerabilities and attack vectors.
• Knowledge of Cyber Threat Intelligence, including the analysis of intelligence alerts, threat hunting, and providing actionable recommendations.

Ideally, you’ll also have

• Bachelor’s Degree relevant to Information Technology
• Related Certification such as CEH, CHFI, Sec+, ITILv3, GCFA, ECIH, GCIH, CySA+, etc

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

Apply now

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

• Design, implement, and configure security solutions for OT environments, including SCADA systems and Claroty platforms.
• Ensure that security solutions align with NIST CSF, ISA/IEC 62443, NIST SP 800-82, and other relevant frameworks.
• Lead the deployment of security platforms across OT environments, ensuring minimal disruption to operations.
• Collaborate with cross-functional teams to coordinate the roll-out of security solutions.
• Plan and execute the migration of existing security solutions to new platforms, ensuring data integrity and continuity of operations.
• Assess and mitigate risks associated with the migration process.
• Conduct security assessments and audits of OT systems to identify vulnerabilities and compliance gaps.
• Provide recommendations for remediation and improvement based on assessment findings
• Advocate for and assist in the implementation of Zero Trust principles within OT environments.
• Evaluate and recommend technologies and practices that support a Zero Trust security model.
• Work closely with IT and operations teams to ensure a cohesive approach to OT security.
• Provide technical guidance and support to operational teams regarding security best practices.
• Develop and maintain documentation related to security configurations, processes, and procedures.
• Prepare reports on security posture, incidents, and compliance for management and stakeholders.
• Participate in incident response planning and execution for OT security incidents.
• Collaborate with incident response teams to investigate and remediate security incidents.
• Stay current with emerging trends, threats, and technologies in OT security.
• Recommend and implement continuous improvement initiatives to enhance the security posture of OT systems.

• Bachelor’s degree in Cybersecurity, Information Technology, Engineering, or a related field. Master’s degree preferred.
• Minimum of 5 years of experience in OT security engineering, cybersecurity, or a related field.
• Hands-on experience with SCADA systems, Claroty platforms, and security frameworks such as NIST CSF, ISA/IEC 62443, and NIST SP 800-82.
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are preferred.
• Strong understanding of OT environments, including industrial control systems and network architectures.
• Proficiency in security tools and technologies used in OT environments, including firewalls, intrusion detection systems, and security information and event management (SIEM) solutions.
• Strong communication and interpersonal skills, with the ability to work collaboratively in a team environment.
• Detail-oriented with a strong commitment to quality and compliance.

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

• Participate, lead and execute the IT Risk and Assurance engagements
• Develop and maintain productive working relationships with client and onshore stakeholders
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
• Help prepare reports and schedules that will be delivered to clients and other parties
• Develop and maintain productive working relationships with client personnel
• Build strong internal relationships within Ernst & Young Services and with other services across the organization
• Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise

Maintain an educational program to continually develop personal skills of self and staff
Conduct performance reviews and contribute to performance feedback for staff

• B.E/B.Tech (CS/ IT, Electronics, Electronics & Telecommunications,)/MBA/M.Sc., Chartered Accountant and/or MBA with Finance/IT with at least 2-7 years of experience
• 2-7 years of professional experience in the areas of IT audits, ITGC, SOX / ICFR / IFC / SAS 70 / SSAE / SOC, IT Financial Audit and Business Automated Controls, IT Risk consulting or any other regulatory / compliance audits
• Expertise in pre and post implementation reviews and auditing configuration of major ERPs like SAP, Oracle, JDE, WorkDay, Netsuite, Navision etc.
• Expertise in performing infrastructure reviews pertaining to OS, DB and Active Directory such as Windows, UNIX, SQL, Mainframe, Oracle etc.
• Assist with the development of policies, procedures and standards that meet existing and newly developed policy and regulatory requirements
• Assist with facilitating IT security/risk training curriculum.
• Work closely with cross-functional teams and develop strong relationships as project lead within IT security and GRC projects.
• Stay current with and promote awareness of applicable regulatory standards, upstream risks and industry best practices across the enterprise
• Must have end-client facing experience• CISA, CISM, CRISC, ISO27001, Cloud and Data privacy certifications
• IT audit knowledge for a financial audit - Control frameworks such as COSO, related regulations including SOX and J-SOX
• Data analytics/automation tool – SQL, Monarch, BluePrism, Alteryx, PowerBI
• Familiarity with a typical IT systems development life cycle

