EY Risk Adv- Tech Con- Cyber Security- 

United States, New York, New York 

912738344

Risk Advisor, Technology Consulting - Cyber Security (Cyber Threat Management-Vulnerability ID) (Manager)(Multiple Positions), Ernst & Young U.S. LLP, New York, NY.

Provide advisory services on technology risk and security to help clients protect themselves against cyber attacks. Define technical and business requirements for Threat and Vulnerability management solutions and business process and policies related to controlling access to systems and applications. Develop cyber threat and vulnerability management strategies relating to application penetration testing and application source code review. Perform vulnerability and attack and penetration assessments in Internet, Intranet, and Wireless environments. Enable enterprise clients to make better security and risk decisions, and reduce the cost of managing overall security risk. Work with clients to deliver sustainable, measurable results in transforming information security programs, identifying and responding to cyber threats, managing identity and access effectively and efficiently, and/or mitigating the risk of information loss and addressing privacy regulations. Help enterprises build cyber security models to protect company data against cyber threats. Confer with clients to discuss issues such as computer data access needs, security violations, and programming changes.

Full time employment, Monday – Friday, 40 hours per week, 8:30 am – 5:30 pm.

MINIMUM REQUIREMENTS:

Must have a Bachelor’s degree in Management Information Systems (MIS), Computer Science, Engineering, Business, Accounting, Finance or a related field and 5 years of progressive, post-baccalaureate advisory and/or systems integration work experience. Alternatively, will accept a Master’s degree in Management Information Systems (MIS), Computer Science, Engineering, Business, Accounting, Finance or a related field and 4 years of advisory and/or systems integration work experience.Must have 4 years of experience working in Security, IT Management and/or Enterprise Resource Planning (ERP).Must have 4 years of experience in Network Attack and Penetration testing; Security Testing of Web-based applications; and/or Application Security Code Assessments.Must have 4 years of experience in at least two of the following:
- UNIX, NT, Networking and Wireless Security, and/or TCP/IP Networking.
- Java, C, C++, CH, ASP.NET, and/or .NET programming languages.
- Manual Attack and Penetration Testing without use of automated tools.
- Application development, including custom scripts or programs used for port scanning and vulnerability identification (including Python, PowerShell, Java, and/or Perl).
- Working with web-based application vulnerabilities.Must have 2 years of experience leading teams of Cyber Security advisory/consulting professionals.Must be eligible to obtain a professional certification including CIPP, CIPT, CISA, CISM, CISSP, CRISC, PMP or other related certification within one year of hire.Employer will accept any suitable combination of education, training or experience.

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.