EY Cloud Security Manager - DevSecOps 

Poland, Lower Silesian Voivodeship 

522989598

Cloud Security Manager - DevSecOps

As part of our EY Cyber security, Technology Consulting team, your role will be to actively establish, maintain and strengthen internal and external relationships. You will be responsible for delivery and maintaining quality of services and deliverables on your engagements. You’ll also identify potential business opportunities for EY and GDS within existing engagements and escalate these as appropriate. Similarly, you’ll anticipate and identify risks within engagements and share any issues with senior members of the team.

DevSecOps and Cloud Security are the competencies within EY GDS Cyber Security AEET (Architecture, Engineering and Emerging Technologies) practice with the following key offerings:

• Leading or participating on designing, developing and testing IaC solutions focused on Security IaaS and PaaS solutions for on-prem or Cloud platforms
• Designing and implementing DevSecOps tests: SCA, SAST, DAST
• Supporting DevOps operations by integrating developed SCA, SAST and DAST tests into CI/CD pipeline builds
• Creating and writing code in Terraform (for Cloud-based services)
• Creating and managing CI/CD pipelines using Azure DevOps, GitHub or GitLab solutions
• Continuous Integration & Continuous Deployment with Security mindset and focus.
• Leveraging DevSecOps principles, designs and implementing Security solutions based on these
• Performing DevSecOps maturity assessments
• Working as security champion for application development teams

Skills and attributes for success

• Experience of working in an Agile Development Environment
• Problem solving and troubleshooting with eye for details
• Strong communication and presentation skills
• Ability to work in both collaborative and independent work environments
• Proven ability to work as DevOps / DevSecOps Engineer on projects
• Excellent command over English (written and spoken)
• Strong Cloud knowledge, especially for DevOps and Infrastructure as Code (IaC)
• Strong CI/CD knowledge including Terraform and Ansible
• Strong Kubernetes knowledge
• Strong GIT knowledge

To qualify for the role, you must have

• Diploma or Degree in Computer Science, Software Engineering or related discipline
• 8+ years’ of overall experience with at least 3+ years of security experience
• Strong technical knowledge of Microservice oriented solutions, APIs, and Kubernetes
• Azure AD and common Cloud authentication patterns
• Cloud/DevOps Certification (MS Azure/AWS/GCP)

What we offer

EY Global Delivery Services (GDS) is a dynamic and truly global delivery network. We work across ten locations – Argentina, China, Hungary, India, the Philippines, Poland, Sri Lanka, Mexico, Spain and the United Kingdom – and with teams from all EY service lines, geographies and sectors, playing a vital role in the delivery of the EY growth strategy. From accountants to coders to advisory consultants, we offer a wide variety of fulfilling career opportunities that span all business disciplines. In GDS, you will collaborate with EY teams on exciting projects and work with well-known brands from across the globe. We’ll introduce you to an ever-expanding ecosystem of people, learning, skills and insights that will stay with you throughout your career.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

In compliance with the requirements of the Whistleblower Protection Act, our company has established the Procedure for reporting breaches of law and undertaking appropriate follow-up actions.