EY Digital Risk - Information Security Management Senior 

India, Kerala, Thiruvananthapuram 

424585155

Your key responsibilities

• Delivery of project with focus on quality and timeline. Also considering necessary actions to address client expectations
• Perform detailed information security, cybersecurity and IT security risk assessments
• Provide guidance on information security and risk management concepts, cyber governance and cloud security. (ISO 27001, ISO 31000, SANS, CSC NIST etc.)
• Do end to end implementation of ISMS frameworks for large enterprises in alignment with ISO and global standards.
• Developing policies, procedures and guidelines related to security and business continuity.
• Work on Security Governance, Operations and Audit, Information Security Controls, IT General Controls, Security Exception and Deviation, Vendor Security Management, QA/Compliance and Computer Systems Validation.
• Perform IT internal control testing, develop IT internal audit plans, conduct IT audit closure meetings and provide other IT internal audit services for the MENA stakeholders.
• Assess the client’s current state IT internal controls for the client's IT environment and identify IT risks and subsequent recommendations.
• Conduct internal audit, reviews, current state assessments and benchmarking on information security, cybersecurity and IT security
• Working with client personnel to analyse, evaluate and enhance information systems supporting the business processes, and assisting clients and other technology professionals in performing information technology control audits and information technology control implementation engagements

Skills and attributes for success

• Good understanding of ISO 27001
• Demonstrated ability to handle multiple tasks with shifting deadlines and priorities under limited supervision
• Demonstrated ability to interact effectively, internally and externally with all levels across the company including executive management.
• Knowledge of Network Operations Center (NOC)/Security Operations Center (SOC) operations, Cisco VPN/Security Management System IDS, VPN, Firewalls, Vulnerability assessment, Proxy, Mail Gateway, IPS, SIEM
• Understanding of cloud security standards (CSA), BYOD concepts, Technical security solutions, developing security dashboards etc
• Ability to drive effective discussion with senior management.
• Ability to conduct training for audience ranging from end user to top management
• Deliver project and ensure quality of deliverables
• Experience of working in any large IT/ITES or Financial or insurance industry would be advantage
• Knowledge of IT DR, security solutions would be an added advantage
• Understanding and knowledge of latest cyber developments

To qualify for the role, you must have

• A bachelor's or master's degree
• A minimum of 4-10 years of experience in Information Security/Cybersecurity consulting.
• Excellent communication skills with preferred team management role
• A valid passport for travel.

Ideally, you’ll also have

• MBA/ B Tech /B Sc (any stream)
• CISSP, CISA, CRISK, ISO 27001 LI/LA, CCSP, SANS/GIAC
• Privacy certifications (if any)

You get to work with inspiring and meaningful projects. Our focus is education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your own development with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer:

• Support, coaching and feedback from some of the most engaging colleagues around
• Opportunities to develop new skills and progress your career
• The freedom and flexibility to handle your role in a way that’s right for you

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.