EY Senior Manager - People Advisory Services Reward Zurich 

Switzerland, Zurich, Zurich 

615991384

To support the significant growth of our Technology Risk service in MENA, EY is looking to hire highly qualified resources. Specifically, as part of this job posting, we are looking for a Senior Consultant / Assistant Manager. Working across many different industries, this role will be responsible for executing and leading IT and cybersecurity projects. It is all about listening to our clients, asking the better questions, and supporting them in areas where there are no off-the-shelf solutions.

Your key responsibilities

An existing track record of successful engagement delivery in Technology Risk is expected of all candidates for this role. A Big 4 background or comparable consulting experience is highly advantageous. A broad background across IT and Cybersecurity is expected with specific experience in the following areas:

• Red-teaming and cyber-adversary simulations
• Purple Teaming; Phishing and social engineering
• Network infrastructure and cloud security assessment
• Web application security assessment
• Mobile application security assessment
• Wireless Assessment
• Conducting red/purple teaming exercises mapped to MITRE ATT&CK framework
• Experience in implementing and managing VM program and managed application security engagements for clients
• Extensive testing within Active Directory environments using various tools such as Empire, Metasploit, CrackMapexec, PowerView, Bloodhound and PowerSploit, Responder, Mimikatz etc.
• Network audit for both technical and design vulnerabilities
• Cloud penetration testing for Azure and AWS
• Web and mobile application testing for both technical and design vulnerabilities following OWASP methodology
• Cybersecurity readiness assessment and remediating the gaps/vulnerabilities.
• Creating minimum security baseline standards for network security devices, operating systems, databases, telecom devices
• Perform configuration audit for OS/DB and network devices based on CIS/NIST standards
• Exposure to SIEM, SOC monitoring, Compromise assessment Threat Hunting, Malware Analysis, etc.
• Exposure to tools like HELK, Detection Lab, Loki, Osquery, Sysmon, Sigma, YARA, Cuckoo Sandbox, etc.

Skills and attributes for success

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or in a related field.
• Relevant professional certifications Red Hat Linux, Offensive Security Certified Professional(OSCP), CCNA, CEH, ISO27001 are preferred.
• Minimum of 3 to 5 years of experience in IT audit, information security, or related fields.
• Strong knowledge of ITGC/ITAC, information security frameworks, and cybersecurity best practices.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and collaboratively within a team environment.