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

• You will be responsible for overall client service quality delivery in accordance with EY quality guidelines & methodologies. You will need to manage accounts and relationships on a day-to-day basis and explore new business opportunities for the firm. Establishing, strengthening and nurturing relationships with clients (functional heads & key influencers) and internally across service lines and proactively will also be a part of your day-to-day activities. You will assist in developing new methodologies and internal initiatives, and help in creating a positive learning culture by coaching, counselling and developing junior team members.
• In line with EY’s commitment to quality, you’ll confirm that work is of the highest quality as per EY’s quality standards, by reviewing the work provided by junior members.
• Provide guidance and share knowledge with team members and participate in performing procedures focusing on complex, judgmental and/or specialized issues. Work with the team and the client to create plans for accomplishing engagement objectives and a strategy that complies with professional standards and addresses the risks inherent in the engagement
• Brief the engagement team on the client's environment and industry trends. Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client situations
• Use extensive knowledge of the client's business/industry to identify technological developments and evaluate impacts on the client's business. Demonstrate excellent project management skills, inspire teamwork and responsibility with engagement team members, and use current technology/tools to enhance the effectiveness of deliverables and services. Understand EY and its service lines and actively assess what the firm can deliver to serve clients
• Assist Partners & Senior Managers in driving the business development process on existing client engagements by gathering appropriate resources, gaining access to key contacts & supervising proposal preparation.
• Create innovative insights for clients, adapts methods & practices to fit operational team needs & contributes to thought leadership documents.
• Practice secondment for developing new methodologies.
• Facilitate discussions / knowledge sharing with key client personnel and contribute to EY thought leadership.
• Plan & schedule client engagements. Determine and deploy the right team with adequate skill sets for executing engagements and periodically review status of engagements and work products.
• Demonstrate strong project management skills
• Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel. Stay abreast of current business and economic developments and new pronouncements/standards relevant to the client's business.
• Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices)
• Review status updates and prepare management presentations
• Actively contribute to improving operational efficiency on projects & internal initiatives.

• Identify buyers, influencers & stakeholders in existing client engagements and build strong relationships.
• Display teamwork, integrity and leadership. Work with team members to set goals and responsibilities for specific engagements. Foster teamwork and innovation.

• Drive performance management for self and team.
• Driving the quality culture agenda at GDS
• Manage the performance management for the direct reports, as per the organization policies
• Training and mentoring of project resources
• Participating in the organization-wide people initiatives

• Strong understanding of Identity Access Management concepts
• Hands on experience in end-to-end implementation of any IAM tool.
• Should have completed at least 8 – 10 implementations
• Strong industry focus
• Hands-on Development experience on Provisioning Workflows, triggers, Rules and customizing the tool as per the requirements
• Strong understanding of Authentication and Authorization techniques
• Capability of understanding the business requirement and converting that into design
• Strong project management skills
• Advanced written and verbal communication skills and presentation skills
• Excellent leadership, teamwork and client service skills
• Demonstrated integrity within a professional environment
• Successful candidates must work in excess of standard hours when necessary. A valid passport is required
• Bachelor's Degree in IT/Computer Science or any related field / MBA with background in computer science and programming with at least 8 years of relevant experience

• Prior client-facing experience
• Hands-on java development and debugging experience
• Strong Understanding of Java API’s, libraries and methods
• Familiarity with any Java Framework (Struts/ Spring) is an additional advantage
• Should be capable of at dissecting large problems and designing modular, scalable solutions
• Should have good understanding of RDMS and SQL queries
• Exposure to Unix/Linux environments with knowledge of commands & shell scripting
• Good knowledge of information security and risk management concepts.
• Fair knowledge on information security standards and regulations.

You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:
• Support, coaching, and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that's right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Available Opportunities

See our current job openings below:

*Please refer to the links above to proceed with your application and disregard the “apply now” button below

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.