EY Senior Security Consultant - Azure Gov 

United States, New Jersey 

673397569

Your key responsibilities

• Contribute as a team member that focuses on the following responsibilities:
• Define security architectures and provide pragmatic security guidance that balance business benefit and risks.
• Engage IT project teams throughout the SDLC to identify and prioritize applicable security controls and provide guidance on how to implement these controls
• Perform risk assessments of information systems and infrastructure
• Maintain and enhance the Information Security risk assessment methodology
• Define security configuration standards for platforms and technologies
• Develop appropriate risk treatment and mitigation options to address security risks identified during security review or audit
• Translate technical vulnerabilities into business risk terminology for business units and recommend corrective actions to customers and project stake-holders
• Provide knowledge sharing and technical assistance to other team members
• Act as Subject Matter Expert (SME) in responsible technologies and have deep technical understanding of responsible portfolios

Skills and attributes for success

• Strong leadership and organizational skills
• Strategic skills to assist with the development of a long-term vision for the firms risk management security framework & approach
• Ability to appropriately balance firm security needs with business impact & benefit
• Ability to facilitate compromise to incrementally advance security strategy and objectives
• An overall understanding of the business objectives of EY with an ability to build relationships across EY IT
• Ability to team well with others to facilitate and enhance the understanding & compliance to security policies
• Experience facilitating meetings with multiple customers and technical staff, including building consensus and mediating compromise
• High degree of tolerance for ambiguity
• Five or more years Working experience with the architecture, design and engineering of web-based multi-tier information systems or network infrastructures
• Experience with security architecture, design and assessment of messaging, ERP, CRM and or data analytics solutions
• Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
• Experience working with common information security standards, such as: ISO 27001/27002, NIST, PCI DSS, ITIL, COBIT
• Willingness to obtain a top secret security clearance

To qualify for the role you must have

• Five or more years of experience in the management of a significant Information Security risk management function
• 8 or more years of experience in an Information Security or Information Technology discipline
• Experience in managing the communication of security findings and recommendations to IT project teams and management

Ideally, you’ll also have

• Exceptional judgment, tact, and decision-making ability
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
• Outstanding management, interpersonal, communication, organizational, and decision-making skills
• Strong English language skills are required
• Candidates are preferred to hold or be actively pursuing related professional certifications within the GIAC family of certifications or CISSP, CISM or CISA

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.