EY NON FS THIRD-PARTY RISK MANAGEMENT CONSULTANT 

Philippines, Taguig 

451999599

Staff Cybersecurity Analyst

- 1-2 Years experience in Third Party Risk Management, Risk and Compliance and Information Security Management System.

Has knowledge and understanding with different international frameworks such as but not limited to ISO27001, SOC Audit Report (SOC 1 Type I, SOC 1 Type II, SOC 2 Type I, SOC 2 Type II and SOC 3), HIPAA, PCI-DSS, etc. that covers the following security domains.
1. Cybersecurity Program / Information Security Policy and Procedures
2. Cybersecurity Risk Management
3. Cybersecurity Threat Intelligence
4. Human Resource Security
5. Asset Management
6. Access Control
7. Physical & Environmental Security
8. Network and Communication Management (e.g. Network boundaries, Network & Security hardening, Encryption, Antivirus/Antimalware, Endpoint protection, Firewall, etc.)
9. Development or Enhancement of Technology Assets, Software Development Lifecycle and Change Management
10. Cybersecurity Operation (Vulnerability Management, Patch Management, Penetration Testing, Secure Logging & Monitoring, System Hardening Standards, etc.)
11. Cybersecurity Incident Management
12. Business Continuity, Disaster recovery, Backup and Recovery
13. Information classification and Information disposal and reuse, Data Protection, Data Privacy, Cloud Security, Encryption/Cryptographical controls, etc.
14. Sub-service Provider
15. Artificial Intelligence"

Requirements:

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.