Expoint - all jobs in one place

Finding the best job has never been easier

Limitless High-tech career opportunities - Expoint

EY Cybersecurity Consultant- Governance Risk Compliance team 
Israel, Tel Aviv District, Tel Aviv-Yafo 
510497750

08.07.2024

About the Role:

As a Cybersecurity Consultant within our Governance, Risk, and Compliance (GRC) team, you will play a key role in shaping and enhancing our clients' cybersecurity posture.

Key Responsibilities:

Responsibilities will include to –

  • Serve as a trusted advisor, collaborating closely with clients to understand their unique challenges and providing expert guidance on cybersecurity and risk management.
  • Manage end-to-end delivery of client engagements, from scoping through execution.
  • Assist clients in developing / enhancing their cybersecurity strategies and multi-year implementation roadmaps, in alignment with their risk landscape.
  • Provide support in the design and implementation of cybersecurity governance frameworks and policies.
  • Conduct comprehensive risk assessments to identify and prioritize cyber risks and develop risk management strategies to mitigate risks effectively.
  • Assist clients in defining risk appetite and tolerance levels aligned to business objectives.
  • Conduct gap assessments to evaluate clients' compliance with relevant standards and frameworks and develop compliance strategies and roadmaps tailored to clients' needs.
  • Support clients in increasing their incident readiness with custom-tailored incident response plans / playbooks and the delivery of tabletop exercises and cyber simulations.
  • Support secure architecture and configuration review for network and security infrastructure and provide recommendations to meet evolving threats.
  • Collaborate on internal innovation initiatives, contribute to the development of new service offerings and the enhancement of existing service methodologies.

Your Experience:

  • You have at least 5 years’ experience working in cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management or technology management capacity.
  • You have working knowledge of general IT and business processes and familiarity with organizational technology landscapes.
  • Hands-on technology administration is not required, but sufficient familiarity to participate in technical discussions is critical.
  • You have a deep understanding of cyber risk assessment and risk management, and familiarity with cybersecurity- and privacy-related regulatory compliance requirements, industry standards and frameworks (NIST, PCI, ISO, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).
  • Preferred: You have demonstrated working knowledge of at least one of the following – SSDLC, secure architecture design, threat modelling, data privacy, AI security, cloud security.

Additional Skills:

  • You have strong analytical and critical reasoning skills, and the ability to analyze complex cybersecurity issues, identify root causes, and identify appropriate solutions.
  • You are self-motivated and an independent learner.
  • You have a strong ability to work collaboratively within a team and build relationships.
  • You are organized and proactive, with strong project management skills and a proven ability to manage concurrent projects and deliver results within budget and on time.
  • You have strong verbal and written communication skills (English and Hebrew) as well as report writing and presentation skills.
  • You are comfortable taking a client-facing role and can effectively convey technical concepts to non-technical stakeholders.
  • A bachelor’s degree in a relevant field and relevant industry certifications (e.g., CISSP, CISM, CRISC) are preferred qualifications; equivalent experience and industry-specific learning will be considered.